Report - campconscogi1976.blogspot.am/

Report Overview

Submitted URL
campconscogi1976.blogspot.am/
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2022-12-14 03:36:01
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
gg.gg	172656	2013-04-18T16:11:12Z	2023-03-06T19:26:40Z	10 kB	147 kB	91.215.42.31
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T06:45:03Z	340 B	964 B	104.18.32.68
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-09T06:20:40Z	649 B	8.0 kB	142.250.74.109
c.statcounter.com	7772	2016-09-21T12:59:04Z	2023-03-09T05:12:03Z	679 B	5.0 kB	104.20.218.77
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T05:22:46Z	341 B	759 B	93.184.220.29
www.blogger.com	8975	2012-05-22T09:35:03Z	2023-03-09T05:11:45Z	1.3 kB	66 kB	216.58.207.233
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	44.229.20.251
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.4 kB	6.2 kB	23.33.119.27
campconscogi1976.blogspot.com	unknown	2022-07-14T10:45:28Z	2022-12-14T04:36:03Z	820 B	4.4 kB	172.217.21.161
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T05:09:25Z	3.8 kB	60 kB	34.120.237.76
developers.google.com	12980	2012-06-04T14:32:46Z	2023-03-09T07:22:32Z	836 B	1.3 kB	172.217.21.174
www.statcounter.com	11621	2013-07-16T11:44:13Z	2023-03-09T05:12:00Z	281 B	15 kB	104.20.219.77
campconscogi1976.blogspot.am	unknown	2022-07-17T05:04:56Z	2022-11-11T04:38:36Z	360 B	620 B	172.217.21.161
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	4.5 kB	9.1 kB	142.250.74.131
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-09T05:09:33Z	732 B	44 kB	142.250.74.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-14	medium	campconscogi1976.blogspot.com/	Malware
2022-12-14	medium	campconscogi1976.blogspot.com/	Malware
2022-12-14	medium	gg.gg/gtha2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	gg.gg/js/jquery.zclip.min.js	7.4 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.zclip.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-05-10 07:47:35 Times Seen548 Hash ed3ba6e9aeed8aa665844e5ade17576e 8c8b08b8592734439278e62bf913646b61412f23 ae63c897e26d3cab90b28bd9fa6adde37fc323582619ad9318f48e117cbf64ab Loading...

	gg.gg/gtha2	371 B	2023-03-07	2023-04-02
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-04-02 21:19:05 Times Seen32 Hash fa41bd48a35b0ad60d566107e28a2eaa 2dd8dab50d217e2ba6e917929d70ee5c8ad2929b 761db903581aa96a1f234d9d7ea11ffd92106a8b73a191393ac26e5f96e71adf Loading...

	campconscogi1976.blogspot.com/	789 B	2023-03-07	2024-02-13
Pretty URL campconscogi1976.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs	102 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_1?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:48:44 Times Seen1 Hash ef2165fdf4f52f8c7c8735c0b57407f7 7ebad26ec2359faabd6f1bc5e9fa4dcc118aec05 541c10b550bb3bef95c6816ccc83fbfdd9a5a34c1be39aa8ff5412c8444b978d Loading...

	campconscogi1976.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-05-10
Pretty URL campconscogi1976.blogspot.com/js/cookienotice.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-10 12:46:28 Times Seen116692 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	campconscogi1976.blogspot.com/	275 B	2023-03-07	2024-05-10
Pretty URL campconscogi1976.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-10 11:30:29 Times Seen58728 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	gg.gg/js/jquery.tag-it.js	16 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.tag-it.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen511 Hash 8387a9ca0459e0568fdd3bd15e1bd1bf bba149f9979530786fbb8069bcaa340eeef3712d 04a595cb9eae0a734d474bde7cba253390a5cd5f5a6b6234c88df9bcf36e7e15 Loading...

	www.statcounter.com/counter/counter.js	44 kB	2023-03-07	2024-03-30
Pretty URL www.statcounter.com/counter/counter.js IP 104.20.219.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:55 Last Seen2024-03-30 16:46:15 Times Seen13 Hash 366890db672c87ff79dd22a7534643d2 e7b0da6b49f35363f125deb595ff67ccb0dc222c 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598 Loading...

	gg.gg/js/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery-1.7.2.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-10 11:14:25 Times Seen14023 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	gg.gg/gtha2	302 B	2023-03-07	2023-04-02
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-04-02 21:19:05 Times Seen33 Hash d575f1d3509fbe01c4bb77ca46622c61 2dcb9b87d8ade6de2b78c144963830affe0ae623 82f4489edfccf07f3effa84bed5a9ca6a90fb8b898c8e586c34c0f7f6f61089f Loading...

	www.blogger.com/static/v1/widgets/2092647672-widgets.js	156 kB	2023-03-08	2023-03-09
Pretty URL www.blogger.com/static/v1/widgets/2092647672-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:15 Last Seen2023-03-09 22:42:19 Times Seen1 Hash 2348c8616f38bcd653268cba8b3d2d34 77b1608b7366ec574a1b485803d9b8f4c546ed4a ecba0b97a30d07171bd7bdb00afeba7f3a9ae4788e8f51bb0409b73e69d14fac Loading...

	gg.gg/js/jquery.cookie.js	1.9 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.cookie.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen549 Hash 3291194034b434bb51afaa5aabd2313a ee31f8edef296efe486218e3b434e816612ef848 d6f218e7eb673e6264b7b6c71d9a46c2379cb2f396c3317d7ecedbf0b99ab2c9 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	55 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:53:02 Times Seen1 Hash c61ae987c0905d150f80bc6f3e7cc135 826a5f9142e58947410baa5df9b0126f0226ab97 32995e284ad49c05984d6dc2f96674229e731c01d030a38ba96e42c39a8082ae Loading...

	gg.gg/gtha2	117 B	2023-03-07	2023-04-02
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-04-02 21:19:05 Times Seen33 Hash 113329e5947896d5408abaf115682089 c4427c8200c0d80d8e9d1cdb83467c675219741c e6bf7b3492d1601187221e2163471129eac56ffaea6f175a1a985782fe565f17 Loading...

	gg.gg/js/jquery.corners.min.js	10 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery.corners.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen521 Hash 0425d5aca5c038781800b103ef65c5d8 11c0ed86f1ae8a990ae7c5a6c721f1dcb352af8f a450356c7550c1c8bd4ef8c10aea93a62de7b22bb1005141aff41110a02d11ad Loading...

	apis.google.com/js/plusone.js	55 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:53:02 Times Seen1 Hash a4bece00b52ca0d44160fe7a02cabddb b2ab847e582b5609e479a6d4c19577a2f664dfbd 4cc6846b69ba46bb297b9fdc8a711094d88a1a6b33f1a13297cbe154713d7c72 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	149 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:51:27 Times Seen1 Hash 3890ab0a78427be244a5919961d77449 8a3c4fca53c2c41d818ae09c075dceddf0127280 571d15e85825e4183d95663c917a6a7911346b2915ce796cff3ffba121474a58 Loading...

	apis.google.com/js/platform.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:23 Last Seen2023-03-17 23:35:13 Times Seen1 Hash 82b37d5e95d1e985a554cf000e9bb15c 8973b2e12ea8de1b8a14c8b7ea3be6c1c25eae07 4c6520efed0ab3222ea84da3fb4d6cdc929353fdfa0ac12422253be3ffcf525a Loading...

	gg.gg/js/logic.js?v3	6.2 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/logic.js?v3 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen500 Hash 6115f85479309c9e6fc03c3e06c06698 8f1627afb2bca580a6c52b69b549f5290c3efeb7 2fcb1a03d5580a3486e27d980930554e63ffdb730e7ab67c9c9c50c26a100fa9 Loading...

	gg.gg/js/jquery-ui-1.8.21.custom.min.js	207 kB	2023-03-07	2024-05-10
Pretty URL gg.gg/js/jquery-ui-1.8.21.custom.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-05-10 07:47:35 Times Seen603 Hash 03afe455536a9c44ad82cf1425e354b6 4d6a5f3a7e2ff4bcdabfcd3fef8b2e8e05197480 da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	18 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:17 Last Seen2023-03-11 23:53:01 Times Seen1 Hash eaebeab1028b769231bfc3b2577d93d7 85e286818762ea0f2f69b921bc18b04728391093 55f3b09cbbfd0eb0b51f61f77f4f00fd49f2733726efef6113a03930e1d38109 Loading...

	ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js	10 kB	2023-03-07	2023-03-17
Pretty URL ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 69c93809ee794c3e963df5e9aa5fe99d 53e4fac1a579d5cb826100d4dbe9e890385649ec 0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275 Loading...

	campconscogi1976.blogspot.com/	5.9 kB	2023-03-09	2023-03-09
Pretty URL campconscogi1976.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:02:48 Last Seen2023-03-09 08:02:48 Times Seen1 Hash fa2122e3012861d8ae365d0121d7ef91 900413573b7d2c2733caa9762c01ce0b1fba8131 626ce3a2cdbb97bca91e17f8a03a631a393b5139876a4a6f12daf6305795c1fb Loading...

HTTP Transactions (61)

URL IP Response Size

campconscogi1976.blogspot.am/

172.217.21.161

302 Moved Temporarily

185 B

URL HTTP/1.1
campconscogi1976.blogspot.am/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
185 B (185 bytes)
Hash
d03e2779710b1089be8137fdfbdb8c84
9aae523897b30ec43713c0873ed08a793a31fdcb
2c0a728f5648c57d0bc4193dddc53e5451ae788859dc3a28581ef244aa281633

HTTP Headers

GET / HTTP/1.1
Host: campconscogi1976.blogspot.am
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Location: http://campconscogi1976.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 03:35:50 GMT
Expires: Wed, 14 Dec 2022 03:35:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2197
Expires: Wed, 14 Dec 2022 04:12:27 GMT
Date: Wed, 14 Dec 2022 03:35:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Wed, 14 Dec 2022 05:12:07 GMT
Date: Wed, 14 Dec 2022 03:35:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 14 Dec 2022 03:33:48 GMT
content-type: application/json
age: 122
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3482
Expires: Wed, 14 Dec 2022 04:33:52 GMT
Date: Wed, 14 Dec 2022 03:35:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ico+qyppYQkXeDnT7+jSLrdsrBCxUq8N1rXlvk7IacF4wO3jMT7IJ7loTcYA2/bulhRimAAItGQ=
x-amz-request-id: GW8N0CTE8BD8RADM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 14 Dec 2022 02:50:19 GMT
age: 2731
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Dec 2022 03:35:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

campconscogi1976.blogspot.com/

172.217.21.161

301 Moved Permanently

185 B

URL HTTP/1.1
campconscogi1976.blogspot.com/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
185 B (185 bytes)
Hash
1780e6762e7ad1a58b27a4b2e78d15cc
985e3d676e871975c1ea15c52e9374194c744425
507291adb67fc94b86e9cc7a533806211cc323c74646c33ef0ec615f5460be5b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: campconscogi1976.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://campconscogi1976.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 14 Dec 2022 03:35:51 GMT
Expires: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 185
Server: GSE

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebe82d391b5a374199c47560176609a8
9cad1d54271643bb25fc41c03c5494cf3d88de65
e2c368c4c3f7951e2fbbe450a31a1b2ed59993cae19a773976273dc4d1319e9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 14 Dec 2022 03:07:57 GMT
age: 1674
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

campconscogi1976.blogspot.com/

172.217.21.161

200 OK

3.2 kB

URL HTTP/2
campconscogi1976.blogspot.com/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4136)
Size
3.2 kB (3205 bytes)
Hash
44badd4211f1a8bea24644528d0eec0d
3de1058c64e8869e331141166d21a9cea1f3ab4c
d62bc7f507ec3b87d970d0c5344c1693ad554feb9f865e18bf1fc06acf294c01

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: campconscogi1976.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 14 Dec 2022 03:35:51 GMT
date: Wed, 14 Dec 2022 03:35:51 GMT
cache-control: private, max-age=0
last-modified: Fri, 06 Nov 2020 09:54:28 GMT
etag: W/"47aec9610a1a1944de7a33449ff33e92cdaa35585699a3a9027064beb7fa94f4"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3205
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ebe82d391b5a374199c47560176609a8
9cad1d54271643bb25fc41c03c5494cf3d88de65
e2c368c4c3f7951e2fbbe450a31a1b2ed59993cae19a773976273dc4d1319e9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5594
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Etag: "639840ac-1d7"
Last-Modified: Wed, 14 Dec 2022 02:02:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e590f547cd458338349cec36ae254c47
1e5e65e6db01623b3df74f0952658d435cddeb9a
c8eb968ace82c463fcd438e41b17e3b2f55e7d61cabaa8dabcf69cd58cff5420

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/platform.js

142.250.74.46

200 OK

21 kB

URL HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20984 bytes)
Hash
7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://campconscogi1976.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 14 Dec 2022 03:35:51 GMT
expires: Wed, 14 Dec 2022 03:35:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/2092647672-widgets.js

216.58.207.233

200 OK

56 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
56 kB (56341 bytes)
Hash
689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef

HTTP Headers

GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://campconscogi1976.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 523506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

216.58.207.233

200 OK

6.6 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30596)
Size
6.6 kB (6620 bytes)
Hash
6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f

HTTP Headers

GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://campconscogi1976.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 14:01:44 GMT
expires: Wed, 13 Dec 2023 14:01:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Dec 2022 06:58:47 GMT
content-type: text/css
age: 48847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
351e38674c4649193e45dad43b63a037
6472ffc392de1fb7b52cb60bcf2af9263583c222
f5e042b6dee07492624bc561df0533c5205ed471281e31eb87f3a8d85c054c25

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.229.20.251

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.229.20.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ZxsiT55dxAegSYuKfn4Qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HBv2o57UkRbMtGdugKR9mj8v22k=

www.blogger.com/dyn-css/authorization.css?targetBlogID=6215873921867913816&zx=822fdfe4-4dd2-4b87-801c-866e0327865c

216.58.207.233

200 OK

21 B

URL HTTP/2
www.blogger.com/dyn-css/authorization.css?targetBlogID=6215873921867913816&zx=822fdfe4-4dd2-4b87-801c-866e0327865c
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=6215873921867913816&zx=822fdfe4-4dd2-4b87-801c-866e0327865c HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://campconscogi1976.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 03:35:52 GMT
last-modified: Wed, 14 Dec 2022 03:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gg.gg/gtha2

91.215.42.31

200 OK

1.4 kB

URL HTTP/1.1
gg.gg/gtha2
IP
91.215.42.31:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.4 kB (1445 bytes)
Hash
560e71dc5bae744b8f372537d6da654b
dba02b71d7084064082c5c7ea8ab41ecab33c131
567e170395a77713c2fc784fb913960cd4ed3169913d527fd6b2d426860b49e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /gtha2 HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 03:35:52 GMT
X-Powered-By: PHP/5.3.3
Set-Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; Domain=.gg.gg; HttpOnly; Path=/; Expires=Thu, 14-Dec-2023 03:35:52 GMT
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273; expires=Wed, 14-Dec-2022 05:35:52 GMT; path=/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

gg.gg/css/style.css

91.215.42.31

200 OK

1.4 kB

URL HTTP/1.1
gg.gg/css/style.css
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
1.4 kB (1426 bytes)
Hash
d8f14b9e08b24d7c5a49bccc336434c6
29cb036583cf9fc4e5d5d97272f934916a05a98d
d535307bd7a2a52b2f766a61ee27516eb2b51a249f9d27fb11cbe3c5e2d36443

HTTP Headers

GET /css/style.css HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 10 Dec 2022 16:10:22 GMT
Last-Modified: Thu, 17 Oct 2019 13:01:34 GMT
Accept-Ranges: bytes
Content-Type: text/css
DDG-Cache-Status: HIT,HIT
Etag: W/"14a06e2-182d-5951ad12f30d6"
Vary: Accept-Encoding
Age: 300330
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/jquery.tag-it.js

91.215.42.31

200 OK

4.2 kB

URL HTTP/1.1
gg.gg/js/jquery.tag-it.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
4.2 kB (4182 bytes)
Hash
07cdc8dd6348edd84f1fd1e36af134b3
d7f506e195e8a7752c7c291393d7af2ce01ca8b8
aa050d00f47a66752dce233b731b8ab8123861e109847b89e345959cdad679c4

HTTP Headers

GET /js/jquery.tag-it.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 05 Dec 2022 16:09:20 GMT
Last-Modified: Fri, 06 Jul 2012 05:29:52 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a06f8-3d92-4c4228db19400"
Age: 732392
Content-Encoding: gzip
Transfer-Encoding: chunked

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Wed, 14 Dec 2022 04:57:02 GMT
Date: Wed, 14 Dec 2022 03:35:52 GMT
Connection: keep-alive

gg.gg/js/jquery.cookie.js

91.215.42.31

200 OK

837 B

URL HTTP/1.1
gg.gg/js/jquery.cookie.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
837 B (837 bytes)
Hash
6ec845e044b0953e88044b973433224a
5f89989a0bc50b25578a1d1721f9a45a0ca5ebbc
643ea88e3644bf8ddbe7b3ef109cd350d56ccc58486ef70aa4ceebde662e8d41

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 13 Dec 2022 14:08:07 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:49 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a06f6-795-4c2ee1220ff40"
Age: 48465
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/jquery.zclip.min.js

91.215.42.31

200 OK

2.7 kB

URL HTTP/1.1
gg.gg/js/jquery.zclip.min.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text, with very long lines (7199), with CRLF line terminators
Size
2.7 kB (2657 bytes)
Hash
81b4bc629311a4e16be1f5cb4284cb18
c6064dfb1f7a5fc23b0ab7d9ba223ce986ee81c1
6a3b686c5fd461f9a040e48406174d68a2a939bbb72b9acb25137efe1a45e11f

HTTP Headers

GET /js/jquery.zclip.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 11 Dec 2022 18:03:17 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:49 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
Etag: W/"14a06f9-1d0c-4c2ee1220ff40"
Age: 207155
DDG-Cache-Status: HIT,HIT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Wed, 14 Dec 2022 04:57:02 GMT
Date: Wed, 14 Dec 2022 03:35:52 GMT
Connection: keep-alive

gg.gg/css/jquery.tagit.css

91.215.42.31

200 OK

452 B

URL HTTP/1.1
gg.gg/css/jquery.tagit.css
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
452 B (452 bytes)
Hash
6049adad816646eca81924ca1a9eb84b
6393227a12d0b5ef5fe20c9c5cdb0d44b3101141
d207ccff027833a4a2a97fc5935b4c38a2f0528de3eb645560e7c68d0dd8882a

HTTP Headers

GET /css/jquery.tagit.css HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 05 Dec 2022 20:30:00 GMT
Last-Modified: Fri, 06 Jul 2012 05:23:50 GMT
Accept-Ranges: bytes
Content-Type: text/css
X-Pad: avoid browser bug
DDG-Cache-Status: HIT,MISS
Etag: W/"14a06e1-472-4c422781de580"
Age: 716752
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

gg.gg/js/logic.js?v3

91.215.42.31

200 OK

1.8 kB

URL HTTP/1.1
gg.gg/js/logic.js?v3
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
1.8 kB (1765 bytes)
Hash
b07af8f367d79c28e407318cfa83f285
8ae216a6b68f5a703d0893cc0ed793f3d7110da3
5458b541b2d14b7681ab082e2acbd00cf4165352a87dc8f43b6000fe0e91a696

HTTP Headers

GET /js/logic.js?v3 HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 12 Dec 2022 02:10:21 GMT
Last-Modified: Sat, 06 Aug 2022 09:31:21 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a0c61-1851-5e58f3ee14120"
Age: 177931
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/css/smoothness/jquery-ui-1.8.21.custom.css

91.215.42.31

200 OK

6.0 kB

URL HTTP/1.1
gg.gg/css/smoothness/jquery-ui-1.8.21.custom.css
IP
91.215.42.31:0
ASN
#0

File type
ASCII text, with very long lines (1399)
Size
6.0 kB (6022 bytes)
Hash
adad0666b4e27166c7f339db43284bfb
6112c5a636306cfec644c2319441ff60450f90b6
034f595818299e28008f53aa00adc6aff682db6812e09a4d3e55353b146fe98d

HTTP Headers

GET /css/smoothness/jquery-ui-1.8.21.custom.css HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 09 Dec 2022 08:30:22 GMT
Last-Modified: Wed, 20 Jun 2012 21:28:26 GMT
Accept-Ranges: bytes
Content-Type: text/css
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14c003f-81e3-4c2ee14559280"
Age: 414330
Content-Encoding: gzip
Transfer-Encoding: chunked

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5ac05cf-7e4b-4370-90d7-5f74f4ea19eb.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5ac05cf-7e4b-4370-90d7-5f74f4ea19eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6356 bytes)
Hash
9490447f39b844fda99fe94641731a1d
2102208725565acc44c83b679307c5c760f966a4
6a4576b5b9e9813a1d30e0576f320d4a5f42fe24c8c617063b04a77f0c01a4f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5ac05cf-7e4b-4370-90d7-5f74f4ea19eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6356
x-amzn-requestid: 91e07aa7-0786-4711-82e1-7e0bfd865a58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpbJFUOoAMFoGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef7a-52a1b7351db3947e4e781234;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:32:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vlnGktCU4Edk-xxKMIW7gXQ_iFrj_f5DgKTHO6G7ZIro3NoOqyFNpA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:48:27 GMT
age: 20845
etag: "2102208725565acc44c83b679307c5c760f966a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Wed, 14 Dec 2022 04:57:02 GMT
Date: Wed, 14 Dec 2022 03:35:52 GMT
Connection: keep-alive

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7104 bytes)
Hash
86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qd7ZLBasMl-7gVScLfJ4kxx2fbcyeL21COqu3913iENoLFvK8wkEvA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 22:16:33 GMT
age: 19159
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5106 bytes)
Hash
577cee5a6996494cac7908537e16b192
c598173a2cf846c6cb572b19c754929230318cad
3d2cec49a818850f1a30e6087f8654dceea8b6f16221e2bb15fb9d7e90f6fe96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75239c2b-388d-496a-beed-8bd1140a34de.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5106
x-amzn-requestid: eb043760-3b4b-4b84-b2b0-f0fd98d3e47d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpLoEP-oAMFddA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef17-4b7553a0354fc9a021f0fa50;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ma2_pbWp6bdRX_FjDKvUK4GI2MbnqHDVWnGUc4xZESPpZjBBH_tQJw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:51:15 GMT
age: 20677
etag: "c598173a2cf846c6cb572b19c754929230318cad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4870
Expires: Wed, 14 Dec 2022 04:57:02 GMT
Date: Wed, 14 Dec 2022 03:35:52 GMT
Connection: keep-alive

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12046 bytes)
Hash
25e5932a6449b859223367ce1e67e59c
5d2ea71d4f0d952d665586bdf32ed0e88c605af6
160021eb4b65b4720d90337bf46bfc3c5b317b2ec406ba377c9368a11c56f629

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654e7722-a3eb-46c4-b652-ed202ea6f8d1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12046
x-amzn-requestid: 53e890e7-eaa7-434d-bcde-4a1e60b5b6b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGqNWEhooAMFZxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398f0bb-0282299f7b644bbd2b65c079;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:38:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XJelUmwr6ECrVewxG3xTG9Zfvy0dUgxkP6FhPndIJ43i3iK6yrJZsw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:34 GMT
age: 20358
etag: "5d2ea71d4f0d952d665586bdf32ed0e88c605af6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gg.gg/js/jquery.corners.min.js

91.215.42.31

200 OK

3.3 kB

URL HTTP/1.1
gg.gg/js/jquery.corners.min.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
3.3 kB (3305 bytes)
Hash
629e91eddf8c5ddfe1a51d434164c15c
f059c24f3b9f491d808df6bbb58b18a72b70db67
05c3a3df9abb7bd9539dfcc2db30269c46e3a815436d7b947cda9ad4cac8baa0

HTTP Headers

GET /js/jquery.corners.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 10 Dec 2022 08:57:09 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:49 GMT
ETag: W/"14a06f7-274d-4c2ee1220ff40"
Accept-Ranges: bytes
Content-Type: text/javascript
Age: 326323
DDG-Cache-Status: HIT,HIT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bc4ff2a-b394-4d5e-b82e-4d1694be9750.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9519 bytes)
Hash
93cb79f5ffbade1f22774ed3f361e77b
f3363bd8a3584d0307943c4b6d2b97cf1f5560c7
568328e7d8c93e378e18c6d0cf6a2d2ea306815f0c07f75ea8042e918f3b9f81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bc4ff2a-b394-4d5e-b82e-4d1694be9750.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9519
x-amzn-requestid: 1a47ee43-6b5e-4eda-a047-fd852b978248
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKnGUgIAMFWmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-4f7825ea052953e7264bf156;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w6g6AsstOQ6ZIPX-tUc6ktrson2-tuVogtvns2szLQDqNO6_Te8Feg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:13 GMT
age: 20559
etag: "f3363bd8a3584d0307943c4b6d2b97cf1f5560c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5108 bytes)
Hash
3acfbf939eab432007f8315f2376f563
e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c
d02ae4fa55f6ba4b1ca2186eb31a40018eada1e1491efdc4a95ffba4c35afa07

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb91a48bd-4125-4a30-8a37-7ba4692b71f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: cba619a3-ef9a-420b-b280-2b53608aad53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpL0G93IAMF59Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef18-7cc4f81a16016a8d63156bff;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:31:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3JmSN0RECaKzxPmndCUHm_4YLojawf7kw8A43yj1h1IfuZQKsVl6eg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:56:32 GMT
age: 20360
etag: "e14ad15ba9151accd71ea1c4b312d3d5c0a7f62c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.statcounter.com/counter/counter.js

104.20.219.77

200 OK

14 kB

URL HTTP/1.1
www.statcounter.com/counter/counter.js
IP
104.20.219.77:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (43632), with no line terminators
Size
14 kB (14093 bytes)
Hash
ec70672a2f4620ce69dbd93d41715fb2
68d559ba806e8aa338221616ba9a85ae582e03a3
f6cd20fa5ef3de2a6bd894efa434c1650f12cf6b3c9df03d45489aff18c44b7e

HTTP Headers

GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/

HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 03:35:52 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 12 Dec 2022 11:21:21 GMT
ETag: W/"aa70-5ef9fb3ee8f93"
Cache-Control: max-age=43200
Expires: Wed, 14 Dec 2022 11:29:31 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
User-Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 14781
Server: cloudflare
CF-RAY: 7793e459f80dfac0-OSL

gg.gg/js/jquery-1.7.2.min.js

91.215.42.31

200 OK

34 kB

URL HTTP/1.1
gg.gg/js/jquery-1.7.2.min.js
IP
91.215.42.31:0
ASN
#0

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33873 bytes)
Hash
71808f7d363df7639d194b4f76001e5e
cf99d5709d9b51e38372f5865a3e23678a0d7fad
2bba8fedcc5295dd654ded45b3b875b591b9ef6019086c8ecd79d5581b7ed963

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 06 Dec 2022 14:49:59 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:50 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a06f4-17278-4c2ee12304180"
Age: 650753
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/jquery-ui-1.8.21.custom.min.js

91.215.42.31

200 OK

52 kB

URL HTTP/1.1
gg.gg/js/jquery-ui-1.8.21.custom.min.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text, with very long lines (18608)
Size
52 kB (52393 bytes)
Hash
3d5eea17a4c743e1b6595a2160d80734
b2f17a6fc195d8d543efc628447fe103bb2f5b66
581aacd32bd1009b2d239ae0a1316b853716a6dd7f3142172e1404f71cdc48c2

HTTP Headers

GET /js/jquery-ui-1.8.21.custom.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 12 Dec 2022 19:08:22 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:50 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 52393
DDG-Cache-Status: HIT,HIT
Etag: W/"14a06f5-3284b-4c2ee12304180"
Age: 116850

gg.gg/gg-banned-page

91.215.42.31

301 Moved Permanently

0 B

URL HTTP/1.1
gg.gg/gg-banned-page
IP
91.215.42.31:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gg-banned-page HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 14 Dec 2022 03:35:52 GMT
X-Powered-By: PHP/5.3.3
Set-Cookie: gg_token=08674ef9e679d3faa5a5089b504e6aa663994498ca4bb9.17918004; expires=Tue, 14-Mar-2023 03:35:52 GMT; path=/; domain=.gg.gg
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 14 Dec 2022 03:35:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://gg.gg/images/broken-link.jpg
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 0
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked

gg.gg/images/broken-link.jpg

91.215.42.31

200 OK

32 kB

URL HTTP/1.1
gg.gg/images/broken-link.jpg
IP
91.215.42.31:0
ASN
#0

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:09:07 02:22:56], progressive, precision 8, 600x450, components 3\012- data
Size
32 kB (32002 bytes)
Hash
cdd81773f16537e6405c4e28f6adec25
08bcc852dbc995ae4d9d7e9ba78b860eed0850a7
9325a36d10dc036fd657c57e35fe141715b92b12211d48e14de8dde7c8e17398

HTTP Headers

GET /images/broken-link.jpg HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gg.gg/gtha2
Connection: keep-alive
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273; sc_is_visitor_unique=rx7960190.1670988951.13BA53C7D2B04F444ACB284F3F2FF6CA.1.1.1.1.1.1.1.1.1; gg_token=08674ef9e679d3faa5a5089b504e6aa663994498ca4bb9.17918004

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 12 Dec 2022 10:43:41 GMT
Last-Modified: Thu, 06 Sep 2012 23:26:43 GMT
ETag: "14a06e3-7d02-4c910d2f872c0"
Accept-Ranges: bytes
Content-Length: 32002
Content-Type: image/jpeg
Age: 147131
DDG-Cache-Status: HIT,HIT

gg.gg/images/favicon.ico

91.215.42.31

200 OK

894 B

URL HTTP/1.1
gg.gg/images/favicon.ico
IP
91.215.42.31:0
ASN
#0

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
94cdc66c71cb96127f0faa3931a23ab9
77cbf7fe62cf2eba5ef27fde2edfe4408c1ba0d8
5b7adedabf077fff5216aca04fecfec61c8e90c5ca054eab19e3a9bd152496a4

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=9byNDMGuhkhGZrXDqtPJ; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fdedd757ace3d8918efbfd8c6b9de2bd%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.125%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1670988952%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D21bec26b7b85630dc46bf997842d5273; sc_is_visitor_unique=rx7960190.1670988951.13BA53C7D2B04F444ACB284F3F2FF6CA.1.1.1.1.1.1.1.1.1; gg_token=08674ef9e679d3faa5a5089b504e6aa663994498ca4bb9.17918004

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 07 Dec 2022 19:58:25 GMT
Last-Modified: Wed, 20 Jun 2012 21:25:00 GMT
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/vnd.microsoft.icon
Etag: "14a06e6-37e-4c2ee080e4300"
Age: 545847
DDG-Cache-Status: HIT,HIT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e590f547cd458338349cec36ae254c47
1e5e65e6db01623b3df74f0952658d435cddeb9a
c8eb968ace82c463fcd438e41b17e3b2f55e7d61cabaa8dabcf69cd58cff5420

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
d2a60b2bf4ab2febf47553cb38d36ec5
fc7131e8780665fbe2153cbb1ad48d76f3a78c2a
6d8aa3e67bc3b51f605dd10d42e49e44c977b11af28477cb16aa5d959138a141

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 14 Dec 2022 03:35:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Dec 2022 06:34:09 GMT
Expires: Tue, 20 Dec 2022 06:34:08 GMT
Etag: "fc7131e8780665fbe2153cbb1ad48d76f3a78c2a"
Cache-Control: max-age=528495,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7793e45bdff60b65-OSL

apis.google.com/js/plusone.js

142.250.74.46

200 OK

21 kB

URL HTTP/2
apis.google.com/js/plusone.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20984 bytes)
Hash
327d33b72373a953dc7ddef0c6463b48
2fd9b26cb459ff01c3a1dd3507f1c7484cce6ce4
1f9becca80520826519f7908eff9bc2cdf551f9afc5d2a276f9d3c4a55a0e79c

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 14 Dec 2022 03:35:52 GMT
expires: Wed, 14 Dec 2022 03:35:52 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "34fae0e5dab49917"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ac4256479ee5f383b192e09c799dd82d
4caa07eee49d14260e509293194a9307f558130b
8af6f00413bfc875b297146fc0581c3c2cffc78ea728eb3289736a191128553c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__

142.250.74.109

200 OK

7.3 kB

URL HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2054)
Size
7.3 kB (7259 bytes)
Hash
49d744a1aed9cae2a902002d84af47ae
db5bf94890b2843216ed62866846bd42f38927c7
da67e7c14b52e8311e78f1418a3b3bdd2a4f201eef2b0e364777f8b3465e43f6

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 14 Dec 2022 03:35:53 GMT
content-security-policy: script-src 'nonce-52bJc8IzAehTpnUfvwFv9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

developers.google.com/

172.217.21.174

301 Moved Permanently

0 B

URL HTTP/1.1
developers.google.com/
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gg.gg/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: b4ae4ee8931ca6aca0a572195e070fb4
Date: Wed, 14 Dec 2022 03:35:53 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0

c.statcounter.com/t.php?sc_project=7960190&u1=13BA53C7D2B04F444ACB284F3F2FF6CA&java=1&security=308b9f68&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//gg.gg/gtha2&t=Banned&invisible=1&sc_rum_e_s=404&sc_rum_e_e=411&sc_rum_f_s=0&sc_rum_f_e=308&get_config=true

104.20.218.77

200 OK

4.4 kB

URL HTTP/2
c.statcounter.com/t.php?sc_project=7960190&u1=13BA53C7D2B04F444ACB284F3F2FF6CA&java=1&security=308b9f68&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//gg.gg/gtha2&t=Banned&invisible=1&sc_rum_e_s=404&sc_rum_e_e=411&sc_rum_f_s=0&sc_rum_f_e=308&get_config=true
IP
104.20.218.77:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
4.4 kB (4444 bytes)
Hash
48962b7988760beee369b65ae6bf09f6
b5c88b78bac59b7101d594e897820af97f3b4687
f3f759367473824eac7c09683a7e33a2ef1c148c84a966c7d43115aeb0abdfcf

HTTP Headers

GET /t.php?sc_project=7960190&u1=13BA53C7D2B04F444ACB284F3F2FF6CA&java=1&security=308b9f68&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//gg.gg/gtha2&t=Banned&invisible=1&sc_rum_e_s=404&sc_rum_e_e=411&sc_rum_f_s=0&sc_rum_f_e=308&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gg.gg
Connection: keep-alive
Referer: http://gg.gg/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Dec 2022 03:35:53 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc7960190.1670988953.0; SameSite=None; Secure; Expires=Monday, 13-Dec-2027 08:35:53 +05; Path=/; Domain=.statcounter.com
access-control-allow-origin: http://gg.gg
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7793e45c2e2ab4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4557f99d9d9535e0134db96dfe8063b2
c9b446d4f382a8ee3d73b1b2e77c96c3e4787059
74305a78c814edc962f442dbbc14023e0b96c5822d5aa9f4ef4c8e4bc791fc00

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a799dd48356a677054f34a33639b8573
5bd30f252fca13084121f4766724c54a3156f137
8c009a68ba498c45068525c3b226b4b6931be274d36250dd8afadd592ff65d82

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a799dd48356a677054f34a33639b8573
5bd30f252fca13084121f4766724c54a3156f137
8c009a68ba498c45068525c3b226b4b6931be274d36250dd8afadd592ff65d82

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Dec 2022 03:35:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7250 bytes)
Hash
8a1cf68fc0b78db85fd7e6f08cb74233
7374f9065239670ef563fee52f973cc23dd19833
e4493b517b402d9ea4f239d2913cbd9f316ae3f1e0c5e79c62c457c060f18b27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0ca3741-7de7-489c-9d32-963748da31ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 8211d14a-d8fa-4f4c-a14f-60e830199a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dGpKqHw7IAMFiwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6398ef10-392d8f374cafe054471d1ff6;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 21:30:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rkKcDnbranYxXDZ2cN8ABILj8WH1q_6HHVRWrYRMsLh5WbkbXamKNw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 21:53:16 GMT
age: 20563
etag: "7374f9065239670ef563fee52f973cc23dd19833"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

developers.google.com/

172.217.21.174

200 OK

0 B

URL HTTP/2
developers.google.com/
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gg.gg/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 18:10:23 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.2708161002.1670988953; Expires=Fri, 13 Dec 2024 03:35:53 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-nEtjV2CsveUQIfbDj0z0AoZLOBKk2r' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 435155324e63d1f5d75b3dbc0f53897d
vary: Accept-Encoding
date: Wed, 14 Dec 2022 03:35:53 GMT
server: Google Frontend
content-length: 25426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations