Report - c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=<ServerUrl>/addons/error.txt&product_file

Report Overview

Submitted URL
c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=<ServerUrl>/addons/error.txt&product_file_name=error.txt
IP
54.67.93.101
ASN
#16509 AMAZON-02
Submitted
2023-05-27 23:18:17
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
c1.reportbox3.info	unknown	2023-02-03	2013-05-01	2023-05-27	1.6 kB	265 B	52.8.134.32
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-27	3.0 kB	6.3 kB	142.250.74.131
www.blogger.com	8975	1999-06-22	2012-05-22	2023-05-27	3.7 kB	56 kB	216.58.207.233
img1.blogblog.com	65460	2000-09-15	2012-05-22	2023-05-27	422 B	1.1 kB	216.58.207.233
apis.google.com	105	1997-09-15	2013-05-06	2023-05-27	2.9 kB	186 kB	142.250.74.78
resources.blogblog.com	13274	2000-09-15	2017-01-30	2023-05-27	921 B	2.3 kB	216.58.207.233
www.hiringjobtweets.com	unknown	2010-05-03	2013-05-17	2023-05-27	399 B	0 B	0.0.0.0
june26.com	unknown	2002-11-18	2014-04-30	2023-05-27	467 B	11 kB	23.229.130.141
img2.blogblog.com	113758	2000-09-15	2012-05-21	2023-05-27	420 B	821 B	216.58.207.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-27 23:17:58	medium	Client IP	52.8.134.32	ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	june26.com/	1.1 kB	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 05:16:43 Last Seen2023-10-02 15:23:51 Times Seen565 Hash 5eab909e27972678877948184081d1e0 f94790e5cbca1f6dd5b446a6c92c7f1a92b46013 e4e3dcb2e988b3817c71fee731a3d8d78a66cc780cf0cbb494eaaed151e9054f Loading...

	june26.com/	392 B	2023-03-13	2023-12-03
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 05:16:43 Last Seen2023-12-03 11:17:47 Times Seen571 Hash 49d574048d33345f8c3b171f83b75613 17d5d66e0c1412a02a363efc01ae043dff25c353 dd6a3b2e623affb3d52a277a4d3cd0ee567863d403fddb8e3ab4e2b523c79008 Loading...

	june26.com/	60 B	2023-03-07	2024-04-23
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-23 22:40:30 Times Seen775 Hash a4f6ff70cfc7cce292d265221bec7dc2 ac7ebf3eee8d559226e201a37d0e65f5d5cee457 6c82df2777bd34b559cada8ae16150c6fa0b42744352a98f40abd8403d5de90e Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs	52 kB	2023-04-17	2023-05-28
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-17 20:06:22 Last Seen2023-05-28 01:18:18 Times Seen213 Hash 15b9042df7ee4702f745c5ce68aabcb9 47ad4ce9337e9b1f435d7d24ae1617936f776bd6 6be7a46db6d1db00e4f9660ae7d5ae612cb07ecf337492f3b3057c9b2b688308 Loading...

	june26.com/	314 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash e2eb4d7ac8ae21891c3b7d00ba66b041 6c1c9aeb35934096d93839bc44821843ef9b4be7 e02ab4b397b8b123ade32e11995e7eaf7279f37350cc8674f73e5ecfefdb2c1a Loading...

	june26.com/	703 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash 9235ddf540bc4b70aab80918446af245 e6468294d4ad06fa340aa27890a75bded6651de0 bea1f5b281fc0f7516ba0984db94d7ca42844f063ebec4032ba1a201c67b408a Loading...

	june26.com/	287 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash 2f8461f57498d7e22a2bd58e3ba1a959 19f3ca499a955c7e2e21629861c252fbd8b0823b 3f214a7359fe37c14dc725e9cea822e2ce2e3c189b055443f1e439d6b98a1220 Loading...

	june26.com/	382 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash a3f552dde8e7c54deadb0e60ddcb7782 6a306eafa79f40afec956e825ce310c5b737f28e 4288fcb87c1d5fac74592432f8859244a8caabd80f6ae47ddb08de5262fa4529 Loading...

	www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=	0 B	2023-03-07	2024-04-24
Pretty URL www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 20:01:16 Times Seen37046007 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs	138 kB	2023-04-17	2023-05-30
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-17 20:06:22 Last Seen2023-05-30 18:51:55 Times Seen14374 Hash 5f4c0bacaf5519db23ed34b0b19f8fd8 e89c54b0406ed9381babffdf9641c66964995ce8 d0a8f0e95daeb3f7ba666cb7689bbce821318afaff0d9201095a4b8794737b50 Loading...

	june26.com/	372 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash 07d2ce83d0d31c898b110d0600c1b4c1 731dba7df229876041289c186ba4dba282144cd5 e3ea2d6f3444f4196433326cf16437f29382d31c4f63412eb0ce0c7d005e3ac9 Loading...

	apis.google.com/js/plusone.js	55 kB	2023-04-17	2023-05-30
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-17 20:06:22 Last Seen2023-05-30 18:27:35 Times Seen2109 Hash a0697e1ac21135b530ca55dc23b45f29 905f640a2316550576a223bce06776b2c5f3cacf 98392425b4423e34d9d83ce3224189f26770e42bc2a8a6f7a980f7c8617d8ee3 Loading...

	apis.google.com/js/plusone.js	59 kB	2023-05-19	2023-06-21
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 06:50:56 Last Seen2023-06-21 18:02:36 Times Seen2005 Hash 0cb9bb0589c1b8bba79f8920f432492d d1460e2be4e185ee60a50e59150632afdbed0775 e61bc2a62646eca4b91ae5d9d9c334b3b8a140a4c54804b0a39ceb3e34aaa56e Loading...

	june26.com/	52 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash db6d5aa9795d7c3bf69efb165c5b5927 1e12829b30a8b19babd05785a34cb2a71cb52690 20a3411ced2f1b6ba4eb02d439ba58b65514cb995256bc6e6724318b37ebc794 Loading...

	apis.google.com/js/platform:gapi.iframes.style.common.js	55 kB	2023-04-17	2023-05-30
Pretty URL apis.google.com/js/platform:gapi.iframes.style.common.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-17 20:06:18 Last Seen2023-05-30 20:19:52 Times Seen11346 Hash debc78d5ab286e41cb120de18a0324a4 c213cfe2aa81b115ce3c8ab022af8d1c88cc35e0 565e6a3c8690fc241634aee8ddd5e2bafe6be16009f2f5bce6be83ba57615cd4 Loading...

	www.blogger.com/static/v1/widgets/3274410642-widgets.js	84 kB	2023-03-13	2023-10-02
Pretty URL www.blogger.com/static/v1/widgets/3274410642-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen998 Hash 6980721bf1405073aa8869ee79864a07 44d0d7ae9a1397759e208b6e1521f75214cff113 8da16463a0ca9e380ff5e0f106b42745ddcca2845107ba39af8b4703d5837e76 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs	154 kB	2023-04-17	2023-05-30
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-17 20:06:22 Last Seen2023-05-30 18:27:35 Times Seen1640 Hash b4361fcbfc0b7402e4d7abf708e00e16 35b5ddb2a1c3db9ef192053313a56847f1bd1eb9 6d21496fff96f9f50f1094291999ba1e38efe7f44ca6e07814bcc07eadeae04f Loading...

	june26.com/	366 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash 06d9ef90b3db00c6907985cee3efa907 9da796c79c276461d7746c69d7f6ce3fdca4ac44 824e6f2d38942d0cd2ffdd42fd16c4684bc2c59290010822000c79b841640631 Loading...

	june26.com/	85 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash 9821a4447c7ac951b409e4496a56cad1 87f484dfe980f9152396e728c37c768f59ab7f34 0a720646f054679e4bf8cb415ff8f17f2d3a8a5bf0c5df1a80b01a5405389801 Loading...

	june26.com/	7.5 kB	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen564 Hash 84598a24b987827d9a28c53331a790d1 7d0955f71d37db19979546959f3a57ce540dfef0 7d58b8e7aeb2abedc72e4a70ec1ade75edd685386fbe01b15828ab3a7cebdcd1 Loading...

	june26.com/	94 B	2023-03-08	2024-04-19
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:36:14 Last Seen2024-04-19 09:50:23 Times Seen741 Hash 4c2ea93c54a69831ba78dfce697f3fa8 127ced89c2f05ac1d92652423c27a2b6af63093c dc4dd626f4cfa9a9b43686057b90cb504a8dacf9eedfd6cfc5568ce05af3d225 Loading...

	june26.com/	502 B	2023-03-13	2023-10-02
Pretty URL june26.com/ IP 23.229.130.141 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 18:36:50 Last Seen2023-10-02 15:23:51 Times Seen562 Hash d3ab2e69a54d3f2f2e54337826dbf643 8d3e9311c4cb17cbf42ae4b715c662869a697f05 0113dc4567f08d75d6ba502875713bb3f89dd001cef72641e46ff8f8c21ebc40 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6062dafeac4ff5d4a702d7fbea003ecb	120 B	2023-03-13	2023-10-02
Pretty Observations First Seen2023-03-13 18:36:51 Last Seen2023-10-02 15:23:51 Times Seen565 Hash 6062dafeac4ff5d4a702d7fbea003ecb ac925543051d162b335fc206dec2fd3032a187c2 33b84ba3c8e7780680027e49b621ab96ef1138f9fe2f069596a7e51a98ffd9cb Loading...

HTTP Transactions (29)

URL IP Response Size

c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt

52.8.134.32

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt
IP
52.8.134.32:80
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon

HTTP Headers

GET /?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt HTTP/1.1
Host: c1.reportbox3.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 27 May 2023 23:17:55 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: http://june26.com/

june26.com/

23.229.130.141

200 OK

11 kB

URL User Request GET HTTP/2
june26.com/
IP
23.229.130.141:443
ASN
#398101 GO-DADDY-COM-LLC

Certificate
IssuerGoDaddy.com, Inc.
Subjectjune26.com
FingerprintF4:E6:CC:3E:5E:9A:0B:96:76:9D:33:19:DF:EB:1D:B5:10:9D:7C:53
ValidityThu, 08 Dec 2022 11:10:35 GMT - Tue, 09 Jan 2024 11:10:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4826), with CRLF line terminators
Size
11 kB (11068 bytes)
Hash
f2b28b165747468c88ef4e1df60a6601
0515cb22048f232872251630c28b97bcb4f18dda
be70bd6ea6c6c0779570a02324dc1fb8847a6202faf35efb9a189ef2f19138c4

HTTP Headers

GET / HTTP/1.1
Host: june26.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-encoding: br
last-modified: Sun, 21 Feb 2021 16:22:31 GMT
accept-ranges: bytes
etag: "b21819c16d8d71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 27 May 2023 23:17:59 GMT
content-length: 11068
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05d7eccbd0fe7194e1c4088963354889
858e58be6bd0234b7168dafad3c78dd07ab87561
b03bc14110b1cf675bfa946a649ccbb4c1512d3372b84f6b4fdc3d6b918e4444

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img2.blogblog.com/img/icon18_edit_allbkg.gif

216.58.207.233

200 OK

162 B

URL GET HTTP/2
img2.blogblog.com/img/icon18_edit_allbkg.gif
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
GIF image data, version 89a, 18 x 18\012- data
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: img2.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 11:06:58 GMT
expires: Tue, 30 May 2023 11:06:58 GMT
cache-control: public, max-age=604800
last-modified: Mon, 22 May 2023 20:55:27 GMT
content-type: image/gif
age: 389462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/3274410642-widgets.js

216.58.207.233

200 OK

35 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3274410642-widgets.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
HTML document, ASCII text, with very long lines (2816)
Size
35 kB (34923 bytes)
Hash
6980721bf1405073aa8869ee79864a07
44d0d7ae9a1397759e208b6e1521f75214cff113
8da16463a0ca9e380ff5e0f106b42745ddcca2845107ba39af8b4703d5837e76

HTTP Headers

GET /static/v1/widgets/3274410642-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 34923
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 19:27:56 GMT
expires: Wed, 22 May 2024 19:27:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Sep 2013 06:51:42 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img1.blogblog.com/img/icon18_wrench_allbkg.png

216.58.207.233

200 OK

475 B

URL GET HTTP/2
img1.blogblog.com/img/icon18_wrench_allbkg.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Size
475 B (475 bytes)
Hash
f617effe6d96c15acfea8b2e8aae551f
6d676af11ad2e84b620cce4d5992b657cb2d8ab6
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

HTTP Headers

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 22:16:53 GMT
expires: Tue, 30 May 2023 22:16:53 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 May 2023 21:55:38 GMT
content-type: image/png
age: 349267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/103638431-widget_css_bundle.css

216.58.207.233

200 OK

6.3 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/103638431-widget_css_bundle.css
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
ASCII text, with very long lines (29595), with no line terminators
Size
6.3 kB (6261 bytes)
Hash
7cbcd1e6831c00789294150206acdf29
66ae3063cf9cb3af1659a9cbb9b6a5bb64ddd899
ba3df0b498ff7a6e19035a21d1013ae1de0ed39dfa5809ddd9dec6fc43f08d67

HTTP Headers

GET /static/v1/widgets/103638431-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 14:41:56 GMT
expires: Fri, 24 May 2024 14:41:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Sep 2013 04:41:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 203764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/js/plusone.js

142.250.74.78

200 OK

21 kB

URL GET HTTP/2
apis.google.com/js/plusone.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint4F:FF:C8:C8:21:72:D7:61:54:72:75:EA:84:95:AD:F2:71:2F:C6:33
ValidityMon, 08 May 2023 08:25:22 GMT - Mon, 31 Jul 2023 08:25:21 GMT

File type
ASCII text, with very long lines (1429)
Size
21 kB (21024 bytes)
Hash
a0697e1ac21135b530ca55dc23b45f29
905f640a2316550576a223bce06776b2c5f3cacf
98392425b4423e34d9d83ce3224189f26770e42bc2a8a6f7a980f7c8617d8ee3

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21024
date: Sat, 27 May 2023 23:18:00 GMT
expires: Sat, 27 May 2023 23:18:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c126bbcbc92da7a4"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
01306b55f5d6e6a8e1ff9411386a89a0
1c06c985114ad08023398fe3597371715cf6aa27
7d4df964819e827fdbd588784bff90bdb09b6938ca788e013144d1600e8ecc16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed

216.58.207.233

200 OK

21 B

URL GET HTTP/2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 23:18:00 GMT
last-modified: Sat, 27 May 2023 23:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/js/plusone.js

142.250.74.78

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/plusone.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint4F:FF:C8:C8:21:72:D7:61:54:72:75:EA:84:95:AD:F2:71:2F:C6:33
ValidityMon, 08 May 2023 08:25:22 GMT - Mon, 31 Jul 2023 08:25:21 GMT

File type
ASCII text, with very long lines (1576)
Size
22 kB (22282 bytes)
Hash
0cb9bb0589c1b8bba79f8920f432492d
d1460e2be4e185ee60a50e59150632afdbed0775
e61bc2a62646eca4b91ae5d9d9c334b3b8a140a4c54804b0a39ceb3e34aaa56e

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 22282
date: Sat, 27 May 2023 23:18:00 GMT
expires: Sat, 27 May 2023 23:18:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "0742060626d0bc68"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/logo-16.png

216.58.207.233

200 OK

279 B

URL GET HTTP/3
www.blogger.com/img/logo-16.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
279 B (279 bytes)
Hash
5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 06:25:18 GMT
expires: Tue, 30 May 2023 06:25:18 GMT
cache-control: public, max-age=604800
last-modified: Mon, 22 May 2023 23:02:07 GMT
content-type: image/png
age: 406363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

53 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (1530)
Size
53 kB (53310 bytes)
Hash
b4361fcbfc0b7402e4d7abf708e00e16
35b5ddb2a1c3db9ef192053313a56847f1bd1eb9
6d21496fff96f9f50f1094291999ba1e38efe7f44ca6e07814bcc07eadeae04f

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 53310
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:25:48 GMT
expires: Thu, 23 May 2024 00:25:48 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 341533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs

142.250.74.78

200 OK

17 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (3295)
Size
17 kB (17210 bytes)
Hash
15b9042df7ee4702f745c5ce68aabcb9
47ad4ce9337e9b1f435d7d24ae1617936f776bd6
6be7a46db6d1db00e4f9660ae7d5ae612cb07ecf337492f3b3057c9b2b688308

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 17210
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 02:07:49 GMT
expires: Thu, 23 May 2024 02:07:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 335412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__

216.58.207.233

2.6 kB

URL
www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
IP
216.58.207.233:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Size
2.6 kB (2573 bytes)
Hash
a3523ff1c35ed0c3f1104e090ef98a1d
77832414591c6f15cbdb757a4c50862f50289e22
faee8d132f17a2087c02aff250d8640fc06ea63b1e79e00066a5e851ee805aa2

HTTP Headers

GET /navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2573
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/icons_orange.png

216.58.207.233

200 OK

915 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/icons_orange.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Size
915 B (915 bytes)
Hash
87f25844d23ac1ee03604e668f5c1797
85d440947d70a78672740ff7e8062f68ce9d99a3
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72

HTTP Headers

GET /img/navbar/icons_orange.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:19:11 GMT
expires: Wed, 31 May 2023 00:19:11 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 May 2023 18:58:05 GMT
content-type: image/png
age: 341930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/arrows-blue.png

216.58.207.233

200 OK

104 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/arrows-blue.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Size
104 B (104 bytes)
Hash
38c95719e05f4184a301768d8de91e09
d0ed1147d46f2cf592584239a5a101d6f2abb588
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be

HTTP Headers

GET /img/navbar/arrows-blue.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:44:29 GMT
expires: Tue, 30 May 2023 18:44:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 May 2023 12:50:56 GMT
content-type: image/png
age: 362012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/platform:gapi.iframes.style.common.js

142.250.74.78

200 OK

21 kB

URL GET HTTP/3
apis.google.com/js/platform:gapi.iframes.style.common.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (1429)
Size
21 kB (21035 bytes)
Hash
debc78d5ab286e41cb120de18a0324a4
c213cfe2aa81b115ce3c8ab022af8d1c88cc35e0
565e6a3c8690fc241634aee8ddd5e2bafe6be16009f2f5bce6be83ba57615cd4

HTTP Headers

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21035
date: Sat, 27 May 2023 23:18:02 GMT
expires: Sat, 27 May 2023 23:18:02 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "2f45c62846ee2cd4"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs

142.250.74.78

200 OK

46 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (1530)
Size
46 kB (46014 bytes)
Hash
5f4c0bacaf5519db23ed34b0b19f8fd8
e89c54b0406ed9381babffdf9641c66964995ce8
d0a8f0e95daeb3f7ba666cb7689bbce821318afaff0d9201095a4b8794737b50

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 46014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:19:24 GMT
expires: Thu, 23 May 2024 00:19:24 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 341918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

216.58.207.233

200 OK

6.7 kB

URL GET HTTP/3
www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://june26.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6888), with no line terminators
Size
6.7 kB (6701 bytes)
Hash
0cdc7eeb92597921ff0f4cf239e7a03f
3d87b6436af87f85f2b9a3edb728c55b50bb2acc
5f76351b634a9e669ec4a171bb9c016798d9d7b646184b269841459a0facc85c

HTTP Headers

GET /navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2573
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

0.0.0.0

0 B

URL User Request GET
c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon

HTTP Headers

GET /?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt HTTP/1.1
Host: c1.reportbox3.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.hiringjobtweets.com/favicon.ico

0.0.0.0

0 B

URL GET
www.hiringjobtweets.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://june26.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.hiringjobtweets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML