Report - majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html

Report Overview

Submitted URL
majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2022-12-06 02:14:39
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
majalahmiliter.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	26 kB	172.217.21.161
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	158 kB	172.217.21.162
www.gmodules.com	209139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	806 B	1.1 kB	216.58.207.193
3.bp.blogspot.com	11048	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	1.2 kB	142.250.74.161
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.0 kB	142.250.74.131
1.1.1.5	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	5.1 kB	1.1.1.5
2.bp.blogspot.com	11071	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.3 kB	142.250.74.161
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	833 B	142.250.74.162
1.bp.blogspot.com	8403	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.1 kB	142.250.74.161
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	922 B	81 kB	142.250.74.78
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
partner.googleadservices.com	798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	913 B	142.250.74.34
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	1.1 kB	142.250.74.162
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	779 B	142.250.74.2
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.blogger.com	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	68 kB	216.58.207.233
bdv.bidvertiser.com	289264	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	24 kB	54.241.51.109
4.bp.blogspot.com	11215	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	698 B	142.250.74.161
d2b9l3u54v5v39.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	948 B	6.9 kB	54.230.245.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	Phishing
2022-12-06	medium	majalahmiliter.blogspot.com/js/cookienotice.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	1.1.1.5	Sinkholed
2022-12-06	medium	1.1.1.5	Sinkholed

JavaScript (31)

	URL	Size	First Seen	Last Seen
	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	302 B	2023-03-07	2024-04-19
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 11:04:38 Times Seen28606 Hash 5a9442d8fb9a2077b3ebaf7aa6f763fb 1ad7b70635d1b80ddf645acb12b5f17e0ecf0c99 0665437bacd7ab06df7300ed254eac6729ed5e062da4cfb3895416289cfc647a Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	129 kB	2023-03-08	2023-11-05
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-11-05 00:33:19 Times Seen5 Hash ebaa2506c5b4b13ecfc737a1e3b7eb3d e75a7603d9e5016c0c774ab99d5c0b9b756e1a03 9e6d60f06b6332ed1831d9d501e602656f3c884480c6d7034542866281ea3086 Loading...

	adservice.google.no/adsid/integrator.js?domain=majalahmiliter.blogspot.com	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=majalahmiliter.blogspot.com IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	bdv.bidvertiser.com/BidVertiser.dbm?pid=196512&bid=478910&RD=8322688053259&DIF=1&bd_ref_v=majalahmiliter.blogspot.com&tref=1&win_name=null&docref=&jsrand=8322688053259&js1loc=-&loctitle=%20majalah%20militer%3A%20Hamas%3A%20Israelis%20walking	417 B	2023-03-08	2023-03-12
Pretty URL bdv.bidvertiser.com/BidVertiser.dbm?pid=196512&bid=478910&RD=8322688053259&DIF=1&bd_ref_v=majalahmiliter.blogspot.com&tref=1&win_name=null&docref=&jsrand=8322688053259&js1loc=-&loctitle=%20majalah%20militer%3A%20Hamas%3A%20Israelis%20walking IP 54.241.51.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:54:21 Last Seen2023-03-12 11:43:58 Times Seen1 Hash 41d4f7b900090336284c3c888dd340ed f145a587162a496d21c11fe599d78c0c27e26475 c48cf7dc731d01e6c0125631c3e9f25c025acdddc875833c7f0f2678d02baab3 Loading...

	bdv.bidvertiser.com/BidVertiser.dbm?pid=196512%26bid=478910	9.0 kB	2023-03-08	2023-04-05
Pretty URL bdv.bidvertiser.com/BidVertiser.dbm?pid=196512%26bid=478910 IP 54.241.51.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:33 Last Seen2023-04-05 02:07:26 Times Seen129 Hash 0d489677aaa27440619b64706f2cafe9 b87bf2207059e1db5a939e804c7e586e7b8ad125 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539 Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	426 B	2023-03-07	2024-02-15
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:25 Last Seen2024-02-15 02:48:11 Times Seen22 Hash 532c2e1cdf7022f07213ad4749fb3da1 aa1528ef8abb8da0b9830e28d2a780f5a52a22ee 533a197cec14e1bc3636a9be25490c53c2b8f11a51e2725a1ccf50c14621e390 Loading...

	www.blogger.com/navbar.g?targetBlogID=876572868659506492&blogName=majalah+militer&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=SILVER&layoutType=LAYOUTS&searchRoot=https://majalahmiliter.blogspot.com/search&blogLocale=en&v=2&homepageUrl=majalahmiliter.blogspot.com/&targetPostID=5793105816122088460&blogPostOrPageUrl=majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html&vt=-8077750239747498741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fmajalahmiliter.blogspot.com&pfname=&rpctoken=19985661	471 B	2023-03-07	2023-04-05
Pretty URL www.blogger.com/navbar.g?targetBlogID=876572868659506492&blogName=majalah+militer&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=SILVER&layoutType=LAYOUTS&searchRoot=https://majalahmiliter.blogspot.com/search&blogLocale=en&v=2&homepageUrl=majalahmiliter.blogspot.com/&targetPostID=5793105816122088460&blogPostOrPageUrl=majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html&vt=-8077750239747498741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fmajalahmiliter.blogspot.com&pfname=&rpctoken=19985661 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-04-05 02:12:11 Times Seen6549 Hash 817a2f878be59f132a6d67ba3dc44c12 74fa163d8e9121fc4be1b4b05974f7f08ac90267 7f417083e329ac4c097585dbe92c0de4527419243615b5a0c4245704cd09ccfc Loading...

	majalahmiliter.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-19
Pretty URL majalahmiliter.blogspot.com/js/cookienotice.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-19 11:06:16 Times Seen112989 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	pagead2.googlesyndication.com/pagead/show_ads.js	100 kB	2023-03-08	2023-03-08
Pretty URL pagead2.googlesyndication.com/pagead/show_ads.js IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:57 Last Seen2023-03-08 19:59:57 Times Seen1 Hash fb3cf84c25b009d8c354285fd143dd2d 6838e4f8f81148c71c17a87b1b8fad1e1d179072 f520807f57936806c8451ff9f9542d1efeda30ecfedda49accc7bab69465c199 Loading...

	apis.google.com/js/platform.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:23 Last Seen2023-03-17 23:35:13 Times Seen1 Hash 82b37d5e95d1e985a554cf000e9bb15c 8973b2e12ea8de1b8a14c8b7ea3be6c1c25eae07 4c6520efed0ab3222ea84da3fb4d6cdc929353fdfa0ac12422253be3ffcf525a Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	269 B	2023-03-07	2024-04-19
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 11:04:38 Times Seen27923 Hash 6e880fa46f41c3a142b32e22ca7c06a0 cb7725608bf21d4a5fab1e9050328ab9b024d285 95df5b72788a5634d46797321652a339cd37eeba06d33166541e76a0deb42b61 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	176 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-03-17 23:14:57 Times Seen1 Hash 56e3c588ced8ba4b5f2fc17026a9d57e 85f89594b97d49984b826d511fb82271bfddb85b b1370ea109344f61415c6a6414837fd2089a02bcd1d6bc88fad765fe7640541a Loading...

	apis.google.com/js/platform:gapi.iframes.style.common.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform:gapi.iframes.style.common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-03-17 23:14:57 Times Seen1 Hash 0f33e12fa3290716d243f3162bb63cb0 32f9b00bfd7449ebd5382871d1c083db9c1b2b95 82c53629d9ff53cc334633ac037d1dc1f843008d6e1347ce784b9f255bacb42f Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=majalahmiliter.blogspot.com&callback=_gfp_s_&client=ca-pub-3784104995056280&gpid_exp=1	391 B	2023-03-08	2023-03-08
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=majalahmiliter.blogspot.com&callback=_gfp_s_&client=ca-pub-3784104995056280&gpid_exp=1 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:57 Last Seen2023-03-08 19:59:57 Times Seen1 Hash 6a35ee0c789fa5990bb3e52f6c45f8ab e36f3488081ee86b4c11cf8312ab6cc5399ffb14 88c69d0bf60198c58d0d1d42a68c496767a1d6c205a1c4c2147014c11358e577 Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	275 B	2023-03-07	2024-04-19
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-19 11:06:15 Times Seen57160 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 11:25:34 Times Seen36957124 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	853 B	2023-03-08	2023-03-08
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:57 Last Seen2023-03-08 19:59:57 Times Seen1 Hash 133d92ea3c58ceef6be068a60f3add42 2e2721ef09aa1fd4bcd693a94177cf24a633fac0 8c23623cf79a862cefef5e812587ce4e2a29863fafe3b4bcbfd4261cdc559939 Loading...

	pagead2.googlesyndication.com/pagead/js/google_top_exp.js	47 B	2023-03-07	2024-04-19
Pretty URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 11:04:39 Times Seen47783 Hash 7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	171 B	2023-03-07	2023-04-06
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:25 Last Seen2023-04-06 23:42:25 Times Seen7 Hash abb26cc06ef54b003b511277e9c5b901 595aa4ed74eead74bb80349adff22aa0d2a4609c 517b7e3467ba7107f7c8ac427c4b745b7d4c231ef8fb71a52cfb28c374634681 Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	236 B	2023-03-07	2023-04-06
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:25 Last Seen2023-04-06 23:42:25 Times Seen7 Hash 547d5531b7667491ccaf378b5cd7927f ca48de559929bce9b0b56a949dab92e15a5664f1 14b05c375422609418c6e4436ab3d8fc14264f8328f4e1bf8ea9571a1175502e Loading...

	majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html	289 B	2023-03-07	2023-04-06
Pretty URL majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:25 Last Seen2023-04-06 23:42:25 Times Seen7 Hash 2f353df626f9f24798e8f4319053d895 0bcb7868259de97a13f2b0121f0b299f32de9533 035a55e0ea98312502b8b4b2ff8d98364a12a759cd93fc27566642e37e0b7bca Loading...

	www.blogger.com/navbar.g?targetBlogID=876572868659506492&blogName=majalah+militer&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=SILVER&layoutType=LAYOUTS&searchRoot=https://majalahmiliter.blogspot.com/search&blogLocale=en&v=2&homepageUrl=majalahmiliter.blogspot.com/&targetPostID=5793105816122088460&blogPostOrPageUrl=majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html&vt=-8077750239747498741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fmajalahmiliter.blogspot.com&pfname=&rpctoken=19985661	184 B	2023-03-07	2023-04-05
Pretty URL www.blogger.com/navbar.g?targetBlogID=876572868659506492&blogName=majalah+militer&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=SILVER&layoutType=LAYOUTS&searchRoot=https://majalahmiliter.blogspot.com/search&blogLocale=en&v=2&homepageUrl=majalahmiliter.blogspot.com/&targetPostID=5793105816122088460&blogPostOrPageUrl=majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html&vt=-8077750239747498741&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fmajalahmiliter.blogspot.com&pfname=&rpctoken=19985661 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-04-05 02:12:11 Times Seen6539 Hash 55222ba6bc3c6d1b4e917bf57803f724 41907640a176f6c9e549bfd1e1bacaa29a302475 3cb3e98d555f2381f9ef9439a915bd523225a0fd1cb4303f2c676da5494e1428 Loading...

	d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js	1.2 kB	2023-03-08	2023-04-05
Pretty URL d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js IP 54.230.245.28 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:54:21 Last Seen2023-04-05 02:07:26 Times Seen82 Hash 263303c015aaddbd3c417327b3b50823 c5c4f7ec9f5c1a2cfafad6b5810ed0da2080d3cb 871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d5358c4da5ae00f7ea864134e9694dda	30 B	2023-03-08	2023-04-02
Pretty Observations First Seen2023-03-08 14:54:21 Last Seen2023-04-02 21:13:10 Times Seen4 Hash d5358c4da5ae00f7ea864134e9694dda 65abd17ad1778a5c0330235014011e96c44a1143 780a8838d732ebbd33279f42a12ac1f669718bfc52977d8151addbf7fa6467ce Loading...

	#2 Eval - 3a134e7bad797f43e55daac27f4272f8	32 B	2023-03-08	2023-04-02
Pretty Observations First Seen2023-03-08 14:54:21 Last Seen2023-04-02 21:13:10 Times Seen4 Hash 3a134e7bad797f43e55daac27f4272f8 9158fdd8e2eff015e2a985429200107038469b30 45f1005d5cc22c50a844a97dfcb114c7162be694173ed532e3ccba7c2f892bbc Loading...

	#3 Eval - a9f4f4cf3baf6ec172700aeb4421efae	20 B	2023-03-08	2023-04-02
Pretty Observations First Seen2023-03-08 14:54:21 Last Seen2023-04-02 21:13:10 Times Seen4 Hash a9f4f4cf3baf6ec172700aeb4421efae 78878742ae27dba8757c51d7cfd45ea585daca7a 531fea69cb6846e33bb7097fd08cb2be6bb31b95526ed117badb13f338dec91d Loading...

	#4 Eval - 117c90b36d61807dad12302fa6d2c961	30 B	2023-03-08	2023-04-02
Pretty Observations First Seen2023-03-08 14:54:21 Last Seen2023-04-02 21:13:10 Times Seen4 Hash 117c90b36d61807dad12302fa6d2c961 2932b4c0d1d65e84da88879886367f3c4f2745ba 52dde0f978b8687bc6a137f95bc1b7b5e140e0093c02366cac69880322ec1151 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9498916d4992c39871e68e2aaf6fb7ae	7 B	2023-03-07	2024-04-13
Pretty Observations First Seen2023-03-07 01:39:25 Last Seen2024-04-13 12:56:06 Times Seen53 Hash 9498916d4992c39871e68e2aaf6fb7ae 84eef07bb1c3b5c26fe911b829bf16be4a48c0c9 61ec816d908fc16288ab3681498932d3e147ae097e2f66e3634ae0ac7eb5ac92 Loading...

	#2 Write - e26e533209c504d00682ab1c5fe82e50	208 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:59:57 Last Seen2023-03-08 19:59:57 Times Seen1 Hash e26e533209c504d00682ab1c5fe82e50 037f6cf10d94211648605334bbd26eb073f9170f 87bc5578538fa871acb6d8b283f750638e2a4f47a4bf77d6c43781bf24175ab6 Loading...

	#3 Write - 68d697620feec812e4210f2304f1b940	9 B	2023-03-07	2024-04-13
Pretty Observations First Seen2023-03-07 01:39:25 Last Seen2024-04-13 12:56:06 Times Seen57 Hash 68d697620feec812e4210f2304f1b940 eb73c733abef46086ee45f18c78bb0fc0a69240b 4c16ad5e6402b64a26eb80358b4e7c3202866f7959867345c97facf53c6acad6 Loading...

	#4 Write - 8f37fa7b958302ff21935666a63660ac	208 B	2023-03-07	2023-04-06
Pretty Observations First Seen2023-03-07 01:41:58 Last Seen2023-04-06 23:42:25 Times Seen7 Hash 8f37fa7b958302ff21935666a63660ac 8ade80d908e5603ef3011d59b99f4c1b8c838399 ec9ebe22e4b9bd4da3f2bcfc9c34c0b578c38bdeb5c5dc74bfdf8680c8bc8f90 Loading...

HTTP Transactions (61)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2593
Cache-Control: max-age=118804
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:28 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:14:32 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 01:18:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3355
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 02:11:20 GMT
cache-control: public,max-age=3600
age: 188
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2546
Cache-Control: max-age=113690
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:28 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:49:18 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html

172.217.21.161

200 OK

22 kB

URL HTTP/1.1
majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1965)
Size
22 kB (21573 bytes)
Hash
6bab44f2c217bbff7f8212616568a4ce
5dcd0e292b5189131e8756b980ce0c2150ca261c
bc325ede05702b432323ad7b24b456dbef88f151b22cfc14a21531ac1066e3ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /2009/01/hamas-israelis-walking-into-our-traps.html HTTP/1.1
Host: majalahmiliter.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 06 Dec 2022 02:14:28 GMT
Date: Tue, 06 Dec 2022 02:14:28 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 04:19:38 GMT
ETag: W/"63755b416ba64133dfbad275626cae5e6d390d159b8bdf11dadb313bf080074d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 21573
Server: GSE

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2880
Expires: Tue, 06 Dec 2022 03:02:28 GMT
Date: Tue, 06 Dec 2022 02:14:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9062
Expires: Tue, 06 Dec 2022 04:45:30 GMT
Date: Tue, 06 Dec 2022 02:14:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: sPT9HDa1ZBoUCBR6he3jtvRfa+hXA7jykq9jvPWyWR5CiAro9FivKTkPHRH2GkJ1usM/BC0mE/s=
x-amz-request-id: KS84VF9ZAJYWMBGA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 01:48:44 GMT
age: 1544
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

majalahmiliter.blogspot.com/js/cookienotice.js

172.217.21.161

200 OK

2.0 kB

URL HTTP/1.1
majalahmiliter.blogspot.com/js/cookienotice.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: majalahmiliter.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Tue, 06 Dec 2022 02:14:28 GMT
Expires: Tue, 13 Dec 2022 02:14:28 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 23:52:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/show_ads.js

172.217.21.162

200 OK

36 kB

URL HTTP/1.1
pagead2.googlesyndication.com/pagead/show_ads.js
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3577)
Size
36 kB (36120 bytes)
Hash
ac19fa96da8630adbaf30a5d7babcadf
e20af75095a5738c5ba2a38e7289b76f3832a2d4
a3f3c785524d60c3ed6572a3f7d90401149a6cebb72df57b4b215bfaa5ffdceb

HTTP Headers

GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Tue, 06 Dec 2022 02:14:28 GMT
Expires: Tue, 06 Dec 2022 02:14:28 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 14396374265870607746
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36120
X-XSS-Protection: 0

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

216.58.207.233

200 OK

6.6 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30596)
Size
6.6 kB (6620 bytes)
Hash
6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f

HTTP Headers

GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:01:43 GMT
expires: Wed, 29 Nov 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/css
age: 562365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1e5e51fbc58282a2410de240a13bac3d
03e7151c23e4ed5efc5a4415fc5dcb01f0d5e019
ad20d69cf3f84ec6bee56a570acbce60d0ade6bdf201397a1de2417fed11b3fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.1.1.5/bmi/dover.idf.il/NR/rdonlyres/C57DD14B-B26D-4C4A-93C0-3DBF975DCC33/0/dotz05030705SMALL.jpg

1.1.1.5

403 Forbidden

2.1 kB

URL HTTP/1.1
1.1.1.5/bmi/dover.idf.il/NR/rdonlyres/C57DD14B-B26D-4C4A-93C0-3DBF975DCC33/0/dotz05030705SMALL.jpg
IP
1.1.1.5:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
2.1 kB (2099 bytes)
Hash
29641d897d43bd197ab12726bdcee7c9
ef6a965ff9d4274ff54607bfa35ac111e9b28106
14f78fb7cf237a8473315ddb6ec53fe257557d885b1e6cd6f16fb7be2285bb24

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /bmi/dover.idf.il/NR/rdonlyres/C57DD14B-B26D-4C4A-93C0-3DBF975DCC33/0/dotz05030705SMALL.jpg HTTP/1.1
Host: 1.1.1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 403 Forbidden
Date: Tue, 06 Dec 2022 02:14:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7751821efb86b518-OSL
Content-Encoding: gzip

www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=en&w=140&h=60&title=&border=&output=js

216.58.207.193

404 Not Found

117 B

URL HTTP/1.1
www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=en&w=140&h=60&title=&border=&output=js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
117 B (117 bytes)
Hash
50e010e6df7baa397fb4070b6553cff8
fe7f8b322f493e27d54136a1d3d562d8c2afbab7
e69da6f4387d34867cfdf001ad4ede46f8e78ddd3d4cceb1535b7cf6f3c84932

HTTP Headers

GET /ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=en&w=140&h=60&title=&border=&output=js HTTP/1.1
Host: www.gmodules.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 06 Dec 2022 02:14:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 117
Server: GSE

3.bp.blogspot.com/_P9euH0y0ajc/S6qy2W6l9FI/AAAAAAAAAJU/GJfMET0JtVA/s1600/rss.png

142.250.74.161

200 OK

713 B

URL HTTP/1.1
3.bp.blogspot.com/_P9euH0y0ajc/S6qy2W6l9FI/AAAAAAAAAJU/GJfMET0JtVA/s1600/rss.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
713 B (713 bytes)
Hash
9612988a382bead5178136202de6c4eb
935b3b45d1f01b142d07822665cde3773d3b2ba6
6867e4f803b82a8db42193a99e85dd7c768b42fb05ce69d379a202eb1b6582ba

HTTP Headers

GET /_P9euH0y0ajc/S6qy2W6l9FI/AAAAAAAAAJU/GJfMET0JtVA/s1600/rss.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rss.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 713
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 02:14:28 GMT
Expires: Sun, 04 Dec 2022 03:17:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v95"
Content-Type: image/png
Age: 0

1.bp.blogspot.com/_P9euH0y0ajc/S6qy2GA8dsI/AAAAAAAAAJM/7o_j8f1hBy4/s1600/date.png

142.250.74.161

200 OK

641 B

URL HTTP/1.1
1.bp.blogspot.com/_P9euH0y0ajc/S6qy2GA8dsI/AAAAAAAAAJM/7o_j8f1hBy4/s1600/date.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
641 B (641 bytes)
Hash
e0bbc640485317fcb28443af42aceb57
a4e54082f2fdfae2bf4e6bed20f8a697760e8885
1c015d9812b5fb20146bcd98b65379e01d24bf32f75b59bef53efec1516b0b7a

HTTP Headers

GET /_P9euH0y0ajc/S6qy2GA8dsI/AAAAAAAAAJM/7o_j8f1hBy4/s1600/date.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="date.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 641
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 02:14:28 GMT
Expires: Sun, 04 Dec 2022 02:43:10 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v93"
Content-Type: image/png
Age: 0

2.bp.blogspot.com/_P9euH0y0ajc/S6qy1DaBDZI/AAAAAAAAAI0/qQHXuWZVj-4/s1600/user.png

142.250.74.161

200 OK

834 B

URL HTTP/1.1
2.bp.blogspot.com/_P9euH0y0ajc/S6qy1DaBDZI/AAAAAAAAAI0/qQHXuWZVj-4/s1600/user.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
834 B (834 bytes)
Hash
c1d790d51b1e3880becf06359bb325c7
53e2f32af5c700198dd31ce3fd92af82fc65f4f3
16a8adf656f785ffff0229e8cfeb311d0122e7e8350a2af88307485adaa75960

HTTP Headers

GET /_P9euH0y0ajc/S6qy1DaBDZI/AAAAAAAAAI0/qQHXuWZVj-4/s1600/user.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="user.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 834
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 02:14:28 GMT
Expires: Sun, 04 Dec 2022 03:17:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8d"
Content-Type: image/png
Age: 0

www.blogger.com/img/icon18_email.gif

216.58.207.233

200 OK

164 B

URL HTTP/1.1
www.blogger.com/img/icon18_email.gif
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 13\012- data
Size
164 B (164 bytes)
Hash
36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

HTTP Headers

GET /img/icon18_email.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 08:34:01 GMT
Expires: Tue, 06 Dec 2022 08:34:01 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 01:54:20 GMT
Content-Type: image/gif
Age: 582027

www.blogger.com/static/v1/widgets/2342155703-widgets.js

216.58.207.233

200 OK

57 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
57 kB (56726 bytes)
Hash
1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b

HTTP Headers

GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 592259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

apis.google.com/js/platform.js

142.250.74.78

200 OK

21 kB

URL HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20984 bytes)
Hash
7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Tue, 06 Dec 2022 02:14:28 GMT
expires: Tue, 06 Dec 2022 02:14:28 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.blogger.com/img/icon18_edit_allbkg.gif

216.58.207.233

200 OK

162 B

URL HTTP/1.1
www.blogger.com/img/icon18_edit_allbkg.gif
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18\012- data
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:49:01 GMT
Expires: Tue, 06 Dec 2022 18:49:01 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 28 Nov 2022 19:53:31 GMT
Content-Type: image/gif
Age: 545127

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 02:14:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/google_top_exp.js

172.217.21.162

200 OK

67 B

URL HTTP/1.1
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
67 B (67 bytes)
Hash
9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 12:25:29 GMT
Expires: Mon, 19 Dec 2022 12:25:29 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 49740

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

58 kB

URL HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (580)
Size
58 kB (57794 bytes)
Hash
813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:44:06 GMT
expires: Wed, 29 Nov 2023 13:44:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 563423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bdv.bidvertiser.com/BidVertiser.dbm?pid=196512%26bid=478910

54.241.51.109

200 OK

9.0 kB

URL HTTP/1.1
bdv.bidvertiser.com/BidVertiser.dbm?pid=196512%26bid=478910
IP
54.241.51.109:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
9.0 kB (9014 bytes)
Hash
0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

HTTP Headers

GET /BidVertiser.dbm?pid=196512%26bid=478910 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014

bdv.bidvertiser.com/BidVertiser.dbm?pid=196512%26bid=478886

54.241.51.109

200 OK

9.0 kB

URL HTTP/1.1
bdv.bidvertiser.com/BidVertiser.dbm?pid=196512%26bid=478886
IP
54.241.51.109:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
9.0 kB (9014 bytes)
Hash
0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

HTTP Headers

GET /BidVertiser.dbm?pid=196512%26bid=478886 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014

1.1.1.5/bmi/dover.idf.il/NR/rdonlyres/C57DD14B-B26D-4C4A-93C0-3DBF975DCC33/0/dotz05030705SMALL.jpg

1.1.1.5

403 Forbidden

2.1 kB

URL HTTP/1.1
1.1.1.5/bmi/dover.idf.il/NR/rdonlyres/C57DD14B-B26D-4C4A-93C0-3DBF975DCC33/0/dotz05030705SMALL.jpg
IP
1.1.1.5:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Size
2.1 kB (2099 bytes)
Hash
8ac3ae16165e2aa3e57abc6a0dbd870a
cb2a0b667b877739b7bc83246aafa6edfe6d587c
d69d1bcd7bab07c62664ebef1b7745c85bd020d56dedcda948ca87aef75c8623

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /bmi/dover.idf.il/NR/rdonlyres/C57DD14B-B26D-4C4A-93C0-3DBF975DCC33/0/dotz05030705SMALL.jpg HTTP/1.1
Host: 1.1.1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 403 Forbidden
Date: Tue, 06 Dec 2022 02:14:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77518220dc5ab51b-OSL
Content-Encoding: gzip

www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=en&w=140&h=60&title=&border=&output=js

216.58.207.193

404 Not Found

117 B

URL HTTP/1.1
www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=en&w=140&h=60&title=&border=&output=js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
117 B (117 bytes)
Hash
50e010e6df7baa397fb4070b6553cff8
fe7f8b322f493e27d54136a1d3d562d8c2afbab7
e69da6f4387d34867cfdf001ad4ede46f8e78ddd3d4cceb1535b7cf6f3c84932

HTTP Headers

GET /ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=en&w=140&h=60&title=&border=&output=js HTTP/1.1
Host: www.gmodules.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 06 Dec 2022 02:14:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 117
Server: GSE

4.bp.blogspot.com/_P9euH0y0ajc/S6qy1w0c-bI/AAAAAAAAAJE/-EB9W5SeucM/s1600/content-background.png

142.250.74.161

200 OK

237 B

URL HTTP/1.1
4.bp.blogspot.com/_P9euH0y0ajc/S6qy1w0c-bI/AAAAAAAAAJE/-EB9W5SeucM/s1600/content-background.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 950 x 3, 8-bit/color RGB, non-interlaced\012- data
Size
237 B (237 bytes)
Hash
911611a6680d7a96b3ecdc143d06239c
9684c46eba6bc6a1e57e83b8115f1b543e86edb5
47e6c286470116ccd3ed4963995cdaf9964e6ff4bbbc320bc440b47765db2646

HTTP Headers

GET /_P9euH0y0ajc/S6qy1w0c-bI/AAAAAAAAAJE/-EB9W5SeucM/s1600/content-background.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="content-background.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 237
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 02:14:29 GMT
Expires: Sun, 04 Dec 2022 03:17:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v91"
Content-Type: image/png
Age: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=pub-3784104995056280&plah=majalahmiliter.blogspot.com&bust=31071113

172.217.21.162

200 OK

120 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=pub-3784104995056280&plah=majalahmiliter.blogspot.com&bust=31071113
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5918)
Size
120 kB (119783 bytes)
Hash
3d327aacc00a08b47e0d0422e284c11e
5d25c3bdab2b39300fcaaa6466b36a057b2d5132
21744f414f0a0d43bf573875001116437a80768acf46ce561784a6c89dbcf301

HTTP Headers

GET /pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=pub-3784104995056280&plah=majalahmiliter.blogspot.com&bust=31071113 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 06 Dec 2022 02:14:29 GMT
expires: Tue, 06 Dec 2022 02:14:29 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6788128126068231145
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119783
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bdv.bidvertiser.com/BidVertiser.dbm?pid=196512&bid=478910&RD=8322688053259&DIF=1&bd_ref_v=majalahmiliter.blogspot.com&tref=1&win_name=null&docref=&jsrand=8322688053259&js1loc=-&loctitle=%20majalah%20militer%3A%20Hamas%3A%20Israelis%20walking

54.241.51.109

200 OK

4.6 kB

URL HTTP/1.1
bdv.bidvertiser.com/BidVertiser.dbm?pid=196512&bid=478910&RD=8322688053259&DIF=1&bd_ref_v=majalahmiliter.blogspot.com&tref=1&win_name=null&docref=&jsrand=8322688053259&js1loc=-&loctitle=%20majalah%20militer%3A%20Hamas%3A%20Israelis%20walking
IP
54.241.51.109:0
ASN
#16509 AMAZON-02

File type
data
Size
4.6 kB (4633 bytes)
Hash
85e209870d56a6c614675f9a2a7d403b
7a88977c9c253d78b87f2aa685bf0bbbc176724c
a0ff1955546e54dab7c0a4862a346df56f8b92ac284cff71dcb497d20ed6b6bf

HTTP Headers

GET /BidVertiser.dbm?pid=196512&bid=478910&RD=8322688053259&DIF=1&bd_ref_v=majalahmiliter.blogspot.com&tref=1&win_name=null&docref=&jsrand=8322688053259&js1loc=-&loctitle=%20majalah%20militer%3A%20Hamas%3A%20Israelis%20walking HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tuesday, 06-Dec-2022 02:14:29 GMT
Cache-Control: no-store
Last-Modified: Monday, 06-Dec-2021 02:14:29 GMT
Set-Cookie: bdv_c12p=244; domain=.bidvertiser.com; path=/; expires=Wed, 07-Dec-2022 02:14:29 GMT
bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Wed, 07-Dec-2022 02:14:29 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 4161
CONNECTION: Close

d2b9l3u54v5v39.cloudfront.net/css/default.css

54.230.245.28

200 OK

1.5 kB

URL HTTP/1.1
d2b9l3u54v5v39.cloudfront.net/css/default.css
IP
54.230.245.28:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1489 bytes)
Hash
8ea20baef891abad5a169261301f1b0d
b983c5b36da773d38fc2d9d56fb1e462080ac0f8
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af

HTTP Headers

GET /css/default.css HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 1489
Connection: keep-alive
Last-Modified: Mon, 21 Sep 2015 08:25:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Mon, 05 Dec 2022 07:36:57 GMT
ETag: "70d0ec1947f4d01:0"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: enjZ-wZ2yeqY3_7IrxX-82QnntdYrc7ZYlIbcupuXd-c8gpeChfQEQ==
Age: 67052

d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js

54.230.245.28

200 OK

1.2 kB

URL HTTP/1.1
d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
IP
54.230.245.28:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1199 bytes)
Hash
263303c015aaddbd3c417327b3b50823
c5c4f7ec9f5c1a2cfafad6b5810ed0da2080d3cb
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617

HTTP Headers

GET /activejs/bdv_fsthd.js HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1199
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 11:27:17 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Mon, 05 Dec 2022 22:43:32 GMT
ETag: "977ef3668ead61:0"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FPiL0RC2sF6Axustu03_AlOOfhlWpaIq2wWChLoG1O8Z0BJGOK7xZg==
Age: 14079

d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2

54.230.245.28

200 OK

2.8 kB

URL HTTP/1.1
d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
IP
54.230.245.28:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2831 bytes)
Hash
d58909e3606e94cade8eca195ab40f2e
e6363f5074ba81376c31b4cd770f0b0344621e24
68cec5539b0b468c927628d857780b25c5be36223db516828dce541b1c167c00

HTTP Headers

GET /css/58x466.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2831
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:19:13 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Tue, 06 Dec 2022 01:35:11 GMT
ETag: "ec706f147890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7iOGgxAUB4Ro_uSkqKx_3lz7FkY0uwrReF36F3Zch5K-KS2_XZwhOg==
Age: 4667

www.blogger.com/dyn-css/authorization.css?targetBlogID=876572868659506492&zx=d73c336c-0f33-433e-8cdb-dd4d117b63c8

216.58.207.233

200 OK

21 B

URL HTTP/2
www.blogger.com/dyn-css/authorization.css?targetBlogID=876572868659506492&zx=d73c336c-0f33-433e-8cdb-dd4d117b63c8
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=876572868659506492&zx=d73c336c-0f33-433e-8cdb-dd4d117b63c8 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Dec 2022 02:14:29 GMT
last-modified: Tue, 06 Dec 2022 02:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

partner.googleadservices.com/gampad/cookie.js?domain=majalahmiliter.blogspot.com&callback=_gfp_s_&client=ca-pub-3784104995056280&gpid_exp=1

142.250.74.34

200 OK

250 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=majalahmiliter.blogspot.com&callback=_gfp_s_&client=ca-pub-3784104995056280&gpid_exp=1
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (391), with no line terminators
Size
250 B (250 bytes)
Hash
cb9ae9f0cddf7c3fd4a9a16bad6ca59f
67bc0f431fde74fbc1705c621d2c90d9452d9dec
93e50e9cfc7515cbed558c71a63757265880b3115fa14cc9b96b5183b7b5a51e

HTTP Headers

GET /gampad/cookie.js?domain=majalahmiliter.blogspot.com&callback=_gfp_s_&client=ca-pub-3784104995056280&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 06 Dec 2022 02:14:29 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/adsid/integrator.js?domain=majalahmiliter.blogspot.com

142.250.74.162

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=majalahmiliter.blogspot.com
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=majalahmiliter.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 06 Dec 2022 02:14:29 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=majalahmiliter.blogspot.com

142.250.74.2

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=majalahmiliter.blogspot.com
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=majalahmiliter.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 06 Dec 2022 02:14:29 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:14:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3784104995056280&output=html&h=600&slotname=5362579173&adk=3309718201&adf=2122168579&pi=t.ma~as.5362579173&w=120&lmt=1667881178&url=http%3A%2F%2Fmajalahmiliter.blogspot.com%2F2009%2F01%2Fhamas-israelis-walking-into-our-traps.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1670292866494&bpp=35&bdt=535&idt=301&shv=r20221110&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&correlator=3095197738398&frm=20&pv=2&ga_vid=201298136.1670292867&ga_sid=1670292867&ga_hid=547557408&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=689&ady=412&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071113&oid=2&pvsid=1903183542310074&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=SYwVsLSRlR&p=http%3A//majalahmiliter.blogspot.com&dtd=424

142.250.74.162

400 Bad Request

46 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3784104995056280&output=html&h=600&slotname=5362579173&adk=3309718201&adf=2122168579&pi=t.ma~as.5362579173&w=120&lmt=1667881178&url=http%3A%2F%2Fmajalahmiliter.blogspot.com%2F2009%2F01%2Fhamas-israelis-walking-into-our-traps.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1670292866494&bpp=35&bdt=535&idt=301&shv=r20221110&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&correlator=3095197738398&frm=20&pv=2&ga_vid=201298136.1670292867&ga_sid=1670292867&ga_hid=547557408&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=689&ady=412&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071113&oid=2&pvsid=1903183542310074&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=SYwVsLSRlR&p=http%3A//majalahmiliter.blogspot.com&dtd=424
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (603), with no line terminators
Size
46 B (46 bytes)
Hash
0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955

HTTP Headers

GET /pagead/ads?client=ca-pub-3784104995056280&output=html&h=600&slotname=5362579173&adk=3309718201&adf=2122168579&pi=t.ma~as.5362579173&w=120&lmt=1667881178&url=http%3A%2F%2Fmajalahmiliter.blogspot.com%2F2009%2F01%2Fhamas-israelis-walking-into-our-traps.html&host=pub-1556223355139109&h_ch=00000&wgl=1&dt=1670292866494&bpp=35&bdt=535&idt=301&shv=r20221110&mjsv=m202211300101&ptt=5&saldr=sa&abxe=1&correlator=3095197738398&frm=20&pv=2&ga_vid=201298136.1670292867&ga_sid=1670292867&ga_hid=547557408&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=689&ady=412&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31071113&oid=2&pvsid=1903183542310074&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=SYwVsLSRlR&p=http%3A//majalahmiliter.blogspot.com&dtd=424 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 06 Dec 2022 02:14:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 02:29:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7087
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 02:14:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7087
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 02:14:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7087
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 02:14:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7087
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 02:14:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7087
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 02:14:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 15968
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
8055d0db573ab34924db3b60ed788bb2
a4aae05e7a929fc7f652f56748d2a2da9c44ac45
f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cE8n21yLSOS1FFSW_80l4MKNtJ9uJj7SXJS1Xza-lTYruvI2Wvkwlw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:11 GMT
age: 15979
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5273 bytes)
Hash
49c08cd33e41826af9dd4a8a912e0ddf
bde85bd98858e4b13484a9cc3263b4db7fb5d348
43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YFtwPRjtJcX51t_xVdpS2-J222bVL8KEildkseLJ_pVbCFkljZ-Q0A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:49 GMT
age: 16001
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15732 bytes)
Hash
b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 14702
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 15743
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 14702
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

majalahmiliter.blogspot.com/favicon.ico

172.217.21.161

200 OK

412 B

URL HTTP/1.1
majalahmiliter.blogspot.com/favicon.ico
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
412 B (412 bytes)
Hash
501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: majalahmiliter.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/2009/01/hamas-israelis-walking-into-our-traps.html

HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Tue, 06 Dec 2022 02:14:30 GMT
Date: Tue, 06 Dec 2022 02:14:30 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 08 Nov 2022 04:19:38 GMT
ETag: W/"63755b416ba64133dfbad275626cae5e6d390d159b8bdf11dadb313bf080074d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE

bdv.bidvertiser.com/bidvertiser.dbm?pid=196512&bid=478910&RD=03745803762967&DIF=2

54.241.51.109

200 OK

0 B

URL HTTP/1.1
bdv.bidvertiser.com/bidvertiser.dbm?pid=196512&bid=478910&RD=03745803762967&DIF=2
IP
54.241.51.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bidvertiser.dbm?pid=196512&bid=478910&RD=03745803762967&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://majalahmiliter.blogspot.com/

HTTP/1.1 200 OK
Date: Tuesday, 06-Dec-2022 02:14:31 GMT
Cache-Control: no-store
Last-Modified: Monday, 06-Dec-2021 02:14:31 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations