c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt
52.8.134.32301 Moved Permanently 0 B URL User Request GET HTTP/1.1 c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt
IP 52.8.134.32:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon
GET /?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt HTTP/1.1
Host: c1.reportbox3.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sat, 27 May 2023 23:17:55 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: http://june26.com/
23.229.130.141200 OK 11 kB URL User Request GET HTTP/2 IP 23.229.130.141:443
ASN #398101 GO-DADDY-COM-LLC
Certificate IssuerGoDaddy.com, Inc.
Subjectjune26.com
FingerprintF4:E6:CC:3E:5E:9A:0B:96:76:9D:33:19:DF:EB:1D:B5:10:9D:7C:53
ValidityThu, 08 Dec 2022 11:10:35 GMT - Tue, 09 Jan 2024 11:10:35 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4826), with CRLF line terminators
Hash f2b28b165747468c88ef4e1df60a6601
0515cb22048f232872251630c28b97bcb4f18dda
be70bd6ea6c6c0779570a02324dc1fb8847a6202faf35efb9a189ef2f19138c4
GET / HTTP/1.1
Host: june26.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-encoding: br
last-modified: Sun, 21 Feb 2021 16:22:31 GMT
accept-ranges: bytes
etag: "b21819c16d8d71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Sat, 27 May 2023 23:17:59 GMT
content-length: 11068
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 05d7eccbd0fe7194e1c4088963354889
858e58be6bd0234b7168dafad3c78dd07ab87561
b03bc14110b1cf675bfa946a649ccbb4c1512d3372b84f6b4fdc3d6b918e4444
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img2.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL GET HTTP/2 img2.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: img2.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 11:06:58 GMT
expires: Tue, 30 May 2023 11:06:58 GMT
cache-control: public, max-age=604800
last-modified: Mon, 22 May 2023 20:55:27 GMT
content-type: image/gif
age: 389462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3274410642-widgets.js
216.58.207.233200 OK 35 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/3274410642-widgets.js
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type HTML document, ASCII text, with very long lines (2816)
Hash 6980721bf1405073aa8869ee79864a07
44d0d7ae9a1397759e208b6e1521f75214cff113
8da16463a0ca9e380ff5e0f106b42745ddcca2845107ba39af8b4703d5837e76
GET /static/v1/widgets/3274410642-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 34923
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 19:27:56 GMT
expires: Wed, 22 May 2024 19:27:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Sep 2013 06:51:42 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img1.blogblog.com/img/icon18_wrench_allbkg.png
216.58.207.233200 OK 475 B URL GET HTTP/2 img1.blogblog.com/img/icon18_wrench_allbkg.png
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Hash f617effe6d96c15acfea8b2e8aae551f
6d676af11ad2e84b620cce4d5992b657cb2d8ab6
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
GET /img/icon18_wrench_allbkg.png HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 22:16:53 GMT
expires: Tue, 30 May 2023 22:16:53 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 May 2023 21:55:38 GMT
content-type: image/png
age: 349267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/103638431-widget_css_bundle.css
216.58.207.233200 OK 6.3 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/103638431-widget_css_bundle.css
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type ASCII text, with very long lines (29595), with no line terminators
Hash 7cbcd1e6831c00789294150206acdf29
66ae3063cf9cb3af1659a9cbb9b6a5bb64ddd899
ba3df0b498ff7a6e19035a21d1013ae1de0ed39dfa5809ddd9dec6fc43f08d67
GET /static/v1/widgets/103638431-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 14:41:56 GMT
expires: Fri, 24 May 2024 14:41:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Sep 2013 04:41:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 203764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.78200 OK 21 kB URL GET HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint4F:FF:C8:C8:21:72:D7:61:54:72:75:EA:84:95:AD:F2:71:2F:C6:33
ValidityMon, 08 May 2023 08:25:22 GMT - Mon, 31 Jul 2023 08:25:21 GMT
File type ASCII text, with very long lines (1429)
Hash a0697e1ac21135b530ca55dc23b45f29
905f640a2316550576a223bce06776b2c5f3cacf
98392425b4423e34d9d83ce3224189f26770e42bc2a8a6f7a980f7c8617d8ee3
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21024
date: Sat, 27 May 2023 23:18:00 GMT
expires: Sat, 27 May 2023 23:18:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c126bbcbc92da7a4"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 01306b55f5d6e6a8e1ff9411386a89a0
1c06c985114ad08023398fe3597371715cf6aa27
7d4df964819e827fdbd588784bff90bdb09b6938ca788e013144d1600e8ecc16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 0301c29d2ba3f5bbf74a7322c6f81a23
f900b02a4ced831602a9a988842b28acfeb9fecc
4b6f30c3cbfe39764ae0ddeb6eeea1d0b510ba3196116dcc921997997d948289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 23:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed
216.58.207.233200 OK 21 B URL GET HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 23:18:00 GMT
last-modified: Sat, 27 May 2023 23:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.78200 OK 22 kB URL GET HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint4F:FF:C8:C8:21:72:D7:61:54:72:75:EA:84:95:AD:F2:71:2F:C6:33
ValidityMon, 08 May 2023 08:25:22 GMT - Mon, 31 Jul 2023 08:25:21 GMT
File type ASCII text, with very long lines (1576)
Hash 0cb9bb0589c1b8bba79f8920f432492d
d1460e2be4e185ee60a50e59150632afdbed0775
e61bc2a62646eca4b91ae5d9d9c334b3b8a140a4c54804b0a39ceb3e34aaa56e
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 22282
date: Sat, 27 May 2023 23:18:00 GMT
expires: Sat, 27 May 2023 23:18:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "0742060626d0bc68"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL GET HTTP/3 www.blogger.com/img/logo-16.png
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 06:25:18 GMT
expires: Tue, 30 May 2023 06:25:18 GMT
cache-control: public, max-age=604800
last-modified: Mon, 22 May 2023 23:02:07 GMT
content-type: image/png
age: 406363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 53 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (1530)
Hash b4361fcbfc0b7402e4d7abf708e00e16
35b5ddb2a1c3db9ef192053313a56847f1bd1eb9
6d21496fff96f9f50f1094291999ba1e38efe7f44ca6e07814bcc07eadeae04f
GET /_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 53310
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:25:48 GMT
expires: Thu, 23 May 2024 00:25:48 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 341533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs
142.250.74.78200 OK 17 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs
IP 142.250.74.78:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (3295)
Hash 15b9042df7ee4702f745c5ce68aabcb9
47ad4ce9337e9b1f435d7d24ae1617936f776bd6
6be7a46db6d1db00e4f9660ae7d5ae612cb07ecf337492f3b3057c9b2b688308
GET /_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 17210
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 02:07:49 GMT
expires: Thu, 23 May 2024 02:07:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 335412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
216.58.207.233 2.6 kB URL www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
IP 216.58.207.233:0
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Hash a3523ff1c35ed0c3f1104e090ef98a1d
77832414591c6f15cbdb757a4c50862f50289e22
faee8d132f17a2087c02aff250d8640fc06ea63b1e79e00066a5e851ee805aa2
GET /navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2573
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/icons_orange.png
216.58.207.233200 OK 915 B URL GET HTTP/3 resources.blogblog.com/img/navbar/icons_orange.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Hash 87f25844d23ac1ee03604e668f5c1797
85d440947d70a78672740ff7e8062f68ce9d99a3
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
GET /img/navbar/icons_orange.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:19:11 GMT
expires: Wed, 31 May 2023 00:19:11 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 May 2023 18:58:05 GMT
content-type: image/png
age: 341930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/arrows-blue.png
216.58.207.233200 OK 104 B URL GET HTTP/3 resources.blogblog.com/img/navbar/arrows-blue.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 38c95719e05f4184a301768d8de91e09
d0ed1147d46f2cf592584239a5a101d6f2abb588
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
GET /img/navbar/arrows-blue.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:44:29 GMT
expires: Tue, 30 May 2023 18:44:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 23 May 2023 12:50:56 GMT
content-type: image/png
age: 362012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/js/platform:gapi.iframes.style.common.js
142.250.74.78200 OK 21 kB URL GET HTTP/3 apis.google.com/js/platform:gapi.iframes.style.common.js
IP 142.250.74.78:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (1429)
Hash debc78d5ab286e41cb120de18a0324a4
c213cfe2aa81b115ce3c8ab022af8d1c88cc35e0
565e6a3c8690fc241634aee8ddd5e2bafe6be16009f2f5bce6be83ba57615cd4
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21035
date: Sat, 27 May 2023 23:18:02 GMT
expires: Sat, 27 May 2023 23:18:02 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "2f45c62846ee2cd4"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 46 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__#rpctoken=146281494&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (1530)
Hash 5f4c0bacaf5519db23ed34b0b19f8fd8
e89c54b0406ed9381babffdf9641c66964995ce8
d0a8f0e95daeb3f7ba666cb7689bbce821318afaff0d9201095a4b8794737b50
GET /_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 46014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:19:24 GMT
expires: Thu, 23 May 2024 00:19:24 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 341918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
216.58.207.233200 OK 6.7 kB URL GET HTTP/3 www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6888), with no line terminators
Hash 0cdc7eeb92597921ff0f4cf239e7a03f
3d87b6436af87f85f2b9a3edb728c55b50bb2acc
5f76351b634a9e669ec4a171bb9c016798d9d7b646184b269841459a0facc85c
GET /navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 May 2023 23:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2573
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt
0.0.0.0 0 B URL User Request GET c1.reportbox3.info/?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon
GET /?step_id=1&installer_id=1087492958&publisher_id=821&source_id=0&page_id=0&country_code=ES&locale=EN&browser_id=1&download_id=2094513897&external_id=0&session_id=2549454903&hardware_id=642195355&product_name=TusFiles&filesize=5.0+MB&product_title=PNDRA42_RYDAH805.apk&reffer=http://tusfiles.net/&product_download_url=%3CServerUrl%3E/addons/error.txt&product_file_name=error.txt HTTP/1.1
Host: c1.reportbox3.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.hiringjobtweets.com/favicon.ico
0.0.0.0 0 B URL GET www.hiringjobtweets.com/favicon.ico
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.hiringjobtweets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache