Report - paulosergioduff.blogspot.com.br/2015/07/sou-economista.html

Report Overview

Visited public
2023-09-23 05:46:47
Tags
Submit Tags
URL
paulosergioduff.blogspot.com.br/2015/07/sou-economista.html
Finishing URL
paulosergioduff.blogspot.com/2015/07/sou-economista.html
IP / ASN
216.58.207.193
#15169 GOOGLE
Title
Sou "economista"! - Blog oficial de Paulo Sérgio Duff

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
paulosergioduff.blogspot.com.br	unknown	2004-12-05	2023-08-28 10:23:29	2023-09-23 07:46:19	515 B	729 B	216.58.207.193
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-09-22 05:35:25	3.4 kB	246 kB	172.217.21.174
blogpager.com	unknown	2013-12-12	2015-06-07 00:58:56	2023-09-18 14:14:33	844 B	2.3 kB	45.152.44.151
fontpis.blogspot.com	unknown	2000-07-31	2020-07-09 23:24:57	2023-09-17 15:51:06	1.3 kB	7.1 kB	216.58.207.193
resources.blogblog.com	13274	2000-09-15	2017-01-30 05:47:40	2023-09-22 07:45:34	921 B	2.3 kB	216.58.207.233
bloggercomment.com	unknown	2011-08-26	2012-10-02 14:40:13	2023-09-16 04:29:01	424 B	1.2 kB	45.152.44.151
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-22 05:10:04	6.7 kB	14 kB	142.250.74.131
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-09-22 08:08:03	9.6 kB	28 kB	142.250.74.109
www.blogblog.com	28878	2000-09-15	2012-05-22 09:35:04	2023-09-22 12:45:16	450 B	123 kB	216.58.207.233
img2.blogblog.com	113758	2000-09-15	2012-05-21 15:44:19	2023-09-22 08:23:58	468 B	821 B	216.58.207.233
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-09-22 09:36:01	897 B	9.2 kB	142.250.74.98
2.bp.blogspot.com	11071	2000-07-31	2012-05-21 15:44:19	2023-09-22 14:28:16	527 B	16 kB	142.250.74.161
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-09-22 05:35:23	1.0 kB	82 kB	104.18.10.207
1.bp.blogspot.com	8403	2000-07-31	2012-05-21 15:44:19	2023-09-22 07:28:27	920 B	2.4 kB	142.250.74.161
dl.dropboxusercontent.com	12831	2012-01-13	2019-02-11 02:24:40	2019-03-28 09:18:21	1.3 kB	4.4 kB	162.125.71.15
paulosergioduff.blogspot.com	unknown	2000-07-31	2023-08-28 10:23:42	2023-08-28 10:23:42	3.6 kB	101 kB	216.58.207.193
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-22 08:01:48	445 B	31 kB	142.250.74.10
sites.google.com	3163	1997-09-15	2012-05-21 15:44:20	2023-09-22 09:25:23	2.4 kB	4.8 kB	142.250.74.78
lh3.googleusercontent.com	66	2008-11-17	2012-05-22 09:35:05	2023-09-22 05:22:13	495 B	2.2 kB	142.250.74.97
www.blogger.com	8975	1999-06-22	2012-05-22 09:35:03	2023-09-22 08:00:32	8.2 kB	336 kB	216.58.207.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-23 05:46:29	low	Client IP	162.125.71.15	ET INFO DropBox User Content Domain (dl .dropboxusercontent .com in TLS SNI)
2023-09-23 05:46:29	low	Client IP	162.125.71.15	ET INFO DropBox User Content Domain (dl .dropboxusercontent .com in TLS SNI)
2023-09-23 05:46:29	low	162.125.71.15	Client IP	ET INFO DropBox User Content Download Access over SSL M2
2023-09-23 05:46:29	low	162.125.71.15	Client IP	ET INFO DropBox User Content Download Access over SSL M2

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed
2023-09-23	medium	bp.blogspot.com	Sinkholed
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed
2023-09-23	medium	fontpis.blogspot.com	Sinkholed
2023-09-23	medium	bp.blogspot.com	Sinkholed
2023-09-23	medium	fontpis.blogspot.com	Sinkholed
2023-09-23	medium	bp.blogspot.com	Sinkholed
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed
2023-09-23	medium	fontpis.blogspot.com	Sinkholed
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed
2023-09-23	medium	paulosergioduff.blogspot.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	From	Size	First Seen	Last Seen
	paulosergioduff.blogspot.com/js/cookienotice.js	ScriptElement	6.5 kB	2023-03-07	2025-07-02
Pretty URL paulosergioduff.blogspot.com/js/cookienotice.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-02 00:46 Times Seen46752 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=36657790	ScriptElement	0 B	0001-01-01	2025-07-02
Pretty URL www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=36657790 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-02 00:46 Times Seen5234083 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.blogger.com/static/v1/jsbin/255287220-lbx__pt_br.js	ScriptElement	384 kB	2023-09-22	2023-09-24
Pretty URL www.blogger.com/static/v1/jsbin/255287220-lbx__pt_br.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 06:25 Last Seen2023-09-24 23:49 Times Seen42 Hash 2fadb9d203781862847bbb813ccb5f70 c60b5f668ef6c9a9511f3e5241d8b377624f4fab 907f5e00c6d00a56596ab3bd53e15f97e010c60c9880178f8ff338ec9c73dfa0 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	2.4 kB	2023-03-09	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:57 Last Seen2024-08-21 05:59 Times Seen2 Hash 97ce04cd842394df2c8947b7f249d845 d6081c8a8e57aed3beb9c6cb2b2248722c3f81bc e0b401df447f676a344af063eff69bd945ea427f0423fbf8d20e4af7c0a19295 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	488 B	2023-03-07	2025-06-04
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:41 Last Seen2025-06-04 02:21 Times Seen65 Hash 57c80ead6c836d0e3e6a278332af9b60 ef229c786c42ea7e414fc29afa393e2403cc6da5 a514c2cc40fc0a21bd5e67665de443563c2ba46a97986288d27b15baf8ad7333 Loading...

	paulosergioduff.blogspot.com/feeds/posts/default/-/Artigos?alt=json-in-script&callback=relpostimgcuplik&max-results=50	ScriptElement	53 kB	2024-08-21	2024-08-21
Pretty URL paulosergioduff.blogspot.com/feeds/posts/default/-/Artigos?alt=json-in-script&callback=relpostimgcuplik&max-results=50 IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash c9974d36b4dd34db310388d757adba28 5f3b703525bf05319bb262dbb8dcb4c4f5e84b64 59fa8f6e91b1af209339c14baf37f09c2afe1a6748c1f3b3aa4d37835c0d396e Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-07-02
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-07-02 00:27 Times Seen61985 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	275 B	2023-03-07	2025-07-02
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-02 00:46 Times Seen40402 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	511 B	2024-08-21	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash e692907d6f39be6e095823bfbc18f77c 104c77de03a586c3030691d8815a8f1b4dd04f2a b7121ad00c4c7cf70e3f8f54fbd1c8dce60ce63717e7438f9cd356174a384cde Loading...

	apis.google.com/js/platform.js	ScriptElement	58 kB	2023-09-18	2023-10-18
Pretty URL apis.google.com/js/platform.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 19:41 Last Seen2023-10-18 19:25 Times Seen1831 Hash ce7e88034e2b1226294f3d7e515299c9 326b37908964a9f69460d42cb646716c9f1e86e1 08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe Loading...

	www.blogger.com/static/v1/widgets/562952797-widgets.js	ScriptElement	160 kB	2023-09-20	2025-01-31
Pretty URL www.blogger.com/static/v1/widgets/562952797-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 04:35 Last Seen2025-01-31 05:40 Times Seen1951 Hash 0804e4c7fd72aea2ce34a04d9ec9686c 9f46bef1076230a1271d151a506fd1d91ae7df93 5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	506 B	2023-03-08	2025-03-27
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 01:40 Last Seen2025-03-27 10:58 Times Seen20 Hash 5a1a532ca597717b6f93c8f43c8e7bfc afd3bce2eff7c74462d7c02b2700600c0dd9b240 28b58accab17d5b816fc09734f706633536549672856c3a34ba805bad7220c25 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	17 B	2023-03-07	2025-06-04
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:31 Last Seen2025-06-04 02:21 Times Seen144 Hash f52528a06e8cc656fc1f7475e6c9ffc0 28ace03f1ae8063f704785abd47caa54f8fb35a3 b7970e499adf1395b9b1f60f99de4c53575b8971a895f29022e86ecb131b006f Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	278 B	2023-03-07	2025-06-04
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:41 Last Seen2025-06-04 02:21 Times Seen90 Hash 7f75dab86698ea35dcb507d4fbfdbac1 736eea214894ce9870d7fa7966a8f6a304a1fef3 7d325dac9f0b38d7b16bc3f056db5bcd779d00b69f0d93187d21e4ac332ca6de Loading...

	pagead2.googlesyndication.com/pagead/js/google_top_exp.js	ScriptElement	47 B	2023-03-07	2025-07-01
Pretty URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-01 23:25 Times Seen16100 Hash 7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	6.5 kB	2023-03-07	2025-06-04
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:41 Last Seen2025-06-04 02:21 Times Seen48 Hash 017c6933f4a0cc49a65b15b9d1e95058 a72d3c72a0dfb46c6b08c39b1a010fc640219dc5 18ecf23c4a3afb22a800ce225e01aa86de5d25049010f97dc71e6da6d325597f Loading...

	www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js	ScriptElement	399 kB	2023-03-07	2025-06-30
Pretty URL www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-06-30 09:41 Times Seen332 Hash f7c41bb3b904cbcc49ba53232535e983 dc873d1f036da0b53b011a5046a23d258b5a5bd2 266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	232 B	2024-08-21	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash 321c5d23fe8d3c60989886c7c827208e bdce77c7faf8fdfa7d773e3bc6915c21845eb711 7c5b2ccf7cb35f8d8e4924e2816647030b32d9b3679718cddd0298409ae49221 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs	ScriptElement	137 kB	2023-09-18	2023-12-02
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 20:38 Last Seen2023-12-02 03:44 Times Seen1601 Hash 216b38745f3cce08ced4200dd91c83a4 3f6bd3ee5da23060e704e8116b5a0961e20a80bf a8183085f79cc939053929846561337bf0b9287aedece2d7eb154a87e572bab1 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	302 B	2023-03-07	2025-07-01
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-01 23:25 Times Seen17204 Hash 5a9442d8fb9a2077b3ebaf7aa6f763fb 1ad7b70635d1b80ddf645acb12b5f17e0ecf0c99 0665437bacd7ab06df7300ed254eac6729ed5e062da4cfb3895416289cfc647a Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-07-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-01 23:25 Times Seen7826 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	861 B	2024-08-21	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash b8fd66011970b13eae46596a13603cde dc8873058031b147e6a8e731b1f7b49597c6d1c2 fb82b1f93b990a867e9d1b30b3330eb3d9a3713341379f051a9263d4c2eff825 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	269 B	2023-03-07	2025-07-01
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-01 23:25 Times Seen16629 Hash 6e880fa46f41c3a142b32e22ca7c06a0 cb7725608bf21d4a5fab1e9050328ab9b024d285 95df5b72788a5634d46797321652a339cd37eeba06d33166541e76a0deb42b61 Loading...

	apis.google.com/js/platform:gapi.iframes.style.common.js	ScriptElement	58 kB	2023-09-18	2023-10-18
Pretty URL apis.google.com/js/platform:gapi.iframes.style.common.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 19:38 Last Seen2023-10-18 20:49 Times Seen1432 Hash 5ea6889749e35d1997d3d7b45b526cbe b2be66a88cda67c0d38638906a19d3502db702f2 f8f1efe1d0d52a96dff5f0e285975b33bc89f9093c51e50024fa4c1d3810041f Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	1.7 kB	2024-08-21	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash 701871f9c6aaacb8bf14101c49b39f3c a994f676259118574ef20d453fb1b05db48c8315 9e4a3d7767d132e2ed724f64064f0c6098c62377d816fb253d9b8d0cc521f7da Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	268 B	2023-03-09	2025-06-04
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:57 Last Seen2025-06-04 02:21 Times Seen24 Hash 9002ee3a146fa7e6eb7ddd7bcf9ad139 442ab17eda0d8e3624d1bebc4603fd4c505664c6 863faf14d5dfbb8fc26cc4770904d5b2c4684b2ceede136ddf0f2fe966cfcda6 Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	2.1 kB	2023-03-09	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:57 Last Seen2024-08-21 05:59 Times Seen2 Hash e3e4c2bf63c5468dfdbc744c2395e0c5 ba21864b982d4653da07fd2e2ab3f0441dfe9659 65860381d1bd44a5caceac6c84704cc8cdcf428361ce44b16f9b891201a5ca0a Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	1.5 kB	2023-03-09	2025-06-04
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 05:57 Last Seen2025-06-04 02:21 Times Seen19 Hash c6f6919bb0e5e6fda9c8d87301405f38 e03e8ee23186ca02cc14cc2f9d21429cc3c2411e 01994f2dde32fa2fbfe94f6efd27fd0bba484c872fb28f1259e342ba4e193f01 Loading...

	unknown	EventHandler	27 B	2023-04-10	2025-07-02
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:53 Last Seen2025-07-02 00:46 Times Seen26665 Hash 7688ca9eb3ca1c878821b1e3fe2c23d7 2c41fd7e9f8312d6fed18b21e1a0589413e35553 793bae9539499e6e02187febbd2e20fd17dd40260033f5175dbfc2f294440d9a Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	789 B	2023-03-07	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2024-08-21 09:44 Times Seen17283 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	connect.facebook.net/pt_BR/sdk.js	ScriptElement	17 kB	2023-05-05	2025-07-02
Pretty URL connect.facebook.net/pt_BR/sdk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-07-02 00:26 Times Seen61195 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	pagead2.googlesyndication.com/pagead/show_ads.js	ScriptElement	19 kB	2023-09-21	2023-09-25
Pretty URL pagead2.googlesyndication.com/pagead/show_ads.js IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 11:35 Last Seen2023-09-25 06:29 Times Seen18 Hash 4c538f492b688b6325a775fa4be3f0b9 373691462472f5ec2872b9bc5e886af12410f672 b62c84cb165f09f88291d0fa37bba8233cc616ae6bf750eb8127b9a02c44ae6a Loading...

	paulosergioduff.blogspot.com/2015/07/sou-economista.html	ScriptElement	6.7 kB	2024-08-21	2024-08-21
Pretty URL paulosergioduff.blogspot.com/2015/07/sou-economista.html IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash 736993084acbfffaf367df7ba3df9d04 6f6dcd741ae04015f12eab38965275b08492ef52 2d64778db615f37e8eee9f6680ea145c6051600a5e5cf5a75a6ea88657677eac Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs	ScriptElement	184 kB	2023-09-18	2023-10-18
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 20:38 Last Seen2023-10-18 19:25 Times Seen1385 Hash 76cf20f34e61bb4ebd83ecf652268483 ff6c80fb175d247f11cceb99b7eb113f043c703b 34ed5573773da6701a325bf1c4ee50adbacab764a71e26efe12843e38bd7d438 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3ef1753db28aaa7352834aafbcd5bf8c	2.5 kB	2023-03-09 05:57	2024-08-21 05:59
Pretty Observations First Seen2023-03-09 05:57 Last Seen2024-08-21 05:59 Times Seen2 Hash 3ef1753db28aaa7352834aafbcd5bf8c cf2ecfc16f4d1836b15c880817b9dcbf0777551a 49c374f4d3606d883e884fca9395211d332edf02698b9130eac3ffbe1d063c15 Loading...

	#2 Eval - 04d63e8e4992e4c0182508d0e1d23b38	198 B	2023-03-08 01:40	2025-03-27 10:58
Pretty Observations First Seen2023-03-08 01:40 Last Seen2025-03-27 10:58 Times Seen19 Hash 04d63e8e4992e4c0182508d0e1d23b38 534c0fad2ca5c37356ec2f7131f1d8ca84f6988f b9eea6fc49229ee020cda88f2c3bdf47b2fe16cbbfea811c2da0487894873f92 Loading...

	#3 Eval - a0493c54c137211c82036160c19a9ac4	5.4 kB	2023-03-07 01:41	2025-06-24 17:33
Pretty Observations First Seen2023-03-07 01:41 Last Seen2025-06-24 17:33 Times Seen98 Hash a0493c54c137211c82036160c19a9ac4 7595ff74196071218e65204960d2fdb30a97fa78 970c29734aec09553940a2c1b89982ca395d40e55e9a14e8bbad808c2475785d Loading...

		Size	First Seen	Last Seen
	#1 Write - fd6aac2f8f329559547097c857a1fa65	661 B	2024-08-21 05:59	2024-08-21 05:59
Pretty Observations First Seen2024-08-21 05:59 Last Seen2024-08-21 05:59 Times Seen1 Hash fd6aac2f8f329559547097c857a1fa65 524b0ea97ad84740ddc113cc28478e99a1e01877 19d44312f786f30c0da16ba28417b1188e2f0868dc5268cab39d441e9c484fcb Loading...

	#2 Write - 3edc0d2763802bd7634576cf780630fd	24 B	2023-03-07 01:02	2025-07-01 15:55
Pretty Observations First Seen2023-03-07 01:02 Last Seen2025-07-01 15:55 Times Seen3352 Hash 3edc0d2763802bd7634576cf780630fd 598d900dcdecd9064535e606bf7a0708d4bf0ec2 a3ba8250ebf2c8e28e99b0cbcb48488777fa3f512e83a7a56930803eb5d35e05 Loading...

HTTP Transactions (84)

URL IP Response Size

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d01fcdf9d07d46c2f636f5d4761b4216
b0b5d955d4da1ad20192a71164d982626c4e723a
77273f261fedd69a83c6bd35f063e592e1aba013c76665a376d2e82a4793e052

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET paulosergioduff.blogspot.com.br/2015/07/sou-economista.html

216.58.207.193

302 Found

204 B

URL User Request GET HTTP/2
paulosergioduff.blogspot.com.br/2015/07/sou-economista.html
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
204 B (204 bytes)
Hash
624955fe8ac5d8e555de1d5dec6e6040
28293a35fcfe2b58c4b1d9dcfa764623031b4623
139fdf18c1f642e121c71081ab0ace78872ef622dbded3c152175137563d3950

HTTP Headers

GET /2015/07/sou-economista.html HTTP/1.1
Host: paulosergioduff.blogspot.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:28 GMT
expires: Sat, 23 Sep 2023 05:46:28 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 204
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d01fcdf9d07d46c2f636f5d4761b4216
b0b5d955d4da1ad20192a71164d982626c4e723a
77273f261fedd69a83c6bd35f063e592e1aba013c76665a376d2e82a4793e052

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d01fcdf9d07d46c2f636f5d4761b4216
b0b5d955d4da1ad20192a71164d982626c4e723a
77273f261fedd69a83c6bd35f063e592e1aba013c76665a376d2e82a4793e052

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET paulosergioduff.blogspot.com/2015/07/sou-economista.html

216.58.207.193

200 OK

32 kB

URL User Request GET HTTP/2
paulosergioduff.blogspot.com/2015/07/sou-economista.html
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2279)
Size
32 kB (32229 bytes)
Hash
c37741a93d81723e8216c71c124bd25e
24a26f0092abf67204040ce8871a5a77778c8f82
645a45bb5397a2c7e3a5bb171bf3c49bfb550a35658de55e87df9b57177e1733

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2015/07/sou-economista.html HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:28 GMT
date: Sat, 23 Sep 2023 05:46:28 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Dec 2021 01:57:38 GMT
etag: W/"586939b4279d89bbff2899e3293169e114003ffd0943253ac7c0c142a60826ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 32229
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET paulosergioduff.blogspot.com/js/cookienotice.js

216.58.207.193

200 OK

2.0 kB

URL GET HTTP/3
paulosergioduff.blogspot.com/js/cookienotice.js
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 23 Sep 2023 05:46:29 GMT
expires: Sat, 30 Sep 2023 05:46:29 GMT
cache-control: public, max-age=604800
last-modified: Fri, 22 Sep 2023 20:56:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

216.58.207.233

200 OK

7.8 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 20:27:35 GMT
expires: Tue, 17 Sep 2024 20:27:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 14:53:49 GMT
content-type: text/css
vary: Accept-Encoding
age: 379134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET img2.blogblog.com/img/icon18_edit_allbkg.gif

216.58.207.233

200 OK

162 B

URL GET HTTP/2
img2.blogblog.com/img/icon18_edit_allbkg.gif
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
GIF image data, version 89a, 18 x 18\012- data
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: img2.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 08:33:12 GMT
expires: Mon, 25 Sep 2023 08:33:12 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 04:53:16 GMT
content-type: image/gif
age: 421997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8fe5097b12ddbaa7731f5c6d445db349
b1d9718a7e3ead4ad6c08b3c888129ddf9ba52af
3133a3d91f11eeb170b6a3149b7cceb04228b72a222187bcc374f1fbbdbf4bd3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js

216.58.207.233

200 OK

122 kB

URL GET HTTP/2
www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document, ASCII text, with very long lines (2028)
Size
122 kB (122175 bytes)
Hash
f7c41bb3b904cbcc49ba53232535e983
dc873d1f036da0b53b011a5046a23d258b5a5bd2
266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a

HTTP Headers

GET /dynamicviews/4224c15c4e7c9321/js/comments.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 122175
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:27:56 GMT
expires: Thu, 28 Sep 2023 15:27:56 GMT
cache-control: public, max-age=604800
age: 137913
last-modified: Mon, 14 May 2012 20:21:35 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogger.com/static/v1/widgets/562952797-widgets.js

216.58.207.233

200 OK

160 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/562952797-widgets.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (2215)
Size
160 kB (160393 bytes)
Hash
0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c

HTTP Headers

GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 271479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogger.com/static/v1/widgets/1535467126-widget_css_2_bundle.css

216.58.207.233

200 OK

7.5 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/1535467126-widget_css_2_bundle.css
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (35063), with no line terminators
Size
7.5 kB (7452 bytes)
Hash
ab6a6d5b5c66d4ee0203f97d9bd453c5
018fa22a975db5039d5a1f112d9e021b6e6dcb8f
2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791

HTTP Headers

GET /static/v1/widgets/1535467126-widget_css_2_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 09:28:37 GMT
expires: Tue, 17 Sep 2024 09:28:37 GMT
cache-control: public, max-age=31536000
age: 418672
last-modified: Tue, 25 Nov 2014 14:03:24 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.10

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 16 Sep 2023 21:29:01 GMT
expires: Sun, 15 Sep 2024 21:29:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 548248
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
acd4654c810f5853fa0195aae9cc7942
64c6efd0274073e8c26f8c14cb243f6d2bc0658d
408d5b35481363f0bd9d08b9e626574beaaadb7a4f61ba43e936a94bbeb01bf5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aeafca61929af48f5ce5cc58fdaaed3c
f9c7530a7c334f9199f83a568fea5392ad41c8b9
a9b7cb4305b51e6964e793e0d5fb329c39c5cb8a1f7dafcc25b0074687abe954

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sites.google.com/site/posttitele/blogger/bloer.js

142.250.74.78

302 Found

226 B

URL GET HTTP/2
sites.google.com/site/posttitele/blogger/bloer.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
226 B (226 bytes)
Hash
7ee9b11959593b4493f40f7137b29ef8
f7f607cbc8f2c7de21c7ac2bf3728badfb818df6
a8d30bf8d66975e93f5e86341c728b2c23735daf46c0709ebc7d67eb3ee1e082

HTTP Headers

GET /site/posttitele/blogger/bloer.js HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:29 GMT
expires: Sat, 23 Sep 2023 05:46:29 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 226
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET apis.google.com/js/platform.js

172.217.21.174

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/platform.js
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintB1:CC:B9:00:18:09:CE:C0:F7:B1:3F:29:95:6B:4A:93:CC:9A:19:0A
ValidityMon, 04 Sep 2023 08:23:36 GMT - Mon, 27 Nov 2023 08:23:35 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21949 bytes)
Hash
ce7e88034e2b1226294f3d7e515299c9
326b37908964a9f69460d42cb646716c9f1e86e1
08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21949
date: Sat, 23 Sep 2023 05:46:29 GMT
expires: Sat, 23 Sep 2023 05:46:29 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "22f179323a7dd95a"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET pagead2.googlesyndication.com/pagead/show_ads.js

142.250.74.98

200 OK

7.9 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/show_ads.js
IP
142.250.74.98:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT

File type
ASCII text, with very long lines (3722)
Size
7.9 kB (7888 bytes)
Hash
4c538f492b688b6325a775fa4be3f0b9
373691462472f5ec2872b9bc5e886af12410f672
b62c84cb165f09f88291d0fa37bba8233cc616ae6bf750eb8127b9a02c44ae6a

HTTP Headers

GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 05:46:29 GMT
expires: Sat, 23 Sep 2023 05:46:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2775226112108924357
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET 2.bp.blogspot.com/-xbq30XGCLk4/VbpK5OMwupI/AAAAAAAAACU/9EvdLynnOnY/s320/razones-para-ser-economista.jpg

142.250.74.161

200 OK

16 kB

URL GET HTTP/2
2.bp.blogspot.com/-xbq30XGCLk4/VbpK5OMwupI/AAAAAAAAACU/9EvdLynnOnY/s320/razones-para-ser-economista.jpg
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x213, components 3\012- data
Size
16 kB (15858 bytes)
Hash
24b7d754d2e11b42f2ff6d81ff366942
e2198afe94b5b42d19fc324860a6fad8f8e00e48
d28bf25a2265809178f53279837113d7b01695c5902c599894e9b4e001b6c3cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /-xbq30XGCLk4/VbpK5OMwupI/AAAAAAAAACU/9EvdLynnOnY/s320/razones-para-ser-economista.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v26"
expires: Sun, 24 Sep 2023 05:46:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="razones-para-ser-economista.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 05:46:30 GMT
server: fife
content-length: 15858
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8fe5097b12ddbaa7731f5c6d445db349
b1d9718a7e3ead4ad6c08b3c888129ddf9ba52af
3133a3d91f11eeb170b6a3149b7cceb04228b72a222187bcc374f1fbbdbf4bd3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sites.google.com/site/jqueryfontsisee/jquery/blogger.js

142.250.74.78

302 Found

231 B

URL GET HTTP/2
sites.google.com/site/jqueryfontsisee/jquery/blogger.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
231 B (231 bytes)
Hash
7167f04e3eb58d2e2cb4e9c5ba2367eb
02b694b158bc3db702d39e7d5f8defd2aa041433
7654e491fa4f22f2fbb63942eb80b94186dda081b87346c3ebf9a8d5162e3811

HTTP Headers

GET /site/jqueryfontsisee/jquery/blogger.js HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fjqueryfontsisee%2Fjquery%2Fblogger.js
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:29 GMT
expires: Sat, 23 Sep 2023 05:46:29 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 231
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aeafca61929af48f5ce5cc58fdaaed3c
f9c7530a7c334f9199f83a568fea5392ad41c8b9
a9b7cb4305b51e6964e793e0d5fb329c39c5cb8a1f7dafcc25b0074687abe954

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js

142.250.74.78

302 Found

290 B

URL GET HTTP/3
sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (351)
Size
290 B (290 bytes)
Hash
71bb74b35f31f7f2a75aef28c3b0f5c5
b2bda57c571e81b2cd8fdccfd778df0233570fb6
c6c78835864bf1bc82b4d2039e1c8299221876443236ba1e50d88d7df7096fda

HTTP Headers

GET /site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
last-modified: Wed, 13 Sep 2023 21:53:00 GMT
etag: "1694641980000|#public|0|en|||0|486650890|565163309"
location: https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:30 GMT
expires: Sat, 23 Sep 2023 05:46:30 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 290
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fjqueryfontsisee%2Fjquery%2Fblogger.js

142.250.74.78

302 Found

294 B

URL GET HTTP/3
sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fjqueryfontsisee%2Fjquery%2Fblogger.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (363)
Size
294 B (294 bytes)
Hash
7930ffb2c65d00e78adbf0eb9169fc72
c9041573d6ae45145d4a556ad9164566fc9ace95
0ed0948ccb114766c6da4f63d0a5b5b5af9082a94ae54f2a6e9d26331ddec428

HTTP Headers

GET /site/sites/system/errors/WebspaceNotFound?path=%2Fjqueryfontsisee%2Fjquery%2Fblogger.js HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
last-modified: Wed, 13 Sep 2023 21:53:00 GMT
etag: "1694641980000|#public|0|en|||0|486650890|565163309"
location: https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:30 GMT
expires: Sat, 23 Sep 2023 05:46:30 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 294
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a1df14e0c62a34d1aeeb45ab94638130
d3bdfb2c75f9fdc495b9662ae128e4992accc8d6
e95646a781b21b7bebac7070f1b6e5d511fb2fa24d0b24e382ecc97736e3d92a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET paulosergioduff.blogspot.com/feeds/posts/default/-/Artigos?alt=json-in-script&callback=relpostimgcuplik&max-results=50

216.58.207.193

200 OK

7.4 kB

URL GET HTTP/3
paulosergioduff.blogspot.com/feeds/posts/default/-/Artigos?alt=json-in-script&callback=relpostimgcuplik&max-results=50
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
Unicode text, UTF-8 text, with very long lines (53175)
Size
7.4 kB (7419 bytes)
Hash
e670f2c0fdc2d73a06a80f959d60fbba
1cb235bdbcb1e9e12b32cf16abc026ae32a28395
20bbe520332b3a931bd3fad60cd105ffcea69da9ad014b58177605a1d239eedd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feeds/posts/default/-/Artigos?alt=json-in-script&callback=relpostimgcuplik&max-results=50 HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"7ce5a80bb3caff958ec1ca73dce71be5e51e92d92e5c24188e2eab6f754fc7e6"
date: Sat, 23 Sep 2023 05:46:30 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 23 Sep 2023 05:46:31 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 01:57:38 GMT
content-encoding: gzip
content-length: 7419
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js

142.250.74.109

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:MyfgvxclaD1FMBdho0FHI7fxSmjUIw:q0x34_SRsUnLre7a; Expires=Mon, 22-Sep-2025 05:46:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhd3vGdpbf4p5iwu8PR07hiLBYlBa4KrzwivKLPZmPs09nw3AP0U30R78-7EXMdecWNhIc_BmQ
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-LEIViDv5EGC7f6v-GFDPlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js

142.250.74.109

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:qvGws1nl9RdJnOPSYD1tZrLLlnPwbA:n1yDYdQLBKslKhPM; Expires=Mon, 22-Sep-2025 05:46:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&passive=1209600&service=jotspot&ifkv=AYZoVhdgONGPR4flH4FuHPTvFdMn7XZoPIyWOS8Hn5zReAsYRKEgmQX-hVf0IGtdfo4FaKJyw4aLGw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-wl1KbYJZNCeTwluFrJ1thA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhd3vGdpbf4p5iwu8PR07hiLBYlBa4KrzwivKLPZmPs09nw3AP0U30R78-7EXMdecWNhIc_BmQ

142.250.74.109

302 Found

452 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhd3vGdpbf4p5iwu8PR07hiLBYlBa4KrzwivKLPZmPs09nw3AP0U30R78-7EXMdecWNhIc_BmQ
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
452 B (452 bytes)
Hash
28b9821d86b0bf0a1a1ce86456487ed5
3991483269f4cb6c413ecac034fe7cd1ca0aac5e
f9a35d9e7df19f3ce8392f029af22ca687aede104b0f526ff593f2499b57a9a0

HTTP Headers

GET /InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhd3vGdpbf4p5iwu8PR07hiLBYlBa4KrzwivKLPZmPs09nw3AP0U30R78-7EXMdecWNhIc_BmQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2-mcB-Br14mp5tKktJac_GJvlbyaHA:VoQ5MJrUHNZnV_Ao;Path=/;Expires=Mon, 22-Sep-2025 05:46:30 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhedL31iNSRNGdP_MwMvgg9qRQDEFHWzEwWBDCdbcJERSDvnScdbS4Ue9ZcIo9zkMaK-RCINBg&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S856359459%3A1695447990409982&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-ZAFwJB8uXSK071KSJ9gCSA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 452
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogpager.com/dataolder.js

45.152.44.151

302 Found

683 B

URL GET HTTP/2
blogpager.com/dataolder.js
IP
45.152.44.151:443
ASN
#0

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerLet's Encrypt
Subjectblogpager.com
Fingerprint95:49:1D:F4:DC:6A:1F:DA:9D:CC:23:ED:94:C4:B2:A9:97:B6:9C:06
ValidityThu, 31 Aug 2023 18:32:13 GMT - Wed, 29 Nov 2023 18:32:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
683 B (683 bytes)
Hash
6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77

HTTP Headers

GET /dataolder.js HTTP/1.1
Host: blogpager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Sat, 23 Sep 2023 05:46:30 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://fontpis.blogspot.com/
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&passive=1209600&service=jotspot&ifkv=AYZoVhdgONGPR4flH4FuHPTvFdMn7XZoPIyWOS8Hn5zReAsYRKEgmQX-hVf0IGtdfo4FaKJyw4aLGw

142.250.74.109

302 Found

456 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&passive=1209600&service=jotspot&ifkv=AYZoVhdgONGPR4flH4FuHPTvFdMn7XZoPIyWOS8Hn5zReAsYRKEgmQX-hVf0IGtdfo4FaKJyw4aLGw
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (616)
Size
456 B (456 bytes)
Hash
ce61efd298be22ff17475a09b1dc91c7
acc4e87a2f6657ac3961c06355d3dcd9c4704abe
5bed02d59d896574ce42f29db1f1557d275f1f5583f8a45a75c5587ab4d18cd4

HTTP Headers

GET /InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/jqueryfontsisee/jquery/blogger.js&passive=1209600&service=jotspot&ifkv=AYZoVhdgONGPR4flH4FuHPTvFdMn7XZoPIyWOS8Hn5zReAsYRKEgmQX-hVf0IGtdfo4FaKJyw4aLGw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:ikgs9pRLVdr8fv1wNCMqKtgYqVCb_A:b7X723SqcZQlMu4U;Path=/;Expires=Mon, 22-Sep-2025 05:46:30 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&ifkv=AYZoVhfZZ2_Uu1xFPrEfFhF08zFCO490Nj51rj3M2jwXiVTxyus5mEZhNtOvJV_5wr4TybN5pSLnuA&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627281083%3A1695447990500048&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-C-J1Tomlbgjdu2sNa8Jqdg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 456
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fontpis.blogspot.com/

216.58.207.193

200 OK

1.8 kB

URL GET HTTP/3
fontpis.blogspot.com/
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (497)
Size
1.8 kB (1771 bytes)
Hash
58d323d2ef5f0fb3a2eb62f87c5c9a10
53f9457011371d71ae3dafd2798c276a30ad3d8b
88dc94be77dbe5db67b6f7ce24d3c5a52d3e56cd9f47a6f9015e38293b369ffd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fontpis.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:30 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
cache-control: private, max-age=0
last-modified: Mon, 18 Sep 2023 10:28:22 GMT
etag: W/"3e8709c0424754d31335f0b674772e72b63f9c9f6c31a233a2c38115fed1bb02"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1771
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&ifkv=AYZoVhfZZ2_Uu1xFPrEfFhF08zFCO490Nj51rj3M2jwXiVTxyus5mEZhNtOvJV_5wr4TybN5pSLnuA&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627281083%3A1695447990500048&theme=glif

142.250.74.109

403 Forbidden

1.0 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&ifkv=AYZoVhfZZ2_Uu1xFPrEfFhF08zFCO490Nj51rj3M2jwXiVTxyus5mEZhNtOvJV_5wr4TybN5pSLnuA&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627281083%3A1695447990500048&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1650)
Size
1.0 kB (1031 bytes)
Hash
63aafd86b7b2c6c8eead49c86e5f59e2
8e4fb3608b03ca0d4b33740169547ea9213267e8
dc5b901f06bbef8d2ddcbe5ed368cdcf2fc01919d205fe0b5907f3774bd0faa5

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fjqueryfontsisee%2Fjquery%2Fblogger.js&ifkv=AYZoVhfZZ2_Uu1xFPrEfFhF08zFCO490Nj51rj3M2jwXiVTxyus5mEZhNtOvJV_5wr4TybN5pSLnuA&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627281083%3A1695447990500048&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-wBoezlow9nsaV2wY6uq6yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js

142.250.74.78

302 Found

290 B

URL GET HTTP/3
sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (351)
Size
290 B (290 bytes)
Hash
71bb74b35f31f7f2a75aef28c3b0f5c5
b2bda57c571e81b2cd8fdccfd778df0233570fb6
c6c78835864bf1bc82b4d2039e1c8299221876443236ba1e50d88d7df7096fda

HTTP Headers

GET /site/sites/system/errors/WebspaceNotFound?path=%2Fposttitele%2Fblogger%2Fbloer.js HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
last-modified: Wed, 13 Sep 2023 21:53:00 GMT
etag: "1694641980000|#public|0|en|||0|486650890|565163309"
location: https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:31 GMT
expires: Sat, 23 Sep 2023 05:46:31 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 290
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhedL31iNSRNGdP_MwMvgg9qRQDEFHWzEwWBDCdbcJERSDvnScdbS4Ue9ZcIo9zkMaK-RCINBg&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S856359459%3A1695447990409982&theme=glif

142.250.74.109

403 Forbidden

809 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhedL31iNSRNGdP_MwMvgg9qRQDEFHWzEwWBDCdbcJERSDvnScdbS4Ue9ZcIo9zkMaK-RCINBg&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S856359459%3A1695447990409982&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Size
809 B (809 bytes)
Hash
caabe5d02ed24b1332050fcf80b22175
e8cb6f8c847ce810520fee3a81a9de3f0edfcb46
2acb0084c7042e70a905b2f02ab0c33f1c20f5ed91c2f9c25b11846b056166d4

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhedL31iNSRNGdP_MwMvgg9qRQDEFHWzEwWBDCdbcJERSDvnScdbS4Ue9ZcIo9zkMaK-RCINBg&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S856359459%3A1695447990409982&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:30 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-tXesdtNCMfnPr5y-iBAgpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhcsXr1I1i9qa1CnyQbZaTYkKF3y2H77ly3lEz2pNi1aNvklnsmrDQFCrFviyVjyhit4pnmH

142.250.74.109

302 Found

451 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhcsXr1I1i9qa1CnyQbZaTYkKF3y2H77ly3lEz2pNi1aNvklnsmrDQFCrFviyVjyhit4pnmH
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
451 B (451 bytes)
Hash
b8eea665e5c79cac7386852de8c4ff2a
fbe206b8344012a0ae3b01943f741a7d82333b8e
bd8320bd427eea682f5a6394f48591b99dcd96094cb8b8357d3c7e9fb5f8d962

HTTP Headers

GET /InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/posttitele/blogger/bloer.js&passive=1209600&service=jotspot&ifkv=AYZoVhcsXr1I1i9qa1CnyQbZaTYkKF3y2H77ly3lEz2pNi1aNvklnsmrDQFCrFviyVjyhit4pnmH HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:fpFPA_S2d1gnMuEudtVuDwGDZ09CFw:Q7aG211_Cmnupf5Z;Path=/;Expires=Mon, 22-Sep-2025 05:46:31 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:31 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhcmy0mGqO_yBTDtvBt55DG2DjxnllGcLrmlRAFI3JTJEUXUptpHSCxAKDGAr2EyGSisQy2CBQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S906746023%3A1695447991282343&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-3RsaqBf_Tq_NCjdCX9-P5Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 451
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhcmy0mGqO_yBTDtvBt55DG2DjxnllGcLrmlRAFI3JTJEUXUptpHSCxAKDGAr2EyGSisQy2CBQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S906746023%3A1695447991282343&theme=glif

142.250.74.109

403 Forbidden

1.4 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhcmy0mGqO_yBTDtvBt55DG2DjxnllGcLrmlRAFI3JTJEUXUptpHSCxAKDGAr2EyGSisQy2CBQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S906746023%3A1695447991282343&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1659)
Size
1.4 kB (1399 bytes)
Hash
14803be4692544be8a9eabcf9d48ae1e
c5745691a4c2992dfef7516bc68926dbab4e0717
546d7603901f712c78806767dd901bfec0f889638729bac23ee766d52dc95333

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fposttitele%2Fblogger%2Fbloer.js&ifkv=AYZoVhcmy0mGqO_yBTDtvBt55DG2DjxnllGcLrmlRAFI3JTJEUXUptpHSCxAKDGAr2EyGSisQy2CBQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S906746023%3A1695447991282343&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-xG1F0l3TyMprg41ef9QFLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

104.18.10.207

200 OK

57 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size
57 kB (56780 bytes)
Hash
97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

HTTP Headers

GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paulosergioduff.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 23 Sep 2023 05:46:32 GMT
content-type: font/woff2
content-length: 56780
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 09/15/2023 23:19:11
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8fe6a90ff7283e4f04c437d8ed568802
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80b07ce0ee3db529-OSL
alt-svc: h3=":443"; ma=86400

GET blogpager.com/dataolder.js

45.152.44.151

302 Found

683 B

URL GET HTTP/2
blogpager.com/dataolder.js
IP
45.152.44.151:443
ASN
#0

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerLet's Encrypt
Subjectblogpager.com
Fingerprint95:49:1D:F4:DC:6A:1F:DA:9D:CC:23:ED:94:C4:B2:A9:97:B6:9C:06
ValidityThu, 31 Aug 2023 18:32:13 GMT - Wed, 29 Nov 2023 18:32:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
683 B (683 bytes)
Hash
6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77

HTTP Headers

GET /dataolder.js HTTP/1.1
Host: blogpager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html
content-length: 683
date: Sat, 23 Sep 2023 05:46:32 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://fontpis.blogspot.com/
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET 1.bp.blogspot.com/-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/s1600/grey.GIF

142.250.74.161

404 Not Found

832 B

URL GET HTTP/3
1.bp.blogspot.com/-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/s1600/grey.GIF
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
832 B (832 bytes)
Hash
596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/s1600/grey.GIF HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 05:46:32 GMT
server: fife
content-length: 832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fontpis.blogspot.com/

216.58.207.193

200 OK

1.8 kB

URL GET HTTP/3
fontpis.blogspot.com/
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (497)
Size
1.8 kB (1771 bytes)
Hash
58d323d2ef5f0fb3a2eb62f87c5c9a10
53f9457011371d71ae3dafd2798c276a30ad3d8b
88dc94be77dbe5db67b6f7ce24d3c5a52d3e56cd9f47a6f9015e38293b369ffd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fontpis.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:32 GMT
date: Sat, 23 Sep 2023 05:46:32 GMT
cache-control: private, max-age=0
last-modified: Mon, 18 Sep 2023 10:28:22 GMT
etag: W/"3e8709c0424754d31335f0b674772e72b63f9c9f6c31a233a2c38115fed1bb02"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1771
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET pagead2.googlesyndication.com/pagead/js/google_top_exp.js

142.250.74.98

200 OK

42 B

URL GET HTTP/3
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
142.250.74.98:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT

File type
ASCII text
Size
42 B (42 bytes)
Hash
7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Fri, 22 Sep 2023 14:42:48 GMT
expires: Fri, 06 Oct 2023 14:42:48 GMT
cache-control: public, max-age=1209600
age: 54224
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

172.217.21.174

200 OK

61 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (1503)
Size
61 kB (60820 bytes)
Hash
76cf20f34e61bb4ebd83ecf652268483
ff6c80fb175d247f11cceb99b7eb113f043c703b
34ed5573773da6701a325bf1c4ee50adbacab764a71e26efe12843e38bd7d438

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 17:31:08 GMT
expires: Tue, 17 Sep 2024 17:31:08 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 389724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET apis.google.com/js/platform.js

172.217.21.174

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/platform.js
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintB1:CC:B9:00:18:09:CE:C0:F7:B1:3F:29:95:6B:4A:93:CC:9A:19:0A
ValidityMon, 04 Sep 2023 08:23:36 GMT - Mon, 27 Nov 2023 08:23:35 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21949 bytes)
Hash
ce7e88034e2b1226294f3d7e515299c9
326b37908964a9f69460d42cb646716c9f1e86e1
08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21949
date: Sat, 23 Sep 2023 05:46:32 GMT
expires: Sat, 23 Sep 2023 05:46:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "22f179323a7dd95a"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/img/logo-16.png

216.58.207.233

200 OK

279 B

URL GET HTTP/3
www.blogger.com/img/logo-16.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
279 B (279 bytes)
Hash
5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:45:49 GMT
expires: Wed, 27 Sep 2023 02:45:49 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 16:55:46 GMT
content-type: image/png
age: 270043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET dl.dropboxusercontent.com/u/58334579/adll/comemmt.js

162.125.71.15

404 Not Found

3.2 kB

URL GET HTTP/2
dl.dropboxusercontent.com/u/58334579/adll/comemmt.js
IP
162.125.71.15:443
ASN
#19679 DROPBOX

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerDigiCert Inc
Subjectdl.dropbox.com
FingerprintF7:BA:5F:D1:73:A5:04:E6:AC:52:C4:92:6F:20:23:8D:FD:B3:3F:D0
ValidityTue, 14 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Size
3.2 kB (3221 bytes)
Hash
b0809af2309c0808b1fe0df169226ae0
2578ab107d08406f11afc1b2002c774a0bb9818a
359c1f5ee2bc534167d1a1f018503ce4b4068b92daeec20d8f37eb79c10b326f

HTTP Headers

GET /u/58334579/adll/comemmt.js HTTP/1.1
Host: dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Sat, 23 Sep 2023 05:46:30 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: da6e0e1e56c1401781f9d33cf2451be2
X-Firefox-Spdy: h2

www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__

216.58.207.233

536 B

URL
www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
IP
216.58.207.233:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1092)
Size
536 B (536 bytes)
Hash
9d1d923b194430adefef59d62a502a8c
a591a4b5f626d11c7eae21a8a5a6a409b168d0e8
77ca5d5dcec9be20521c5d2b19a0f23ad4dae25b46c4698c2149c56293b5a78b

HTTP Headers

GET /followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:33 GMT
expires: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 536
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true

142.250.74.109

0 B

URL
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true
IP
142.250.74.109:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:-Im1jVM_VgM_e482qgNlLuwGAWjeMQ:gY8qIw4wIGjgp4zA; Expires=Mon, 22-Sep-2025 05:46:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
location: https://www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-G3wh2k4OYNlvgy2kB-DNng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET 1.bp.blogspot.com/-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/w150-h120-c/grey.GIF

142.250.74.161

404 Not Found

963 B

URL GET HTTP/3
1.bp.blogspot.com/-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/w150-h120-c/grey.GIF
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Size
963 B (963 bytes)
Hash
612f5002872e4de5ec6a95e545f612ad
6999c2f2d6fa2e939abb68e8018938ab66fb0e6d
061db341ce0eb13c59734ae45cccdea2a7f1528c07f156733be4f3f4c11401f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /-htG7vy9vIAA/Tp0KrMUdoWI/AAAAAAAABAU/e7XkFtErqsU/w150-h120-c/grey.GIF HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 05:46:33 GMT
server: fife
content-length: 963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET apis.google.com/js/platform:gapi.iframes.style.common.js

172.217.21.174

200 OK

22 kB

URL GET HTTP/3
apis.google.com/js/platform:gapi.iframes.style.common.js
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=36657790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21959 bytes)
Hash
5ea6889749e35d1997d3d7b45b526cbe
b2be66a88cda67c0d38638906a19d3502db702f2
f8f1efe1d0d52a96dff5f0e285975b33bc89f9093c51e50024fa4c1d3810041f

HTTP Headers

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21959
date: Sat, 23 Sep 2023 05:46:33 GMT
expires: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "fb306044a1b24cfb"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET resources.blogblog.com/img/navbar/icons_peach.png

216.58.207.233

200 OK

907 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/icons_peach.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=36657790
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Size
907 B (907 bytes)
Hash
3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

HTTP Headers

GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:28:08 GMT
expires: Fri, 29 Sep 2023 02:28:08 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 07:52:40 GMT
content-type: image/png
age: 98305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET resources.blogblog.com/img/navbar/arrows-light.png

216.58.207.233

200 OK

117 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/arrows-light.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=36657790
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Size
117 B (117 bytes)
Hash
25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

HTTP Headers

GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 02:56:18 GMT
expires: Tue, 26 Sep 2023 02:56:18 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 01:56:24 GMT
content-type: image/png
age: 355815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

172.217.21.174

200 OK

45 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=36657790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (1503)
Size
45 kB (45424 bytes)
Hash
216b38745f3cce08ced4200dd91c83a4
3f6bd3ee5da23060e704e8116b5a0961e20a80bf
a8183085f79cc939053929846561337bf0b9287aedece2d7eb154a87e572bab1

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 17:31:09 GMT
expires: Tue, 17 Sep 2024 17:31:09 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 389724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET bloggercomment.com/allowComments.js

45.152.44.151

302 Found

683 B

URL GET HTTP/2
bloggercomment.com/allowComments.js
IP
45.152.44.151:443
ASN
#0

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerLet's Encrypt
Subjectbloggercomment.com
Fingerprint11:51:4A:79:1D:99:ED:9B:0C:9C:F1:44:0D:24:EA:7B:0F:0C:0F:D0
ValidityThu, 31 Aug 2023 18:32:19 GMT - Wed, 29 Nov 2023 18:32:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
683 B (683 bytes)
Hash
6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77

HTTP Headers

GET /allowComments.js HTTP/1.1
Host: bloggercomment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Sat, 23 Sep 2023 05:46:33 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://fontpis.blogspot.com/
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

GET paulosergioduff.blogspot.com/2015/07/desvalorizacao-do-conhecimento.html

216.58.207.193

200 OK

27 kB

URL GET HTTP/3
paulosergioduff.blogspot.com/2015/07/desvalorizacao-do-conhecimento.html
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2279)
Size
27 kB (27239 bytes)
Hash
3fe007a4fa78802817a91e54c27ac114
b57ddeff4cf94ca0f75bf9ce7d3d98cf62e43d5a
cbc7e4fcb046bfcf019e4c71c353c855db0f2d69c1e1a76f8f59bba44a53ac6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2015/07/desvalorizacao-do-conhecimento.html HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:33 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Dec 2021 01:57:38 GMT
etag: W/"586939b4279d89bbff2899e3293169e114003ffd0943253ac7c0c142a60826ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27239
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fontpis.blogspot.com/

216.58.207.193

200 OK

1.8 kB

URL GET HTTP/3
fontpis.blogspot.com/
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (497)
Size
1.8 kB (1771 bytes)
Hash
58d323d2ef5f0fb3a2eb62f87c5c9a10
53f9457011371d71ae3dafd2798c276a30ad3d8b
88dc94be77dbe5db67b6f7ce24d3c5a52d3e56cd9f47a6f9015e38293b369ffd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fontpis.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:33 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=0
last-modified: Mon, 18 Sep 2023 10:28:22 GMT
etag: W/"3e8709c0424754d31335f0b674772e72b63f9c9f6c31a233a2c38115fed1bb02"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1771
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1

216.58.207.233

1.7 kB

URL
www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1
IP
216.58.207.233:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (392)
Size
1.7 kB (1697 bytes)
Hash
4627deacf68ff3482cc8eb38143fff50
932e550db1d7902b5e2a2346ab2fdc778529d05a
e46bd85f7579a7f0448aa4bee09e4e5f6814fac02260b750705a08b47b2011c2

HTTP Headers

GET /followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1697
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET apis.google.com/js/platform.js

172.217.21.174

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/platform.js
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
FingerprintB1:CC:B9:00:18:09:CE:C0:F7:B1:3F:29:95:6B:4A:93:CC:9A:19:0A
ValidityMon, 04 Sep 2023 08:23:36 GMT - Mon, 27 Nov 2023 08:23:35 GMT

File type
ASCII text, with very long lines (2664)
Size
22 kB (21949 bytes)
Hash
ce7e88034e2b1226294f3d7e515299c9
326b37908964a9f69460d42cb646716c9f1e86e1
08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21949
date: Sat, 23 Sep 2023 05:46:33 GMT
expires: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "22f179323a7dd95a"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

172.217.21.174

200 OK

45 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1#id=I0_1695447993240&_gfid=I0_1695447993240&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=15280553
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (1503)
Size
45 kB (45424 bytes)
Hash
216b38745f3cce08ced4200dd91c83a4
3f6bd3ee5da23060e704e8116b5a0961e20a80bf
a8183085f79cc939053929846561337bf0b9287aedece2d7eb154a87e572bab1

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 17:31:05 GMT
expires: Tue, 17 Sep 2024 17:31:05 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 389728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET paulosergioduff.blogspot.com/2015/08/comunicacao-parte-ii.html

216.58.207.193

200 OK

28 kB

URL GET HTTP/3
paulosergioduff.blogspot.com/2015/08/comunicacao-parte-ii.html
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2279)
Size
28 kB (27623 bytes)
Hash
a149d5adddc3a4839a0f73f714225e2c
cb7e20d5c0719da05983d9aea64dc5f7f00c67bc
eed03cfcfd46e5b398bb455d3009f2ad957a3874cb55e561e16d0324804ed331

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2015/08/comunicacao-parte-ii.html HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:33 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Dec 2021 01:57:38 GMT
etag: W/"586939b4279d89bbff2899e3293169e114003ffd0943253ac7c0c142a60826ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27623
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET paulosergioduff.blogspot.com/favicon.ico

216.58.207.193

200 OK

412 B

URL GET HTTP/3
paulosergioduff.blogspot.com/favicon.ico
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
412 B (412 bytes)
Hash
59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 23 Sep 2023 05:46:34 GMT
date: Sat, 23 Sep 2023 05:46:34 GMT
cache-control: private, max-age=86400
last-modified: Sun, 12 Dec 2021 01:57:38 GMT
etag: W/"586939b4279d89bbff2899e3293169e114003ffd0943253ac7c0c142a60826ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET lh3.googleusercontent.com/p/AF1QipN5V5PTopvRswR9cHt66IW5F06rboyT4hyCEg5p=s45-c?key=CJmc6eOHzZvr3wE

142.250.74.97

200 OK

1.7 kB

URL GET HTTP/2
lh3.googleusercontent.com/p/AF1QipN5V5PTopvRswR9cHt66IW5F06rboyT4hyCEg5p=s45-c?key=CJmc6eOHzZvr3wE
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1#id=I0_1695447993240&_gfid=I0_1695447993240&parent=https%3A%2F%2Fpaulosergioduff.blogspot.com&pfname=&rpctoken=15280553
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
PNG image data, 45 x 45, 8-bit grayscale, non-interlaced\012- data
Size
1.7 kB (1743 bytes)
Hash
00d2fb760e8a0295fd5cd58f39c29068
da7b4396e41bb17a8ca8775c655b86f179500c62
853ff50304ad7ba82c5b6db4dcda7f98da1514686922d9ddf7cdea1f4da7f811

HTTP Headers

GET /p/AF1QipN5V5PTopvRswR9cHt66IW5F06rboyT4hyCEg5p=s45-c?key=CJmc6eOHzZvr3wE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v79"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 05:46:34 GMT
server: fife
content-length: 1743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET paulosergioduff.blogspot.com/favicon.ico

216.58.207.193

200 OK

412 B

URL GET HTTP/3
paulosergioduff.blogspot.com/favicon.ico
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
412 B (412 bytes)
Hash
59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: paulosergioduff.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon
expires: Sat, 23 Sep 2023 05:46:34 GMT
date: Sat, 23 Sep 2023 05:46:34 GMT
cache-control: private, max-age=86400
last-modified: Sun, 12 Dec 2021 01:57:38 GMT
etag: W/"586939b4279d89bbff2899e3293169e114003ffd0943253ac7c0c142a60826ca"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 05:46:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css

216.58.207.233

200 OK

6.5 kB

URL GET HTTP/3
www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (35889), with no line terminators
Size
6.5 kB (6501 bytes)
Hash
e287450e0a5c5a5625f7ba3716c1b0cf
3287eee808b2a77f7e4ea16b148f4cd173cddb66
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b

HTTP Headers

GET /static/v1/v-css/3268905543-lightbox_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6501
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 04:10:18 GMT
expires: Wed, 18 Sep 2024 04:10:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 13:58:14 GMT
content-type: text/css
vary: Accept-Encoding
age: 351376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/static/v1/jsbin/255287220-lbx__pt_br.js

216.58.207.233

200 OK

123 kB

URL GET HTTP/3
www.blogger.com/static/v1/jsbin/255287220-lbx__pt_br.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document, ASCII text, with very long lines (1308)
Size
123 kB (122662 bytes)
Hash
2fadb9d203781862847bbb813ccb5f70
c60b5f668ef6c9a9511f3e5241d8b377624f4fab
907f5e00c6d00a56596ab3bd53e15f97e010c60c9880178f8ff338ec9c73dfa0

HTTP Headers

GET /static/v1/jsbin/255287220-lbx__pt_br.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 122662
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:24:24 GMT
expires: Thu, 19 Sep 2024 02:24:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 271330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET dl.dropboxusercontent.com/u/36399870/blogger/post.js

162.125.71.15

404 Not Found

0 B

URL GET HTTP/2
dl.dropboxusercontent.com/u/36399870/blogger/post.js
IP
162.125.71.15:443
ASN
#19679 DROPBOX

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerDigiCert Inc
Subjectdl.dropbox.com
FingerprintF7:BA:5F:D1:73:A5:04:E6:AC:52:C4:92:6F:20:23:8D:FD:B3:3F:D0
ValidityTue, 14 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/36399870/blogger/post.js HTTP/1.1
Host: dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Sat, 23 Sep 2023 05:46:31 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: 822e507f131f402a8f801c64ffe43805
X-Firefox-Spdy: h2

GET www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1

216.58.207.233

200 OK

5.0 kB

URL GET HTTP/3
www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5253), with no line terminators
Size
5.0 kB (5047 bytes)
Hash
4ee213614a146eb683e81ec410cdbf63
c738daee9a05a951245ce2c4d84155d817e52d97
9ef7f6ec823ef7820fced3cfa881f6acc032c9b7160e192a371768728c20ee49

HTTP Headers

GET /followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1697
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET dl.dropboxusercontent.com/u/36399870/blogger/post.js

162.125.71.15

404 Not Found

0 B

URL GET HTTP/2
dl.dropboxusercontent.com/u/36399870/blogger/post.js
IP
162.125.71.15:443
ASN
#19679 DROPBOX

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerDigiCert Inc
Subjectdl.dropbox.com
FingerprintF7:BA:5F:D1:73:A5:04:E6:AC:52:C4:92:6F:20:23:8D:FD:B3:3F:D0
ValidityTue, 14 Feb 2023 00:00:00 GMT - Sat, 16 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/36399870/blogger/post.js HTTP/1.1
Host: dl.dropboxusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Sat, 23 Sep 2023 05:46:29 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: 9ed05800be2444e6a5e025efd0594eb4
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

104.18.10.207

200 OK

24 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (23577)
Size
24 kB (23739 bytes)
Hash
04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

HTTP Headers

GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 05:46:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 9353588
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80b07cda2f3556c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__

216.58.207.233

302 Found

5.0 kB

URL GET HTTP/3
www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type

Size
5.0 kB (5047 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 23 Sep 2023 05:46:33 GMT
expires: Sat, 23 Sep 2023 05:46:33 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 536
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true

142.250.74.109

302 Found

5.0 kB

URL GET HTTP/3
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type

Size
5.0 kB (5047 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D2475284043108058925%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8577117469580073248%26origin%3Dhttps://paulosergioduff.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.L92w_vMR5kE.O/d%253D1/rs%253DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulosergioduff.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:-Im1jVM_VgM_e482qgNlLuwGAWjeMQ:gY8qIw4wIGjgp4zA; Expires=Mon, 22-Sep-2025 05:46:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
location: https://www.blogger.com/followers.g?blogID=2475284043108058925&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8577117469580073248&origin=https://paulosergioduff.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.L92w_vMR5kE.O/d%3D1/rs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/m%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-G3wh2k4OYNlvgy2kB-DNng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__

216.58.207.233

200 OK

6.8 kB

URL GET HTTP/3
www.blogger.com/navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6960), with no line terminators
Size
6.8 kB (6773 bytes)
Hash
48720c26b73ba5ea13047891fbf7223d
ccb809e7cfbdfdcf1e569dc39fc90038793e2029
9e59a332c9aa0c3cfa1a5d904dbb547244562c485a34d56c91ab6082fbf2b2e4

HTTP Headers

GET /navbar.g?targetBlogID=2475284043108058925&blogName=Blog+oficial+de+Paulo+S%C3%A9rgio+Duff&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://paulosergioduff.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://paulosergioduff.blogspot.com/&targetPostID=8577117469580073248&blogPostOrPageUrl=https://paulosergioduff.blogspot.com/2015/07/sou-economista.html&vt=-8966543632292584819&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2650
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/dyn-css/authorization.css?targetBlogID=2475284043108058925&zx=2a3ed33a-137f-4984-bdbd-03b32dc2e74a

216.58.207.233

200 OK

1 B

URL GET HTTP/3
www.blogger.com/dyn-css/authorization.css?targetBlogID=2475284043108058925&zx=2a3ed33a-137f-4984-bdbd-03b32dc2e74a
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://paulosergioduff.blogspot.com/2015/07/sou-economista.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with no line terminators
Size
1 B (1 bytes)
Hash
1d78758685e5e2f4efeeb490f8521abd
ef7e6794ca9c6a06b54b66f279237fb8daaaeea8
a80e516bfb196e1c48a9acbe39da8fceb6bc82e0d991b8a990b8f3239c7efaed

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=2475284043108058925&zx=2a3ed33a-137f-4984-bdbd-03b32dc2e74a HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paulosergioduff.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 05:46:32 GMT
last-modified: Sat, 23 Sep 2023 05:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by