gimnostipos.blogspot.co.ke/
142.250.74.161302 Moved Temporarily 178 B URL HTTP/1.1 gimnostipos.blogspot.co.ke/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f64f829639b3e29a9ab6729ca5d700b8
425b0863d642cd5662fd946b7ef80663058e149d
18bdd227e252bd95220b673ad488d842e7ca757c3606ee440cf65c7738049be9
GET / HTTP/1.1
Host: gimnostipos.blogspot.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://gimnostipos.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 15:16:35 GMT
Expires: Tue, 04 Oct 2022 15:16:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 14:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: md_1FogGK7fn1_hSJQCnFDZoaXZ3tNLDC3jzqzJ9HrG9CQmnUlKvfQ==
Age: 1771
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6546
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 15:16:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ihC90VoWgTooZhThFdUSxUcCPsBtOgL4aiKVK5cMoqJnrpAFAwgmeg==
age: 35288
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:16:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 14:29:33 GMT
Expires: Tue, 04 Oct 2022 14:31:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DfVPk0uNLrKHA638fTLQlKJqIHgjOguMAONdiOCUT2XBlySMqiW_UQ==
Age: 2822
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5826
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:35 GMT
Last-Modified: Tue, 04 Oct 2022 13:39:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
gimnostipos.blogspot.com/
142.250.74.161200 OK 39 kB URL HTTP/1.1 gimnostipos.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1490)
Hash 394a01a651e6b51041d8841ed3cc3861
8137475fc25efb490794f8fcd2978a84620a0176
ab9c2cdfbf8be5033b693d95846a7e423dc162df81b1c64ec65f64d2bd6538c4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gimnostipos.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 04 Oct 2022 15:16:35 GMT
Date: Tue, 04 Oct 2022 15:16:35 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Mar 2022 23:11:44 GMT
ETag: W/"f58aa26ceba675b08896830625e0372c153175f4d9982957bb7f57a63906e5b4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 39040
Server: GSE
gimnostipos.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 gimnostipos.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: gimnostipos.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Tue, 04 Oct 2022 15:16:36 GMT
Expires: Tue, 11 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 04 Oct 2022 12:57:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 342bb07fd3b486a18a168387a7cf4ff6
527d5718d356712356bfe6915da16694ea0141f4
d6c354b2d0e056f3a00c2e1c4fe4216e7afa40317015e49cc85c9228a40e1f74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash db775b8d58d4e959e1ebbe27b053f1b2
97328dba1a0f9532fe1215fbdf613707a9c1c461
072a16655403858c5a1cccb7189194516045f42adfcf3d5fec7bcff74937bad1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 342bb07fd3b486a18a168387a7cf4ff6
527d5718d356712356bfe6915da16694ea0141f4
d6c354b2d0e056f3a00c2e1c4fe4216e7afa40317015e49cc85c9228a40e1f74
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.201200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:39:06 GMT
expires: Sun, 01 Oct 2023 12:39:06 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: text/css
age: 268650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/charts/loader.js
142.250.74.163200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 14:47:02 GMT
expires: Tue, 04 Oct 2022 15:47:02 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 1774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 04 Oct 2022 15:16:36 GMT
expires: Tue, 04 Oct 2022 15:16:36 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img1.blogblog.com/html/buttons/blogger-ipower-blue.gif
216.58.207.201200 OK 984 B URL HTTP/1.1 img1.blogblog.com/html/buttons/blogger-ipower-blue.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 88 x 30\012- data
Hash 844564f46fd338722e26e9d57808e3e6
02a5fa9037b53ee0278b5cb3a5bff756b5875e12
e442a96ee7b97f5b1427de340acb16ba5013a2e3eada6428a7a64e8654358768
GET /html/buttons/blogger-ipower-blue.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 984
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 01 Oct 2022 03:42:33 GMT
Expires: Sat, 08 Oct 2022 03:42:33 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 30 Sep 2022 19:52:35 GMT
Content-Type: image/gif
Age: 300843
resources.blogblog.com/img/widgets/subscribe-netvibes.png
216.58.207.201200 OK 1.4 kB URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-netvibes.png
IP 216.58.207.201:0
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash c52a5f4ecb6be5d7e93b23ef4122ee4e
4e698a5f455daf3a8ea1e219b1998079f0546716
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
GET /img/widgets/subscribe-netvibes.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 11:47:52 GMT
expires: Sat, 08 Oct 2022 11:47:52 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 14:51:29 GMT
content-type: image/png
age: 271724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon_feed12.png
216.58.207.201200 OK 500 B URL HTTP/2 resources.blogblog.com/img/icon_feed12.png
IP 216.58.207.201:0
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 44e7355a788fd1082deff0018883758e
50e3a28a44978e85d13c30522e0c71c8d0b24675
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
GET /img/icon_feed12.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 09:06:36 GMT
expires: Sat, 08 Oct 2022 09:06:36 GMT
cache-control: public, max-age=604800
last-modified: Sat, 01 Oct 2022 07:51:36 GMT
content-type: image/png
age: 281400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/792789798-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/792789798-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 02e6bf311e18828a522b4d3a4079084f
a63cd373fa23b4fe11f938d57737e6bfa1ebe789
25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
GET /static/v1/widgets/792789798-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 02:15:20 GMT
expires: Tue, 03 Oct 2023 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 00:49:27 GMT
content-type: text/javascript
age: 133276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.201200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 19:52:13 GMT
expires: Sat, 08 Oct 2022 19:52:13 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: image/gif
age: 242663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-yahoo.png
216.58.207.201200 OK 580 B URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-yahoo.png
IP 216.58.207.201:0
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash 79f602b6ac18bee79b4e2353a6674010
28accf82263aa1a11bb821439d4d185865662530
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
GET /img/widgets/subscribe-yahoo.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 10:16:11 GMT
expires: Sat, 08 Oct 2022 10:16:11 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: image/png
age: 277225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/arrow_dropdown.gif
216.58.207.201200 OK 141 B URL HTTP/2 resources.blogblog.com/img/widgets/arrow_dropdown.gif
IP 216.58.207.201:0
File type GIF image data, version 89a, 13 x 10\012- data
Hash 2964a07d60a4e76b299130fb1b4115f6
3b72dcc19f3ad685513eaba612e07e0ed495f2e1
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
GET /img/widgets/arrow_dropdown.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 17:07:09 GMT
expires: Sat, 08 Oct 2022 17:07:09 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: image/gif
age: 252567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png
216.58.207.201200 OK 23 kB URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png
IP 216.58.207.201:0
File type PNG image data, 300 x 300, 2-bit colormap, non-interlaced\012- data
Hash 5cd8cda0e75b359eb8f15dc83b0c5c29
86c99fbb62aadacb3ebd3f948d345b917f65253f
0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9
GET /blogblog/data/1kt/watermark/body_background_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 22568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 13:35:41 GMT
expires: Sat, 08 Oct 2022 13:35:41 GMT
cache-control: public, max-age=604800
last-modified: Sat, 01 Oct 2022 12:48:58 GMT
content-type: image/png
age: 265255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 13:22:04 GMT
Expires: Tue, 18 Oct 2022 13:22:04 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 6872
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 07:25:42 GMT
expires: Mon, 02 Oct 2023 07:25:42 GMT
cache-control: public, max-age=31536000
age: 201054
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R5a6dCA7b8IoQymE8lIAAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qNen8KdgmYDJ6QjEdvnxceXg45s=
resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png
216.58.207.201200 OK 3.5 kB URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png
IP 216.58.207.201:0
File type PNG image data, 386 x 121, 8-bit colormap, non-interlaced\012- data
Hash 031c64f442b967c59b28cdc8b03ac349
59f743959d06ced56f36b5e262c76e6cbfef9720
4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a
GET /blogblog/data/1kt/watermark/body_overlay_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 3523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 19:52:29 GMT
expires: Sat, 08 Oct 2022 19:52:29 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: image/png
age: 242647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png
216.58.207.201200 OK 103 B URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png
IP 216.58.207.201:0
File type PNG image data, 10 x 10, 8-bit colormap, non-interlaced\012- data
Hash 7928cb1e4fb733117a1479c289f29d92
bd1bbe65951f64f44ec85910877dabd35c6dbc07
8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e
GET /blogblog/data/1kt/watermark/post_background_birds.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 18:08:51 GMT
expires: Sat, 08 Oct 2022 18:08:51 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 21:57:44 GMT
content-type: image/png
age: 248865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/img/logo-16.png
216.58.207.201200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.201:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 01 Oct 2022 15:46:22 GMT
Expires: Sat, 08 Oct 2022 15:46:22 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 30 Sep 2022 19:52:35 GMT
Content-Type: image/png
Age: 257414
www.blogger.com/dyn-css/authorization.css?targetBlogID=988410766766301150&zx=5c4eb7f7-d17c-4fe1-8745-8be96265d22f
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=988410766766301150&zx=5c4eb7f7-d17c-4fe1-8745-8be96265d22f
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=988410766766301150&zx=5c4eb7f7-d17c-4fe1-8745-8be96265d22f HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 15:16:36 GMT
last-modified: Tue, 04 Oct 2022 15:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
216.58.207.195200 OK 33 kB URL HTTP/1.1 fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33436, version 1.0\012- data
Hash b9b4c932ef89c39525bfe1b604cda3a1
767246e4c7df1b6c32f590c16c135808382b1aba
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
GET /s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gimnostipos.blogspot.com
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 33436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 19:04:24 GMT
Expires: Wed, 27 Sep 2023 19:04:24 GMT
Cache-Control: public, max-age=31536000
Age: 591132
Last-Modified: Tue, 26 Apr 2022 15:01:13 GMT
Content-Type: font/woff2
www.frontpages.gr/ticker.php?category=15&c=626886&big=1
104.26.14.25301 Moved Permanently 0 B URL HTTP/1.1 www.frontpages.gr/ticker.php?category=15&c=626886&big=1
IP 104.26.14.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ticker.php?category=15&c=626886&big=1 HTTP/1.1
Host: www.frontpages.gr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 15:16:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 16:16:36 GMT
Location: https://www.frontpages.gr/ticker.php?category=15&c=626886&big=1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jafzvYPd2rGlsCXYqEQRbQHYWWlulPbekYh3Sm6tYnarHQ6zDr7qKQ6oV%2FfHcQIU8wVJYt%2B0YUPV%2F9wx9NX8ycyUnAcAZl2snv5DWRMcJUcKtLLhNnzwVrDavS8Oef8nEGoz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754ee12f5f0ab4f9-OSL
alt-svc: h2=":443"; ma=60
cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
96.126.123.244200 OK 157 B URL HTTP/1.1 cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
IP 96.126.123.244:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 15:16:36 GMT
content-type: application/javascript
content-length: 157
last-modified: Wed, 07 Mar 2018 18:30:37 GMT
etag: "5aa02fcd-9d"
accept-ranges: bytes
connection: close
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3KdgJoLcTnUr-HelXMN17gMpY0rvHH4uOrvRzDSJdyKQ_07BlN-RRFztrga4ym6UYupPplhKgdsqQjAQXNW9Uuwmwf1N6NF-hxv37cH6db2lIG_Kqg_1tlMBJN6QK8V9r_pBzzPyCD4nsHmT8-3bgQs7olpoT1Hc8gXGo=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3KdgJoLcTnUr-HelXMN17gMpY0rvHH4uOrvRzDSJdyKQ_07BlN-RRFztrga4ym6UYupPplhKgdsqQjAQXNW9Uuwmwf1N6NF-hxv37cH6db2lIG_Kqg_1tlMBJN6QK8V9r_pBzzPyCD4nsHmT8-3bgQs7olpoT1Hc8gXGo=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash ec63deb54079ca7aea8fc25eaa889e54
a27b45ef67c41ed7d1fd6b20ca16fb4d3b42ac91
026cd1e71cde809e9a0408f39eea3efb86139c7c73ee83679b2d8d09300d9e7b
GET /blogger_img_proxy/ANbyha3KdgJoLcTnUr-HelXMN17gMpY0rvHH4uOrvRzDSJdyKQ_07BlN-RRFztrga4ym6UYupPplhKgdsqQjAQXNW9Uuwmwf1N6NF-hxv37cH6db2lIG_Kqg_1tlMBJN6QK8V9r_pBzzPyCD4nsHmT8-3bgQs7olpoT1Hc8gXGo=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 15:16:36 GMT
server: fife
content-length: 1768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-cJGqq1V8YI4/XKQydhtpYjI/AAAAAAAAi6U/2cghkabL0-cVaejCWzG7l2jupNCqI6MdACK4BGAYYCw/s77/KGrHqVpkFuFlgkwBQbbNPPmdg60_1.JPG
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 2.bp.blogspot.com/-cJGqq1V8YI4/XKQydhtpYjI/AAAAAAAAi6U/2cghkabL0-cVaejCWzG7l2jupNCqI6MdACK4BGAYYCw/s77/KGrHqVpkFuFlgkwBQbbNPPmdg60_1.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 52x77, components 3\012- data
Hash d35045143783bb67697cb62e8a2014f8
99af03ce0a27fdda0184df096569b6443219d3e3
459c38e137c10bfc0ebe854cf9893e021aeb5acba50176029d3d727253dba274
GET /-cJGqq1V8YI4/XKQydhtpYjI/AAAAAAAAi6U/2cghkabL0-cVaejCWzG7l2jupNCqI6MdACK4BGAYYCw/s77/KGrHqVpkFuFlgkwBQbbNPPmdg60_1.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v8ba6"
Expires: Wed, 05 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="KGrHqVpkFuFlgkwBQbbNPPmdg60_1.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 15:16:36 GMT
Server: fife
Content-Length: 4383
X-XSS-Protection: 0
2.bp.blogspot.com/-23DTIV7FfwQ/VasyfcWYIhI/AAAAAAAAg1M/5G1e7dImD_8/w72-h72-p-k-no-nu/http%25253A%25252F%25252F31.media.tumblr.com%25252F52a17a863b1725835e6ac15112d20bd6%25252Ftumblr_n7ou5sjfJb1qzuymjo1_1280.jpg
142.250.74.161200 OK 4.7 kB URL HTTP/1.1 2.bp.blogspot.com/-23DTIV7FfwQ/VasyfcWYIhI/AAAAAAAAg1M/5G1e7dImD_8/w72-h72-p-k-no-nu/http%25253A%25252F%25252F31.media.tumblr.com%25252F52a17a863b1725835e6ac15112d20bd6%25252Ftumblr_n7ou5sjfJb1qzuymjo1_1280.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d2430eb2be70ecf2882f3f5f2770b277
68fe102df823b154d7a3ede28cbf9119bb98fe7a
652a3b490f79fff95329c76a7320e7708ad271f6354dc88992b50a79d58b16e2
GET /-23DTIV7FfwQ/VasyfcWYIhI/AAAAAAAAg1M/5G1e7dImD_8/w72-h72-p-k-no-nu/http%25253A%25252F%25252F31.media.tumblr.com%25252F52a17a863b1725835e6ac15112d20bd6%25252Ftumblr_n7ou5sjfJb1qzuymjo1_1280.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v8354"
Expires: Wed, 05 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="http%3A%2F%2F31.media.tumblr.com%2F52a17a863b1725835e6ac15112d20bd6%2Ftumblr_n7ou5sjfJb1qzuymjo1_1280.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 15:16:36 GMT
Server: fife
Content-Length: 4685
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a7b92212ae4106a9ed5d5e1799853f2
c1fef7d0e5389a9dc047bb1ff0bd7f923cf83d97
ba1b8ae206d40083e34aeb116ac4356070aa12bc09e051765154e8a1648fe2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.widgetserver.com/
72.14.185.43200 OK 7.2 kB IP 72.14.185.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (336)
Hash 813b8af7f2eb71cd7ac4c7a9f728adb9
d7a56e9d02222cf5bf8c4b8d65b03633ac94840f
ede1e7cc7158426774c49408518be58b44c0284e5abd60f9da7d14c1d3433427
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 15:16:36 GMT
content-type: text/html; charset=utf-8
content-length: 7174
vary: Accept-Language
content-language: en
connection: close
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D988410766766301150%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://gimnostipos.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D988410766766301150%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://gimnostipos.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 453 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D988410766766301150%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://gimnostipos.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D988410766766301150%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://gimnostipos.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (514)
Hash 84132d8dbbcf0a33463892c56bb07d43
cb38a8b189a41ee60b7071563812d1dcc330cb8f
b2f83ef4aab260afb4b6ff297ddab79d0f0db71b27384ae3567da4059cca632b
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D988410766766301150%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://gimnostipos.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D988410766766301150%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%253D%253D%26pageSize%3D21%26origin%3Dhttp://gimnostipos.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gimnostipos.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 15:16:36 GMT
location: https://www.blogger.com/followers.g?blogID=988410766766301150&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqC3RyYW5zcGFyZW50MgcjMDAwMDAwOgcjMDAwMDAwQgcjMDAwMDAwSgcjMDAwMDAwUgcjMDAwMDAwWgt0cmFuc3BhcmVudA%3D%3D&pageSize=21&origin=http%3A%2F%2Fgimnostipos.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-YLK9TtWV7fXLoqdzKEoQBQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 453
server: GSE
set-cookie: __Host-GAPS=1:JN68B9ps7HNAGKE2QTgd8FrxljSoqA:cN8KG1t4LjwmLN8F;Path=/;Expires=Thu, 03-Oct-2024 15:16:36 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.widgetserver.com/favicon.ico
72.14.185.43200 OK 43 B URL HTTP/1.1 cdn.widgetserver.com/favicon.ico
IP 72.14.185.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 15:16:37 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7010
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7010
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7010
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:16:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7010
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:16:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 63137
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 38026
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 63137
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 63137
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 63124
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 63122
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.widgetserver.com/mtm/async/.eJxdjEsOwjAMRO-SZYlillDEWVBI3dRSPiYxbSXE3UkQK3Zv5o39Us9CalSgtLLF14aNCs5YsLSwiPAI4CmmXIU4V3MP2VfOYlyO_Wxp4pZsxDZ3UzIbTR6lYlmx9E3_7ByyNC-4CywSg7bMgZwVygn23hz2_zaGy-N6NGdN0XoEu9L8ww3vrAcYvv6k3h9CTkQq:1ofjeu:p3pgTkBOVJ1ILeYFluEzdWJC96k/1/0
72.14.185.43200 OK 256 B URL HTTP/1.1 cdn.widgetserver.com/mtm/async/.eJxdjEsOwjAMRO-SZYlillDEWVBI3dRSPiYxbSXE3UkQK3Zv5o39Us9CalSgtLLF14aNCs5YsLSwiPAI4CmmXIU4V3MP2VfOYlyO_Wxp4pZsxDZ3UzIbTR6lYlmx9E3_7ByyNC-4CywSg7bMgZwVygn23hz2_zaGy-N6NGdN0XoEu9L8ww3vrAcYvv6k3h9CTkQq:1ofjeu:p3pgTkBOVJ1ILeYFluEzdWJC96k/1/0
IP 72.14.185.43:0
File type ASCII text, with no line terminators
Hash 5ad83f336ed5707193d6048a5242617b
49e481758f3f8e30f541fe15c595609322790c68
8657bc02c954f398bfbc65c8bed356a12b8a32440497f7ed64a1de9d765b9841
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdjEsOwjAMRO-SZYlillDEWVBI3dRSPiYxbSXE3UkQK3Zv5o39Us9CalSgtLLF14aNCs5YsLSwiPAI4CmmXIU4V3MP2VfOYlyO_Wxp4pZsxDZ3UzIbTR6lYlmx9E3_7ByyNC-4CywSg7bMgZwVygn23hz2_zaGy-N6NGdN0XoEu9L8ww3vrAcYvv6k3h9CTkQq:1ofjeu:p3pgTkBOVJ1ILeYFluEzdWJC96k/1/0 HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn.widgetserver.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 15:16:38 GMT
content-type: text/html; charset=utf-8
content-length: 256
x-mtm-path: 4
x-mtm-prov: 1:6.42;70:0.00
x-mtm-rd: 0.25
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ3aWRnZXRzZXJ2ZXIuY29tIiwiaHR0cDovL3d3dzEud2lkZ2V0c2VydmVyLmNvbS8_dG09MSZzdWJpZDQ9MTY2NDg5NjU5Ny4wMzQ0MDEwMDAwJktXMT1FdXJvcGUlMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXMj1Ob3J3YXklMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXMz1Pc2xvJTIwQ291bnR5JTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzQ9T3NsbyUyMERlZGljYXRlZCUyMFNlcnZlcnMmS1c1PUN1c3RvbSUyMERlZGljYXRlZCUyMFNlcnZlcnMmc2VhcmNoYm94PTAmYmFja2ZpbGw9MCIsMSwiMjAyMi0xMC0wNCAxNToxNjozOCIsMSwiMTY2NDg5NjU5Ny4wMzQ0MDEwMDAwIiwxLG51bGwsbnVsbF0:1ofjew:5EJVekMjz8bTh6GldoYFnB9G1lg; expires=Tue, 04-Oct-2022 16:16:38 GMT; Max-Age=3600; Path=/
connection: close
www1.widgetserver.com/?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
75.2.73.197200 OK 657 B URL HTTP/1.1 www1.widgetserver.com/?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP 75.2.73.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d9281c64d40de50c4f34e1eeb69fb267
29f719a626e58ccaf433fdbffaa6a5a68e30c71b
3ab2554ac7ffc2be45180dc32a25dbd38430b2d5fb423da11b9f7cc455d0d524
GET /?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:16:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
54.230.245.130200 OK 343 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP 54.230.245.130:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 04 Oct 2022 07:34:23 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T8H8Qh5rXPqLmulQT0EFedKTFXq9XNRQVwUv61uRyw_CJ5npQ87iNA==
Age: 27736
d38psrni17bvxu.cloudfront.net/themes/assets/zeropark.css
54.230.245.130200 OK 208 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/zeropark.css
IP 54.230.245.130:0
Hash be223301cce69116e7a473d42a863379
928aee49e0ddcbee8c410cdbd80d94820a6cafab
d7a8d561985ea3bb5e9433926fd9c103d4e6c041c19fa4c1dcaa2c0949be74d7
GET /themes/assets/zeropark.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 04 Oct 2022 09:15:06 GMT
Last-Modified: Tue, 25 Jan 2022 08:25:52 GMT
Content-Encoding: gzip
ETag: W/"61efb410-157"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DZ3yez6jy9wENQRtpHCkZhYg6jgIWJ5JRHswhCokGUPKDR-ObpeE6g==
Age: 21693
www1.widgetserver.com/favicon.ico
75.2.73.197200 OK 0 B URL HTTP/1.1 www1.widgetserver.com/favicon.ico
IP 75.2.73.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:16:39 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 70abafa8088453fca554b1b67690ab44
38a7140c56534c3eb91ff5358aafa9e6b2e797d3
98a3cb8489240da45848b4574a3ecb16313e370e5c84c44a1b9edc2faa72632a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 15:16:39 GMT
Last-Modified: Tue, 04 Oct 2022 13:37:28 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FdYz1q30vaQEfd_BCYghpXltW5vX2rOpN2QcxMXz3_ngP1YWQvP8ag==
Age: 5951
brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
35.170.174.54200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP 35.170.174.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1958)
Hash a563252755cd7607bcf98831f1e155b0
73e8a02adbb48cf4e846bbea2e58e82cbe59c4b3
5867d1dd95cb86aa7294430e8342b773ed3946ca03d4b7d484e375e19f1f56d9
GET /lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:16:39 GMT
content-type: text/html;charset=UTF-8
content-length: 10840
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brigi-jar.com/style.css
35.170.174.54200 OK 6.0 kB IP 35.170.174.54:0
Hash 2eb024ad11ef5f2e503bfb60117c25d8
235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a
GET /style.css HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:16:39 GMT
content-type: text/css
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 27 Sep 2022 12:40:35 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
brigi-jar.com/main.js
35.170.174.54200 OK 480 B IP 35.170.174.54:0
Hash 91558066fecbfc1f6f77842f6aa85a6c
6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed
GET /main.js HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:16:39 GMT
content-type: application/javascript
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 27 Sep 2022 12:40:35 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brigi-jar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:06:12 GMT
expires: Sun, 01 Oct 2023 04:06:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 299428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Mate+SC
142.250.74.10200 OK 309 B URL HTTP/2 fonts.googleapis.com/css?family=Mate+SC
IP 142.250.74.10:0
Hash 44f9d6e11ab6e9b704deacbd1e8579fd
ccab42cd4e742fda14d5996bb71fcd77e6f227e4
018635657037e23fa8fe991fa25adf6b954534aee58b08b0f970350f2725537a
GET /css?family=Mate+SC HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:16:40 GMT
date: Tue, 04 Oct 2022 15:16:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 96f4bb19772776e4e50107edd92f5f2d
b3f654ed80abad5471fb2ca8befbb1088a3d813c
986dce8b16fca06462011a79030ce23b89d01b90e2a614cabdad2fe3ffb5c29c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 15:16:40 GMT
Last-Modified: Tue, 04 Oct 2022 14:04:40 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ef5J7apHAtWpc1oy5W_opdPeRsKIGcGfM6E9Sy0-4ZnHW7UcR9XdgA==
Age: 4320
fonts.googleapis.com/css?family=Poppins:300
142.250.74.10200 OK 25 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300
IP 142.250.74.10:0
Hash cbbb56351dafbec7519560f8d7e03472
0048b210cadeae245865c283e7c3807beb9019b5
56b19324b216958a156d27adc2b86f2fea628c273f4f6c213b608e5a2a1088c4
GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:16:39 GMT
date: Tue, 04 Oct 2022 15:16:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www1.widgetserver.com/?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
75.2.73.197200 OK 657 B URL HTTP/1.1 www1.widgetserver.com/?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP 75.2.73.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d9281c64d40de50c4f34e1eeb69fb267
29f719a626e58ccaf433fdbffaa6a5a68e30c71b
3ab2554ac7ffc2be45180dc32a25dbd38430b2d5fb423da11b9f7cc455d0d524
GET /?tm=1&subid4=1664896597.0344010000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:16:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
35.170.174.54200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP 35.170.174.54:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1958)
Hash f26afaf827c374aefdea83cde4db9b97
2dbc6d136762e2b96f591d3721398d800a4374d5
a79971b74969e6acc8b395e5bc1241ff2d0765806edef844f239e5bef61e4322
GET /lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:16:40 GMT
content-type: text/html;charset=UTF-8
content-length: 10840
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Mate
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Mate
IP 142.250.74.10:0
GET /css?family=Mate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:16:40 GMT
date: Tue, 04 Oct 2022 15:16:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.frontpages.gr/ticker.php?category=15&c=626886&big=1
104.26.14.25200 OK 0 B URL HTTP/2 www.frontpages.gr/ticker.php?category=15&c=626886&big=1
IP 104.26.14.25:0
GET /ticker.php?category=15&c=626886&big=1 HTTP/1.1
Host: www.frontpages.gr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gimnostipos.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:16:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usuWJ1o%2FmxnPwKrFw%2BM8jUOkJZDePznthOiVp4DH6QTzCgpTff8N9L8xWH3H6e69%2F6CR8zOswBBvgjbbqvijWxGktngH2iZqaAAqAjqzNIEvfXzSsEqB%2B6mD98PV%2B2qAoqw9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754ee12fab50b505-OSL
content-encoding: br
X-Firefox-Spdy: h2