| hackxack.blogspot.com/search/label/adobe/?m=1 | 216.58.207.193 | 200 OK | 7.8 kB |
URL User Request GET HTTP/2hackxack.blogspot.com/search/label/adobe/?m=1 IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typeHTML document, ASCII text, with very long lines (5262) Hashffe45f521eabeeada70da5c2feb6269d 0ed601309334b4217ac126fd5098f50211834cab e7deb615a20bde9cdf80d66f9fe80928162923f74a3081cbed6df20d34f6bc7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /search/label/adobe/?m=1 HTTP/1.1
Host: hackxack.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 24 Apr 2024 22:25:25 GMT
date: Wed, 24 Apr 2024 22:25:25 GMT
cache-control: private, max-age=0
last-modified: Tue, 20 Feb 2024 07:08:55 GMT
etag: W/"4a494da24ece9608c04ef4ba30c185f846a0c08ee02794d95c685bcf451e173e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 7841
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hackxack.blogspot.com/js/cookienotice.js | 216.58.207.193 | 200 OK | 2.0 kB |
URL GET HTTP/3hackxack.blogspot.com/js/cookienotice.js IP216.58.207.193:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typeJavaScript source, ASCII text Hasha705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/cookienotice.js HTTP/1.1
Host: hackxack.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/search/label/adobe/?m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Wed, 24 Apr 2024 22:25:26 GMT
expires: Wed, 01 May 2024 22:25:26 GMT
cache-control: public, max-age=604800
last-modified: Wed, 24 Apr 2024 16:53:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.blogger.com/static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css | 216.58.207.233 | 200 OK | 4.9 kB |
URL GET HTTP/2www.blogger.com/static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css IP216.58.207.233:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint17:41:C7:D0:1D:55:29:41:DB:6D:65:5F:4E:63:97:50:32:7D:E1:60 ValidityMon, 18 Mar 2024 19:33:57 GMT - Mon, 10 Jun 2024 19:33:56 GMT
File typeASCII text, with very long lines (20429) Hash3530457ff5686a9eb40a5b14522ed0c7 c1f07552b1d3120ab83dcd6787ab8f43482268b9 fd47e1c7c5792d78bb2849ce121d3b574e2057042d5f803dfc593b7ff5d5763a
GET /static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 4934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:07 GMT
expires: Fri, 18 Apr 2025 02:33:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 03:52:09 GMT
content-type: text/css
vary: Accept-Encoding
age: 589939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/static/v1/widgets/1807328581-widgets.js | 216.58.207.233 | 200 OK | 51 kB |
URL GET HTTP/2www.blogger.com/static/v1/widgets/1807328581-widgets.js IP216.58.207.233:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint17:41:C7:D0:1D:55:29:41:DB:6D:65:5F:4E:63:97:50:32:7D:E1:60 ValidityMon, 18 Mar 2024 19:33:57 GMT - Mon, 10 Jun 2024 19:33:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1941) Hash3fd63936a88c795358e97868e471a443 ca64663c1f3115e480fc373d6e47b01d1f5b03a0 d611421e714f0491c867715cfd4b567a8e4590161c005cbf65fe2644e38685f1
GET /static/v1/widgets/1807328581-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51394
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 01:58:46 GMT
expires: Thu, 24 Apr 2025 01:58:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Apr 2024 23:51:06 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 73600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/google_top_exp.js | 142.250.74.130 | 200 OK | 42 B |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP142.250.74.130:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
Hash7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Wed, 24 Apr 2024 11:16:15 GMT
expires: Wed, 08 May 2024 11:16:15 GMT
cache-control: public, max-age=1209600
age: 40151
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1.bp.blogspot.com/-FA5yrRbihNA/UM71S0LpJsI/AAAAAAAACUE/uD19BwW-w3Y/s400/hackxack%2Blogo.png | 142.250.74.161 | 200 OK | 10 kB |
URL GET HTTP/21.bp.blogspot.com/-FA5yrRbihNA/UM71S0LpJsI/AAAAAAAACUE/uD19BwW-w3Y/s400/hackxack%2Blogo.png IP142.250.74.161:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typePNG image data, 200 x 90, 8-bit/color RGBA, non-interlaced Hash2c737d0f9f107a4055d55fe9ccaa3d0a 49de97198019e79742afbdf8d740c9b03623c1cf a8c521d4c4d1e431c43efaf1777b65a9dce1f97f515b3bec3a8f29f819e93493
GET /-FA5yrRbihNA/UM71S0LpJsI/AAAAAAAACUE/uD19BwW-w3Y/s400/hackxack%2Blogo.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v941"
expires: Thu, 25 Apr 2024 22:25:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hackxack logo.png"
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 22:25:26 GMT
server: fife
content-length: 10101
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hackxack.blogspot.com/favicon.ico | 216.58.207.193 | 200 OK | 187 B |
URL GET HTTP/3hackxack.blogspot.com/favicon.ico IP216.58.207.193:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash62503944b520a080cc3c92a355c11a06 8662d37cc80cd35eea171d9b91a7994744d066a9 cbea784cfb723bc3959e4d54371cccfddcde35ccba15d7ce0f2083f1a7a1fffd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hackxack.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/search/label/adobe/?m=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Wed, 24 Apr 2024 22:25:26 GMT
date: Wed, 24 Apr 2024 22:25:26 GMT
cache-control: private, max-age=86400
last-modified: Tue, 20 Feb 2024 07:08:55 GMT
etag: W/"4a494da24ece9608c04ef4ba30c185f846a0c08ee02794d95c685bcf451e173e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 187
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| draft.blogger.com/dyn-css/authorization.css?targetBlogID=1787761435264853616&zx=86558384-39c7-478a-930f-742c99076b5e | 216.58.207.233 | 200 OK | 21 B |
URL GET HTTP/2draft.blogger.com/dyn-css/authorization.css?targetBlogID=1787761435264853616&zx=86558384-39c7-478a-930f-742c99076b5e IP216.58.207.233:443
Requested byhttps://hackxack.blogspot.com/search/label/adobe/?m=1 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint17:41:C7:D0:1D:55:29:41:DB:6D:65:5F:4E:63:97:50:32:7D:E1:60 ValidityMon, 18 Mar 2024 19:33:57 GMT - Mon, 10 Jun 2024 19:33:56 GMT
File typevery short file (no magic) Hash68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=1787761435264853616&zx=86558384-39c7-478a-930f-742c99076b5e HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hackxack.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 22:25:26 GMT
last-modified: Wed, 24 Apr 2024 22:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|