Report - wildwingshackers.blogspot.it/2012/05/7-amazingly-beautiful-windows-7-themes.html/

Report Overview

Submitted URL
wildwingshackers.blogspot.it/2012/05/7-amazingly-beautiful-windows-7-themes.html/
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2023-06-10 15:20:27
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
wildwingshackers.blogspot.com	unknown	2000-07-31	2014-01-16	2023-06-04	1.4 kB	58 kB	172.217.21.161
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2023-06-10	878 B	75 kB	104.18.10.207
www.blogger.com	8975	1999-06-22	2012-05-22	2023-06-10	1.4 kB	67 kB	216.58.207.233
gfjf.xyz	unknown	2021-12-11	2021-12-12	2023-06-04	849 B	5.4 kB	185.66.201.43
cache.r-q.media	unknown	2022-04-17	2023-05-21	2023-06-06	1.8 kB	9.9 kB	65.60.58.179
1.bp.blogspot.com	8403	2000-07-31	2012-05-21	2023-06-10	409 B	3.3 kB	142.250.74.129
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-10	2.4 kB	168 kB	142.250.74.35
adservice.google.com	76	1997-09-15	2021-02-20	2023-06-10	466 B	663 B	142.250.74.66
www.effectivedisplaycontent.com	108881	2021-12-22	2021-12-28	2023-05-30	382 B	514 B	192.243.59.20
xvaaa.com	unknown	2021-12-30	2019-04-03	2023-06-04	457 B	967 B	185.66.200.220
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-10	4.3 kB	9.1 kB	142.250.74.131
wildwingshackers.blogspot.it	unknown	2009-02-09	2014-12-08	2023-06-09	537 B	779 B	172.217.21.161
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-10	446 B	35 kB	142.250.74.74
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2023-06-10	3.5 kB	172 kB	216.58.211.2
partner.googleadservices.com	798	2003-06-19	2012-10-03	2023-06-10	519 B	797 B	216.58.207.226
ylx-i.advertica-cdn2.com	193063	2017-12-16	2017-12-29	2023-06-09	379 B	1.1 kB	185.66.200.127
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-10	430 B	1.6 kB	142.250.74.106
pl17008340.trustedcpmrevenue.com	unknown	2021-12-22	2023-06-04	2023-06-04	383 B	514 B	173.233.137.44
pl17008340.highrevenuegate.com	unknown	2023-03-02	2023-06-08	2023-06-08	1.9 kB	2.6 kB	192.243.61.227
pl17008343.trustedcpmrevenue.com	unknown	2021-12-22	2023-06-04	2023-06-04	770 B	1.0 kB	192.243.59.13
udbaa.com	380419	2021-12-30	2022-01-03	2023-06-09	963 B	394 B	185.66.200.220

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-10 15:20:13	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD
2023-06-10 15:20:13	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD
2023-06-10 15:20:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-10	medium	highrevenuegate.com
2023-06-10	medium	highrevenuegate.com
2023-06-10	medium	highrevenuegate.com
2023-06-10	medium	highrevenuegate.com
2023-06-10	medium	highrevenuegate.com

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70#0	0 B	2023-03-07	2024-04-23
Pretty URL cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70#0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 17:16:41 Times Seen37022860 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70	397 B	2023-06-10	2023-06-10
Pretty URL cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70 IP 65.60.58.179 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-10 17:20:32 Last Seen2023-06-10 17:20:32 Times Seen1 Hash d29fb04334931b0dc23a7220f92e78bd 763d15a7f31aa6ca7de2411c1c18765beabf92b4 ea923f759a89c8385d28f6f4bf67078340f4327af509855560ab0c41c422937f Loading...

		Size	First Seen	Last Seen
	#1 Write - f34255e4f705fa7651d71e6b068a04c6	128 B	2023-06-04	2023-06-10
Pretty Observations First Seen2023-06-04 06:00:09 Last Seen2023-06-10 17:20:32 Times Seen2 Hash f34255e4f705fa7651d71e6b068a04c6 afd5c29b3bd79ffc2b36995e5c00200e161b746b a6aa48eb00c2f10b1be198e7e957f913ce8ba78e925246d4ff394fa1fe2d1892 Loading...

	#2 Write - dd5d312aeb04bf2038dd092c109f2c1b	814 B	2023-06-10	2023-06-10
Pretty Observations First Seen2023-06-10 17:20:32 Last Seen2023-06-10 17:20:32 Times Seen1 Hash dd5d312aeb04bf2038dd092c109f2c1b 990fe9bc66506d9f7632d6f4c22225ce0a0926b5 6f589fa0a6383c0792a04b7f68b00036ff4f0504a60d9c7891d107c08d8bf77c Loading...

HTTP Transactions (53)

URL IP Response Size

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d7982fa2873277d8b95c38946a035e1e
ae6d80e57b6c49948ac459ac7fc3873cf27a63d5
62ff4214c91318cd576f1bd4a2fb8dc7eb4a63d7a5c1aa7beb2a359e5c6610df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wildwingshackers.blogspot.it/2012/05/7-amazingly-beautiful-windows-7-themes.html/

172.217.21.161

228 B

URL
wildwingshackers.blogspot.it/2012/05/7-amazingly-beautiful-windows-7-themes.html/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
228 B (228 bytes)
Hash
4c4c82c638e20eabed9b81158294d496
1a3f97b320f1eb40c80da5692743c51a84e90b95
10bb88311d978e5c18891fc116a7b17d0e8c6188c5ac4e878206a4b94896c5a9

HTTP Headers

GET /2012/05/7-amazingly-beautiful-windows-7-themes.html/ HTTP/1.1
Host: wildwingshackers.blogspot.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://wildwingshackers.blogspot.com/2012/05/7-amazingly-beautiful-windows-7-themes.html/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 10 Jun 2023 15:20:10 GMT
expires: Sat, 10 Jun 2023 15:20:10 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 228
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d7982fa2873277d8b95c38946a035e1e
ae6d80e57b6c49948ac459ac7fc3873cf27a63d5
62ff4214c91318cd576f1bd4a2fb8dc7eb4a63d7a5c1aa7beb2a359e5c6610df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d7982fa2873277d8b95c38946a035e1e
ae6d80e57b6c49948ac459ac7fc3873cf27a63d5
62ff4214c91318cd576f1bd4a2fb8dc7eb4a63d7a5c1aa7beb2a359e5c6610df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wildwingshackers.blogspot.com/2012/05/7-amazingly-beautiful-windows-7-themes.html/

172.217.21.161

27 kB

URL
wildwingshackers.blogspot.com/2012/05/7-amazingly-beautiful-windows-7-themes.html/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Size
27 kB (27066 bytes)
Hash
98bb83b2f4fc171796a407ac36483025
da8d222d727fcaeb1c2f07bda6a63308d0bfb7fc
30b31f15567bff9af43df01a8ebad4d98e5a57417416ac54cb41613bf405a3d1

HTTP Headers

GET /2012/05/7-amazingly-beautiful-windows-7-themes.html/ HTTP/1.1
Host: wildwingshackers.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Jun 2023 15:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27066
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.10.207

6.9 kB

URL
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27303)
Size
6.9 kB (6901 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
CDN-EdgeStorageId: 565, 617, 617
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
CDN-CachedAt: 2021-06-08 19:04:20
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
Cache-Control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
CDN-RequestId: e9a84d03a1f7c6aa17012c712a6e5dd5
Content-Encoding: gzip
CDN-Status: 200
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 318658
Server: cloudflare
CF-RAY: 7d5298d43bbfb500-OSL
alt-svc: h3=":443"; ma=86400

wildwingshackers.blogspot.com/2012/05/7-amazingly-beautiful-windows-7-themes.html/

172.217.21.161

27 kB

URL
wildwingshackers.blogspot.com/2012/05/7-amazingly-beautiful-windows-7-themes.html/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Size
27 kB (27014 bytes)
Hash
7cdcfa8c409dfe9ccc50e572e15e886a
e1cc4f47d187e5fd34ece78f9f5c668cab2748f6
3c69309761dd497ae8573767d9b9e24d2b387c5f142dd4a7389bc521bb4fe4a7

HTTP Headers

GET /2012/05/7-amazingly-beautiful-windows-7-themes.html/ HTTP/1.1
Host: wildwingshackers.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sat, 10 Jun 2023 15:20:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 27014
Server: GSE

fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Oswald:300,400,700|Shadows+Into+Light

142.250.74.106

1.0 kB

URL
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Oswald:300,400,700|Shadows+Into+Light
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
1.0 kB (1033 bytes)
Hash
c932be71beba7ed28e667b8979c32edc
87c3cf51f5e6131d11520f4a00dade51bf9f83a6
228bceceb5e75f19cf19ed2fefc07177e90c72f5042150073962ec4d6065e51a

HTTP Headers

GET /css?family=Open+Sans:400,400italic,700,700italic|Oswald:300,400,700|Shadows+Into+Light HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 10 Jun 2023 15:20:12 GMT
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

wildwingshackers.blogspot.com/js/cookienotice.js

172.217.21.161

2.0 kB

URL
wildwingshackers.blogspot.com/js/cookienotice.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: wildwingshackers.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/2012/05/7-amazingly-beautiful-windows-7-themes.html/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sat, 10 Jun 2023 15:20:12 GMT
Expires: Sat, 17 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 10 Jun 2023 11:51:05 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
976ddc35a5e0905c0323fc1e2de7e1c6
fba04768049a0ab61950c5d63e91d22f08827595
241628b3912a151783f629d6c1b013db421bd00bd3efb99b0e28bf6548be3cc2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

216.58.207.233

7.8 kB

URL
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Jun 2023 07:48:08 GMT
expires: Fri, 07 Jun 2024 07:48:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Jun 2023 01:51:20 GMT
content-type: text/css
vary: Accept-Encoding
age: 199924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
039bd5f5536d1b489d46e52d9cd5a21e
88770d7c23bb9aefa7d8fad6262332c0a682a0d3
6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/3381873457-widgets.js

216.58.207.233

56 kB

URL
www.blogger.com/static/v1/widgets/3381873457-widgets.js
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2215)
Size
56 kB (56538 bytes)
Hash
6adf42b296c324d24b2e05b94a60bde1
81d101b2f93c901f658536dbcac6302a10b504fd
f25e9ec60e38e8e42e761a6016399cb867563e17daf982b5886234fec9471785

HTTP Headers

GET /static/v1/widgets/3381873457-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56538
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 02:32:06 GMT
expires: Wed, 05 Jun 2024 02:32:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Jun 2023 23:50:54 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 391686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8308f6dea0330937b447c599a29d40e8
4432419d333e24fefd3107ee5fcbbe444131e22b
9286c39fd6051acc7d86c4bc065d8d55a9ac249994efd299342bae44f33934b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

142.250.74.74

34 kB

URL
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32341)
Size
34 kB (33576 bytes)
Hash
8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

HTTP Headers

GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Jun 2023 17:06:38 GMT
expires: Mon, 03 Jun 2024 17:06:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 512014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
976ddc35a5e0905c0323fc1e2de7e1c6
fba04768049a0ab61950c5d63e91d22f08827595
241628b3912a151783f629d6c1b013db421bd00bd3efb99b0e28bf6548be3cc2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109

216.58.211.2

47 kB

URL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3592)
Size
47 kB (47370 bytes)
Hash
18938046cfb4381c44055922cafc3073
a57dc421ee60e788c99962b1d01ed3ad8b4d8d21
61b8a9ae6bfb6e295425a1aa165c151507f13c844faf82efe438ee5d0326b909

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 10 Jun 2023 15:20:12 GMT
expires: Sat, 10 Jun 2023 15:20:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12823626532447766190
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
039bd5f5536d1b489d46e52d9cd5a21e
88770d7c23bb9aefa7d8fad6262332c0a682a0d3
6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8308f6dea0330937b447c599a29d40e8
4432419d333e24fefd3107ee5fcbbe444131e22b
9286c39fd6051acc7d86c4bc065d8d55a9ac249994efd299342bae44f33934b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png

142.250.74.129

2.9 kB

URL
1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png
IP
142.250.74.129:0
ASN
#15169 GOOGLE

File type
PNG image data, 99 x 99, 8-bit colormap, non-interlaced\012- data
Size
2.9 kB (2891 bytes)
Hash
ab25e409f981e3379a25153a5f473b60
92011e07f37a15fd9302c23c081645c10bc16283
32df16fb278d8f2f3340202fda7810da07736103323da7ab658378c64f64af03

HTTP Headers

GET /-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bg.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2891
X-XSS-Protection: 0
Date: Sat, 10 Jun 2023 13:34:05 GMT
Expires: Sun, 11 Jun 2023 13:34:05 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 6367
ETag: "v599"
Content-Type: image/png
Vary: Origin

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

48 kB

URL
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 48412
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Jun 2023 07:49:41 GMT
Expires: Fri, 07 Jun 2024 07:49:41 GMT
Cache-Control: public, max-age=31536000
Age: 199831
Last-Modified: Tue, 02 May 2023 15:08:53 GMT
Content-Type: font/woff2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.10.207

67 kB

URL
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://maxcdn.bootstrapcdn.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: font/woff2
Content-Length: 66624
Connection: keep-alive
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
ETag: "db812d8a70a4e88e888744c1c9a27e89"
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
CDN-CachedAt: 08/15/2022 13:52:58
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-Status: 200
CDN-RequestId: adc14123686a1d3042e60d59c8dadc80
CDN-Cache: HIT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d5298d5dce9fac0-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2

142.250.74.35

16 kB

URL
fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16296, version 1.0\012- data
Size
16 kB (16296 bytes)
Hash
ab4a2c11e0a08a8b4fa7846c2adcc173
86304ab63791be3a22e5eb673245bca6351774a2
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac

HTTP Headers

GET /s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16296
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Jun 2023 20:31:42 GMT
Expires: Thu, 06 Jun 2024 20:31:42 GMT
Cache-Control: public, max-age=31536000
Age: 240510
Last-Modified: Wed, 27 Apr 2022 15:55:58 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

142.250.74.35

25 kB

URL
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size
25 kB (25372 bytes)
Hash
fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

HTTP Headers

GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25372
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Jun 2023 21:08:04 GMT
Expires: Thu, 06 Jun 2024 21:08:04 GMT
Cache-Control: public, max-age=31536000
Age: 238328
Last-Modified: Mon, 18 Jul 2022 19:24:05 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

142.250.74.35

25 kB

URL
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size
25 kB (25372 bytes)
Hash
fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

HTTP Headers

GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25372
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Jun 2023 21:08:04 GMT
Expires: Thu, 06 Jun 2024 21:08:04 GMT
Cache-Control: public, max-age=31536000
Age: 238328
Last-Modified: Mon, 18 Jul 2022 19:24:05 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

48 kB

URL
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wildwingshackers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 48412
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Jun 2023 07:49:41 GMT
Expires: Fri, 07 Jun 2024 07:49:41 GMT
Cache-Control: public, max-age=31536000
Age: 199831
Last-Modified: Tue, 02 May 2023 15:08:53 GMT
Content-Type: font/woff2

pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=true&frequency=0.01&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418

216.58.211.2

0 B

URL
pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=true&frequency=0.01&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/gen_204?id=new_abg_tag&value=true&host_v=true&frequency=0.01&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 15:20:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6794290122359041&plah=wildwingshackers.blogspot.com&bust=31075177

216.58.211.2

121 kB

URL
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6794290122359041&plah=wildwingshackers.blogspot.com&bust=31075177
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4294)
Size
121 kB (121042 bytes)
Hash
0f25b44971d28e5ce452e5af4d05e589
3affc0711babb7aeed12283f4c3b1ab909f037e9
2cf762a926f27e779091fb94c1c2b4e722939e5ff0a4759efa734d4256160c0e

HTTP Headers

GET /pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6794290122359041&plah=wildwingshackers.blogspot.com&bust=31075177 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 10 Jun 2023 15:20:12 GMT
expires: Sat, 10 Jun 2023 15:20:12 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15271637402250532239
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js

173.233.137.44

0 B

URL
pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1
Host: pl17008340.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js

192.243.61.227

0 B

URL
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1
Host: pl17008340.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418

216.58.211.2

0 B

URL
pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 15:20:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js

192.243.59.13

0 B

URL
pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js HTTP/1.1
Host: pl17008343.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js

192.243.61.227

0 B

URL
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1
Host: pl17008340.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=wildwingshackers.blogspot.com&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418

216.58.211.2

0 B

URL
pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=wildwingshackers.blogspot.com&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/gen_204?id=abg_host&host=wildwingshackers.blogspot.com&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 15:20:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418

216.58.211.2

0 B

URL
pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759837%2C44759875%2C44759926%2C31075177%2C44788442%2C44794418 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Jun 2023 15:20:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e0ce983dc47ec5afde47a84aa8737c
28a87dc0df7f0d7f681144f7ffc816cc193fca57
48f581c745a2adc5eba901c982a3bc0103892e4e91b968464d10f07415f2d02b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=wildwingshackers.blogspot.com&callback=_gfp_s_&client=ca-pub-6794290122359041

216.58.207.226

250 B

URL
partner.googleadservices.com/gampad/cookie.js?domain=wildwingshackers.blogspot.com&callback=_gfp_s_&client=ca-pub-6794290122359041
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (391), with no line terminators
Size
250 B (250 bytes)
Hash
c4af0164e8174698372b7b40e8f321b2
06c1d400f0791d6345a841dc4ad4380dbcbb07af
c5e00587f54d555390f6f504269a3ca8b09625717f40df1337a91a847276922f

HTTP Headers

GET /gampad/cookie.js?domain=wildwingshackers.blogspot.com&callback=_gfp_s_&client=ca-pub-6794290122359041 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 10 Jun 2023 15:20:12 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce0035936997c1555b1ff99d49eea795
fedb6b2dee2b19d5bd44b3d9e7a46dc73bb7fbf9
415ab7d7536068e0e69ddff28adcf77c8e254c56abcdeb4967dcb6d2b3cc6cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/adsid/integrator.js?domain=wildwingshackers.blogspot.com

142.250.74.66

100 B

URL
adservice.google.com/adsid/integrator.js?domain=wildwingshackers.blogspot.com
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
d9c47f48660b656705d0ff86fc850de8
bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

HTTP Headers

GET /adsid/integrator.js?domain=wildwingshackers.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 10 Jun 2023 15:20:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e0ce983dc47ec5afde47a84aa8737c
28a87dc0df7f0d7f681144f7ffc816cc193fca57
48f581c745a2adc5eba901c982a3bc0103892e4e91b968464d10f07415f2d02b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce0035936997c1555b1ff99d49eea795
fedb6b2dee2b19d5bd44b3d9e7a46dc73bb7fbf9
415ab7d7536068e0e69ddff28adcf77c8e254c56abcdeb4967dcb6d2b3cc6cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 15:20:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js

192.243.59.20

0 B

URL
www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f120c5a81a77823e16e2ff5b476a653f/invoke.js HTTP/1.1
Host: www.effectivedisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

www.blogger.com/dyn-css/authorization.css?targetBlogID=6631735251177470405&zx=cfc0b755-3bbe-4377-a76a-42a1b73c9549

216.58.207.233

21 B

URL
www.blogger.com/dyn-css/authorization.css?targetBlogID=6631735251177470405&zx=cfc0b755-3bbe-4377-a76a-42a1b73c9549
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=6631735251177470405&zx=cfc0b755-3bbe-4377-a76a-42a1b73c9549 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Jun 2023 15:20:13 GMT
last-modified: Sat, 10 Jun 2023 15:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js

192.243.61.227

0 B

URL
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1
Host: pl17008340.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js

192.243.61.227

0 B

URL
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1
Host: pl17008340.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js

192.243.59.13

0 B

URL
pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js HTTP/1.1
Host: pl17008343.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js

173.233.137.52

0 B

URL
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1
Host: pl17008340.highrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 10 Jun 2023 15:20:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

ylx-i.advertica-cdn2.com/but_close.png?1360094895

185.66.200.127

692 B

URL
ylx-i.advertica-cdn2.com/but_close.png?1360094895
IP
185.66.200.127:0
ASN
#201702 skHosting.eu s.r.o.

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
692 B (692 bytes)
Hash
9455d6e0f53f2dde9e0cbac65b7a10f4
0cf2db4dcc079a22ff355e5ae94b9a3921e58479
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

HTTP Headers

GET /but_close.png?1360094895 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Jun 2023 15:20:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 05 Feb 2013 20:08:15 GMT
ETag: W/"511166af-298"
Expires: Mon, 10 Jul 2023 15:20:13 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
X-Cache: HIT
X-Server: cdnbts
Content-Encoding: gzip

udbaa.com/trk/?d0ae503b623d1ba7db63bba413d193e5

185.66.200.220

43 B

URL
udbaa.com/trk/?d0ae503b623d1ba7db63bba413d193e5
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /trk/?d0ae503b623d1ba7db63bba413d193e5 HTTP/1.1
Host: udbaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://udbaa.com/show.php?u16371686410413=true&ad=673873&f=728x90&a=625611&cri=0&s=Mjg0NzQwOTdhMTI1NzIxZTc2ZjUzYmRjMDczNTA0M2I=&u=846527&si=914543523&di=43836796&ci=16&h=d0ae503b623d1ba7db63bba413d193e5&cc=NO&slider=4567d63869888b88fb19d4751c52f1a2&https=1&useAf=loaded_string_973313b505f4ef77a6ce5d943baa68253e290_2706762_1686410413.3245_16519&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&ar=aHR0cDovL3dpbGR3aW5nc2hhY2tlcnMuYmxvZ3Nwb3QuY29tLw==
Cookie: used_ad2706762=1; total_impressions=1; cpa_673873=728x90_914543523_5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 15:20:13 GMT
content-type: image/gif
content-length: 43
last-modified: Sat, 10 Jun 2023 15:20:13 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

xvaaa.com/mobile_redir.php?section=General&pub=846527&ga=a&desktop=1

185.66.200.220

604 B

URL
xvaaa.com/mobile_redir.php?section=General&pub=846527&ga=a&desktop=1
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type
data
Size
604 B (604 bytes)
Hash
75d0d41915215ec7e1d294fbe2a3f5f0
533c984e106a4dbcaf5ab4b64161aa2bab488153
ce2b98038c4fd1c15b62ffa8034701ee965d3d5129bcbe7fe4c295a0e12876c6

HTTP Headers

GET /mobile_redir.php?section=General&pub=846527&ga=a&desktop=1 HTTP/1.1
Host: xvaaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://wildwingshackers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 15:20:12 GMT
content-type: application/javascript
expires: Sat, 10 Jun 2023 15:20:12 GMT
last-modified: Sat, 10 Jun 2023 15:20:12 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2

gfjf.xyz/favicon.ico

185.66.201.43

5.1 kB

URL
gfjf.xyz/favicon.ico
IP
185.66.201.43:0
ASN
#201702 skHosting.eu s.r.o.

File type
MS Windows icon resource - 1 icon, 114x114, 32 bits/pixel\012- data
Size
5.1 kB (5083 bytes)
Hash
f0a8acc314cb0006dc9ea2335f856f14
6e7155fc3014bb1287d09891d1fec3dbc5f24bd9
c895c96c4ff471e8bfccc608a6a808babe6b041533fb529d4d48d1cf2348cb93

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gfjf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gfjf.xyz/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdpCjdGpjdkAjCiGkkjdCpCkrNkxNpZNrApCrCjdCCrkjCrrrCrCrGCxCZAixkAdjACCr_22752&adApiR=loaded_string_216733b505f4ef77a6ce5d943baa68253e290_2633209_1686410413.4047_65438&refferer=3128248305_aHR0cDovL3dpbGR3aW5nc2hhY2tlcnMuYmxvZ3Nwb3QuY29tLw==&randomA=yx&templateX348921892=direct&yxDom=eHZhYWEuY29t_b27f4323ffcbd676efba210360bec1a5
Cookie: used_ad2633209=1; used_c_51856=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 15:20:14 GMT
content-type: image/x-icon
last-modified: Thu, 31 Mar 2016 22:21:18 GMT
etag: W/"56fda2de-d26e"
expires: Sat, 17 Jun 2023 15:20:14 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

cache.r-q.media/favicon.ico

65.60.58.179

200 OK

1.2 kB

URL GET HTTP/2
cache.r-q.media/favicon.ico
IP
65.60.58.179:443
ASN
#32475 SINGLEHOP-LLC

Requested by
https://cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70
Certificate
IssuerLet's Encrypt
Subjectcache.r-q.media
Fingerprint83:4E:E1:A9:15:74:01:74:66:5E:1E:E8:52:39:E8:8B:43:21:C9:96
ValiditySun, 21 May 2023 14:18:26 GMT - Sat, 19 Aug 2023 14:18:25 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cache.r-q.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70
Cookie: u=2051af1715e295d9e97f5ae3c5d0ab77; split=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 15:20:15 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Sun, 11 Jun 2023 15:20:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2

cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70

65.60.58.179

200 OK

8.0 kB

URL User Request GET HTTP/2
cache.r-q.media/?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70
IP
65.60.58.179:443
ASN
#32475 SINGLEHOP-LLC

Certificate
IssuerLet's Encrypt
Subjectcache.r-q.media
Fingerprint83:4E:E1:A9:15:74:01:74:66:5E:1E:E8:52:39:E8:8B:43:21:C9:96
ValiditySun, 21 May 2023 14:18:26 GMT - Sat, 19 Aug 2023 14:18:25 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8198), with no line terminators
Size
8.0 kB (8029 bytes)
Hash
9fb49f630f566a9747ee5ee223c64176
7e9be1b5d686904dd2b90b4d0e04aa6976748c6f
2bf486c643cd52cbc7a88999cce65da558dece35e49cf396d18d6d790b79a428

HTTP Headers

GET /?utm_term=7243077580075565061&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b086b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c70 HTTP/1.1
Host: cache.r-q.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cache.r-q.media/?utm_medium=35f01c022e5d4ea753f23df180ff68e0ad428e85&utm_campaign=PUSH-MS-SL-NA&cid=90affC1686410413aff1a2e5c1653942a867a936&1=28288461
Cookie: u=2051af1715e295d9e97f5ae3c5d0ab77; split=b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 15:20:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.2.0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (53)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers