| kidsstorysai.blogspot.com/ | 216.58.207.193 | 200 OK | 65 kB |
URL User Request GET HTTP/2kidsstorysai.blogspot.com/ IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeHTML document, ASCII text, with very long lines (1505) Hash67c61c932ab6a3a5c8d465af03fb4ffd 4f7ae847647f6c09bae2f32344608feb534dc769 1bd66de7e3a57e15edc8b67aa33c7acf4b288289ac9436d4920348167325913e
GET / HTTP/1.1
Host: kidsstorysai.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 04 May 2024 04:43:23 GMT
date: Sat, 04 May 2024 04:43:23 GMT
cache-control: private, max-age=0
last-modified: Fri, 03 May 2024 12:42:32 GMT
etag: W/"c5c55f94a29486c1ae23cce2e926b3a6228094775f8fdc75c4c4157ff0f62376"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 65169
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| kidsstorysai.blogspot.com/js/cookienotice.js | 216.58.207.193 | 200 OK | 2.0 kB |
URL GET HTTP/3kidsstorysai.blogspot.com/js/cookienotice.js IP216.58.207.193:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeJavaScript source, ASCII text Hasha705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: kidsstorysai.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 04 May 2024 04:43:24 GMT
expires: Sat, 11 May 2024 04:43:24 GMT
cache-control: public, max-age=604800
last-modified: Fri, 03 May 2024 19:58:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js | 142.250.74.138 | 200 OK | 34 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP142.250.74.138:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32077) Hash4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:13 GMT
expires: Fri, 02 May 2025 01:49:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 183251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tbJ0dA3pV_SGOBoj-5TRs8VVL8PsB711OaXDl-xfy5cpufRuxbzXQ89o2ecQxmEG_NGDdTzDACybMc8mEOKtOVoZn0-7klck9dRpQ5rXDLJ85NOnda4w=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 5.4 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tbJ0dA3pV_SGOBoj-5TRs8VVL8PsB711OaXDl-xfy5cpufRuxbzXQ89o2ecQxmEG_NGDdTzDACybMc8mEOKtOVoZn0-7klck9dRpQ5rXDLJ85NOnda4w=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hashdd8b4245fe5faa45487aaef00dc7603a 191165a1ee1b799daa07654d92327eadf569bab3 504794ca9c247e18222288dfbe957fa13a90fe983f40a30b3c9189b0529aae85
GET /blogger_img_proxy/AEn0k_tbJ0dA3pV_SGOBoj-5TRs8VVL8PsB711OaXDl-xfy5cpufRuxbzXQ89o2ecQxmEG_NGDdTzDACybMc8mEOKtOVoZn0-7klck9dRpQ5rXDLJ85NOnda4w=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 5414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vngi18t40gWSCHyX8bbZPY_FhN6x7Q_7rF8yKx3XtWKOxovI8AcOZ8YlDXy673bv0Wfa2sdarlMUYAJzwQVkV5IgYTQQF8Gw8jIt1AlkjO-PbDCq3Tww=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 2.8 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vngi18t40gWSCHyX8bbZPY_FhN6x7Q_7rF8yKx3XtWKOxovI8AcOZ8YlDXy673bv0Wfa2sdarlMUYAJzwQVkV5IgYTQQF8Gw8jIt1AlkjO-PbDCq3Tww=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hash52039052258c80308b75f26bb5743985 df34f327fe4a3430e1d37ca03535e6b191719e30 559a0a1147a264fe646e64f09631fdfab5a9a4e2f9149d9c145380e82febf7b6
GET /blogger_img_proxy/AEn0k_vngi18t40gWSCHyX8bbZPY_FhN6x7Q_7rF8yKx3XtWKOxovI8AcOZ8YlDXy673bv0Wfa2sdarlMUYAJzwQVkV5IgYTQQF8Gw8jIt1AlkjO-PbDCq3Tww=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 2846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vx4czXBV_12_-UolATLP_ndi5BdgzYEmJaOBn5t54Cggl00dTpXogktM0_r04kNdb0o__H2DnQiioOiJ2O2hKPTf583ZO022NJPQhcFJiO03350Bwfm4U=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 5.5 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vx4czXBV_12_-UolATLP_ndi5BdgzYEmJaOBn5t54Cggl00dTpXogktM0_r04kNdb0o__H2DnQiioOiJ2O2hKPTf583ZO022NJPQhcFJiO03350Bwfm4U=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hash90ca5616d1b5131d925433d5cba2e793 943ce19633d75871fb84ff67a370493a184dc6ac f6a90282171d6cc8dded5997d798507c102a68f128cc2e13a93500d66bb3694f
GET /blogger_img_proxy/AEn0k_vx4czXBV_12_-UolATLP_ndi5BdgzYEmJaOBn5t54Cggl00dTpXogktM0_r04kNdb0o__H2DnQiioOiJ2O2hKPTf583ZO022NJPQhcFJiO03350Bwfm4U=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 5541
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sfNJUGT16hF357wieP91eSHSJXzD2jmrxQobfyYE5aeWOoDaHK_icTG4oR-D6CSXCPmHcGEHZ-K5neo3D-TJYfteIlPxZ_J5kvFfKYSXNMSCDmQtGp9A=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 4.9 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sfNJUGT16hF357wieP91eSHSJXzD2jmrxQobfyYE5aeWOoDaHK_icTG4oR-D6CSXCPmHcGEHZ-K5neo3D-TJYfteIlPxZ_J5kvFfKYSXNMSCDmQtGp9A=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hash5efeecff721069cf38524ed372874c69 a25069b776374fe5666cc42eadd5eb31b8c296ea eb2d679f578afde4265508d85a1d6d76de3603a293e66dcdd2f1b8205372ef6f
GET /blogger_img_proxy/AEn0k_sfNJUGT16hF357wieP91eSHSJXzD2jmrxQobfyYE5aeWOoDaHK_icTG4oR-D6CSXCPmHcGEHZ-K5neo3D-TJYfteIlPxZ_J5kvFfKYSXNMSCDmQtGp9A=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 4869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 04:43:24 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 26a52f6485cf517bfb4e6670ef6ab5ec
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5d4651aa9b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u4DTqFJVtcKimSVI0R9dStwUljWgutN1MyvetF0CQaOgg0VJ0ue1T8tkLwk9otHbyDK9jm5b3Tl5eknxAH5Wvi4gSaeAdmcd1D0W1qov_RL11v9qiXBaE=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 4.8 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u4DTqFJVtcKimSVI0R9dStwUljWgutN1MyvetF0CQaOgg0VJ0ue1T8tkLwk9otHbyDK9jm5b3Tl5eknxAH5Wvi4gSaeAdmcd1D0W1qov_RL11v9qiXBaE=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hash6ba14b07142fb720bfab8a20892d36ba 92192aa92f9e8977d10ba7f93b14f8460979c6ee 4e56bc74bc0451915c9d793e28902fe6535403ed3f0aa0d436e2bb00287076d3
GET /blogger_img_proxy/AEn0k_u4DTqFJVtcKimSVI0R9dStwUljWgutN1MyvetF0CQaOgg0VJ0ue1T8tkLwk9otHbyDK9jm5b3Tl5eknxAH5Wvi4gSaeAdmcd1D0W1qov_RL11v9qiXBaE=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 4764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sIyf8mHQ4yCaREi8q-n7MHQWhYAlD8SErDRHjKBvRO_6zWt4GdaV3SzfJjf6FabBAgvGQkWfen5lxh9uS5uW7NM_QKYNnP3LE7kNCpAjtucKv5WnTpQKU=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 5.3 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sIyf8mHQ4yCaREi8q-n7MHQWhYAlD8SErDRHjKBvRO_6zWt4GdaV3SzfJjf6FabBAgvGQkWfen5lxh9uS5uW7NM_QKYNnP3LE7kNCpAjtucKv5WnTpQKU=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hash0086be90da8d5676a28fb2ef5330612e 413a710751a6932d77bccfd09fbb662c05800b88 d505c788b0e6db6601d93d63fdca44e802e8bfb23ccc3be231fe59c8b03c9958
GET /blogger_img_proxy/AEn0k_sIyf8mHQ4yCaREi8q-n7MHQWhYAlD8SErDRHjKBvRO_6zWt4GdaV3SzfJjf6FabBAgvGQkWfen5lxh9uS5uW7NM_QKYNnP3LE7kNCpAjtucKv5WnTpQKU=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 5299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_snfBtLOcR029QdNOMDvr0Fxb2_YL3ZxkIFmon0FKL23h-SYZ9NjzZS34kQKsQBRCh3a9W7-bEGuselAQgZQtHCiqeCzmWLKAAwvSGQnPM5zbrZfXTUwGo=w72-h72-p-k-no-nu | 142.250.74.97 | 200 OK | 5.4 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_snfBtLOcR029QdNOMDvr0Fxb2_YL3ZxkIFmon0FKL23h-SYZ9NjzZS34kQKsQBRCh3a9W7-bEGuselAQgZQtHCiqeCzmWLKAAwvSGQnPM5zbrZfXTUwGo=w72-h72-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3 Hashe28111fc6ce6ad4d04e0f834f6ee4bad e48b4f431a49ae49a6880633b4a570d1ca15d355 b219549efdad342c7bb43dc2449c96e5ac1200af124c292f3feeaf22274f4344
GET /blogger_img_proxy/AEn0k_snfBtLOcR029QdNOMDvr0Fxb2_YL3ZxkIFmon0FKL23h-SYZ9NjzZS34kQKsQBRCh3a9W7-bEGuselAQgZQtHCiqeCzmWLKAAwvSGQnPM5zbrZfXTUwGo=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:24 GMT
server: fife
content-length: 5380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/a/AVvXsEjqkQacPwboyhAOs6Y71ihoyhz8VfHl-IVPMsNtOvx8JqDjSk1wlmVW1AXW715LuQV1q0koHGam0d-MTmnmffWvJHNuIm2f3kLzxnnadBVJ1joROt0fJq2cZs46Ix57yALcnM7RjLi5uP9DjAfOexOqxNv4lGaVABHSgHd58FUL5UJVxy4OWclYJO9WyEA=s225 | 142.250.74.97 | 200 OK | 15 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/a/AVvXsEjqkQacPwboyhAOs6Y71ihoyhz8VfHl-IVPMsNtOvx8JqDjSk1wlmVW1AXW715LuQV1q0koHGam0d-MTmnmffWvJHNuIm2f3kLzxnnadBVJ1joROt0fJq2cZs46Ix57yALcnM7RjLi5uP9DjAfOexOqxNv4lGaVABHSgHd58FUL5UJVxy4OWclYJO9WyEA=s225 IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 225x225, components 3 Hash4ef7c56f261935a53013ff38aeb3e7f9 9fcbaf3c8b07a82ed92a981bc6d6251ecaa57473 3e2540dd63d1907f13df82dd594c06d35d91b61a64957ce17a51fb49019ef6a6
GET /img/a/AVvXsEjqkQacPwboyhAOs6Y71ihoyhz8VfHl-IVPMsNtOvx8JqDjSk1wlmVW1AXW715LuQV1q0koHGam0d-MTmnmffWvJHNuIm2f3kLzxnnadBVJ1joROt0fJq2cZs46Ix57yALcnM7RjLi5uP9DjAfOexOqxNv4lGaVABHSgHd58FUL5UJVxy4OWclYJO9WyEA=s225 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v3d"
expires: Sun, 05 May 2024 04:43:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:25 GMT
server: fife
content-length: 14874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20444, version 1.0 Hash0f9d3b560bae7d6283f13b731bc4f674 cd082fc17fecdeb0b4de56499ce420f7c73fd7d9 023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
GET /s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:06:37 GMT
expires: Fri, 02 May 2025 13:06:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 Sep 2020 17:04:46 GMT
content-type: font/woff2
age: 142608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20348, version 1.0 Hash9c43f43c6a98e7a4c8f27827ff455c9f 60b73cbb826b0710af3988a30873b3c47e43b511 bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
GET /s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:28:08 GMT
expires: Sat, 03 May 2025 06:28:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 Sep 2020 17:07:49 GMT
content-type: font/woff2
age: 80117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22548, version 1.0 Hash06ecc05a7b4f2f90ce64d3183b934287 e0671fd977d9aba9f0f509010a23c596f5822d55 62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497
GET /s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:36:23 GMT
expires: Sat, 03 May 2025 03:36:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 Sep 2020 17:06:16 GMT
content-type: font/woff2
age: 90422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2 | 216.58.207.227 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21072, version 1.0 Hash9126e37748c1ee76d20fb783efef135b 4ebc85b3cb847b7cf4dc2341094d4fc883fe08ca 46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
GET /s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:55:32 GMT
expires: Fri, 02 May 2025 17:55:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 Sep 2020 17:05:33 GMT
content-type: font/woff2
age: 125273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2 | 216.58.207.227 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21080, version 1.0 Hashfa61eccc5d911d604a8739a7c9dc8bcb 73488928ed4cd9f726f0129fc6c969908161091a 4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
GET /s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:22:54 GMT
expires: Fri, 02 May 2025 19:22:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 Sep 2020 17:05:19 GMT
content-type: font/woff2
age: 120031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/static/v1/widgets/4290687098-widgets.js | 216.58.207.233 | 200 OK | 51 kB |
URL GET HTTP/2www.blogger.com/static/v1/widgets/4290687098-widgets.js IP216.58.207.233:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1941) Hash30490c5bf1c9a62c3f7aaf45de530b69 89fdf91f40944a3babf7d9f485cbfbcc32454d50 b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49
GET /static/v1/widgets/4290687098-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51402
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:08:26 GMT
expires: Fri, 02 May 2025 02:08:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 May 2024 23:54:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 182099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pl23216757.highcpmgate.com/265506a9c539b6a69d8361ef3c6fa183/invoke.js | 172.240.127.234 | 200 OK | 9.8 kB |
URL GET HTTP/1.1pl23216757.highcpmgate.com/265506a9c539b6a69d8361ef3c6fa183/invoke.js IP172.240.127.234:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26579), with no line terminators Hashbdb3566a166d06230b8fe1de9505fdff fb3b3a7b89e0ebe4e72a2d7d4d1ffe43affe658c c0f374b0ba6e0d69b1a751779880bc62a9932aef884da8bc2bb0fcb55720d53e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /265506a9c539b6a69d8361ef3c6fa183/invoke.js HTTP/1.1
Host: pl23216757.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50bee65af63414af5af554ba02cda3f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pl23216750.highcpmgate.com/e4/ce/2b/e4ce2b33fb208c08b1b07c8ffe171637.js | 172.240.253.132 | 200 OK | 16 kB |
URL GET HTTP/1.1pl23216750.highcpmgate.com/e4/ce/2b/e4ce2b33fb208c08b1b07c8ffe171637.js IP172.240.253.132:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
File typeJavaScript source, ASCII text, with very long lines (45376), with no line terminators Hash83c498b540cc3e807ccf13d155c5c0a5 2c682e52a7209dc025a19e0400dbf49191b9602b 088b8b5da57fefe5288c65af5dc71065d26cdbe63253b63948ac8231b4cc1d95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e4/ce/2b/e4ce2b33fb208c08b1b07c8ffe171637.js HTTP/1.1
Host: pl23216750.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Tue, 07 May 2024 07:43:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 568a4c889bb3c0f04fa6a00a9592297c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pl23216796.highcpmgate.com/34/38/05/343805875c0264c5b68b9d0061ac1953.js | 192.243.59.13 | 200 OK | 31 kB |
URL GET HTTP/1.1pl23216796.highcpmgate.com/34/38/05/343805875c0264c5b68b9d0061ac1953.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe98851998d2ddaedb91cca5bc9c69781 328653a7c6d42608e96ab5f420222045372e71b2 73e96a650393f964583f9ac0dfc003b275998c922424a3d907d5f3bcce9cfff0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /34/38/05/343805875c0264c5b68b9d0061ac1953.js HTTP/1.1
Host: pl23216796.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8eb2afcd8523618561177fb8d970c129
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| kidsstorysai.blogspot.com/responsive/sprite_v1_6.css.svg | 216.58.207.193 | 200 OK | 2.2 kB |
URL GET HTTP/3kidsstorysai.blogspot.com/responsive/sprite_v1_6.css.svg IP216.58.207.193:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeSVG Scalable Vector Graphics image Hashd4dcfc8144f556815c7a1d84ed4e959e 22088bd6cdf970dcf7bfab9a74a4768548ca8890 73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: kidsstorysai.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: image/svg+xml
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2244
date: Sat, 04 May 2024 04:43:25 GMT
expires: Sat, 11 May 2024 04:43:25 GMT
cache-control: public, max-age=604800
last-modified: Fri, 03 May 2024 19:58:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash353dbae1e1b45a750770ae51bef13ba7 465917a2a0bbb947e9727e7f08b584a82aa6fb81 9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 04:43:25 GMT
Last-Modified: Sat, 04 May 2024 03:14:40 GMT
Server: ECAcc (ska/F7A3)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ehisFxUogyoa1SFIw-Ow2OESzmpBBV4o2LDl-uGxq19F9NqDk10p2A==
Age: 5325
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash353dbae1e1b45a750770ae51bef13ba7 465917a2a0bbb947e9727e7f08b584a82aa6fb81 9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 04:43:25 GMT
Last-Modified: Sat, 04 May 2024 03:41:12 GMT
Server: ECAcc (ska/F73A)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6LvF6IjIn1mf2QOpaOG0PcbNObjXXAF0EFxu0EB9BVv8NigtHUxaGQ==
Age: 3733
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf79f0c2fd26c94847db56e8e59dea54a 8d56e5cfb6cdeaafe0b30fed67c576789daccccf 83f7908f395bf28f8069222fce352e0d590068b028ffd8f254c1b358195c9ea7
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kidsstorysai.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; expires=Tue, 02 May 2034 04:43:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash06eaa5f3a02ffe735846e4305ba46078 1ea226fba5b46861ec771172b241aadde287758f 107662d7b2a52d3fe9c188844df141c873c9f55745e9f092f774654eb35219bc
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kidsstorysai.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ed27e8ff-23c2-4e09-9f8c-3c46785e2c69:3:1; expires=Tue, 02 May 2034 04:43:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9f900715105ac9793aabd8a6b94d7e8c d498e5f84777d4b2f1c53b4b76d991bdbbaaa960 649ed8de78f32c923aa82206356b8f85036a06ffeea3373aa30a6ff95499d7e8
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kidsstorysai.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e:2:1; expires=Tue, 02 May 2034 04:43:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| honeymoondisappointed.com/pixel/purst?dl=0&th=0&sc=0&rs=2396&rd=2396&fd=1573&bv=24.5.6485&tmpl=70 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1honeymoondisappointed.com/pixel/purst?dl=0&th=0&sc=0&rs=2396&rd=2396&fd=1573&bv=24.5.6485&tmpl=70 IP172.240.253.132:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthoneymoondisappointed.com Fingerprint4C:29:92:FB:67:9C:9B:21:4B:30:D2:66:01:94:59:B1:74:6B:38:19 ValidityMon, 29 Apr 2024 08:21:01 GMT - Sun, 28 Jul 2024 08:21:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2396&rd=2396&fd=1573&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: honeymoondisappointed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:26 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| landings-cdn.adsterratech.com/referralBanners/gif/160x600_adsterra_reff.gif | 142.0.204.220 | 200 OK | 698 kB |
URL GET HTTP/1.1landings-cdn.adsterratech.com/referralBanners/gif/160x600_adsterra_reff.gif IP142.0.204.220:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectlandings-cdn.adsterratech.com FingerprintCA:79:50:AF:4F:E1:B9:4D:FD:EE:28:B7:AD:6C:21:7A:99:D2:DB:93 ValiditySun, 28 Apr 2024 07:09:01 GMT - Sat, 27 Jul 2024 07:09:00 GMT
File typeGIF image data, version 89a, 160 x 600 Size698 kB (697936 bytes) Hashbda553f9457a554d1d515b5668a6a2ff 9459398d2b490f3434094a026deef18ec2fc827d fdf4c535a1404142be0c34aa5353c28ddf30a7be86a66d990e49bfd503ac62e2
GET /referralBanners/gif/160x600_adsterra_reff.gif HTTP/1.1
Host: landings-cdn.adsterratech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:25 GMT
Content-Type: image/gif
Content-Length: 697936
Last-Modified: Wed, 02 Feb 2022 00:50:10 GMT
Connection: keep-alive
ETag: "61f9d542-aa650"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
|
|
| kidsstorysai.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed | 216.58.207.193 | 200 OK | 1.0 kB |
URL GET HTTP/3kidsstorysai.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed IP216.58.207.193:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeASCII text, with very long lines (3290) Hash5cbe4b90271b8bc905b83c9621b0570f 2504ef710aac90f38056876223dfe78bad6f3fa7 8d165b16408e5421bc0a8a5aa776b51e785431338d49eff4f1516729587e0429
GET /feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed HTTP/1.1
Host: kidsstorysai.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"b6fb76fbdd19c6c7486e5e37ad6afe702d6fc50960c32bfc138b8ca74a47a016"
date: Sat, 04 May 2024 04:43:26 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 04 May 2024 04:43:27 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 03 May 2024 12:42:32 GMT
content-encoding: gzip
content-length: 1020
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| disguisedgraceeveryday.com/sbar.json?key=e4ce2b33fb208c08b1b07c8ffe171637&psid=CF-3448_1&uuid=ff28cb80-3320-4a52-b621-7cc5b80d017b%3A1%3A1 | 172.240.108.68 | 200 OK | 8.3 kB |
URL GET HTTP/1.1disguisedgraceeveryday.com/sbar.json?key=e4ce2b33fb208c08b1b07c8ffe171637&psid=CF-3448_1&uuid=ff28cb80-3320-4a52-b621-7cc5b80d017b%3A1%3A1 IP172.240.108.68:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hash1bb73a1d5193dcf6fd0a5220a4a47fcd aea0525fee9e22c7732380d47c5f046293c12471 b4715ac90685df135b441f172a769daedb05a5ec3959715ba82b905dc32d204a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=e4ce2b33fb208c08b1b07c8ffe171637&psid=CF-3448_1&uuid=ff28cb80-3320-4a52-b621-7cc5b80d017b%3A1%3A1 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:26 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kidsstorysai.blogspot.com
Access-Control-Allow-Origin: https://kidsstorysai.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=23116251; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; expires=Sat, 11 May 2024 04:43:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1fc2f1250fd446a095b9fe193b4266fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| 1.bp.blogspot.com/-9WM7CTGFE6w/YEIY4yiXrSI/AAAAAAAAKLA/KQ9KQqUFQ-omzPDInJqiorJHHIVvrSu2QCNcBGAsYHQ/s16000/play-button.png | 142.250.74.161 | 200 OK | 1.1 kB |
URL GET HTTP/21.bp.blogspot.com/-9WM7CTGFE6w/YEIY4yiXrSI/AAAAAAAAKLA/KQ9KQqUFQ-omzPDInJqiorJHHIVvrSu2QCNcBGAsYHQ/s16000/play-button.png IP142.250.74.161:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typePNG image data, 72 x 72, 8-bit colormap, non-interlaced Hashde2695687c61ac28a8661f80ffc37218 1167b6872596d7f5e88b40f384fc3d93094c4e59 9e0bd49fdf4f9288d62ce1417c4b25a29de9efaa4cb2c50797be11d56d41237b
GET /-9WM7CTGFE6w/YEIY4yiXrSI/AAAAAAAAKLA/KQ9KQqUFQ-omzPDInJqiorJHHIVvrSu2QCNcBGAsYHQ/s16000/play-button.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="play-button.png"
x-content-type-options: nosniff
server: fife
content-length: 1054
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 02:00:14 GMT
expires: Sun, 05 May 2024 02:00:14 GMT
cache-control: public, max-age=86400, no-transform
age: 9792
etag: "v28b1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi/0LNIfdrmNo4/hqdefault.jpg | 142.250.74.86 | 200 OK | 18 kB |
URL GET HTTP/2i.ytimg.com/vi/0LNIfdrmNo4/hqdefault.jpg IP142.250.74.86:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectedgestatic.com FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2 ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash38964fc23fe54ed544db540bc8a76182 1086dcfeb41794480ec7ba3b45ba1dd409f14c5f 7a55ecdf7d5c057211e04f072e669f3c5829791580ed68282762a12bd2c763ad
GET /vi/0LNIfdrmNo4/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 18128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:43:26 GMT
expires: Sat, 04 May 2024 06:43:26 GMT
cache-control: public, max-age=7200
etag: "1621345563"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bypassmaestro.com/ntv.json?key=265506a9c539b6a69d8361ef3c6fa183&vstc=4 | 172.240.253.132 | 200 OK | 18 kB |
URL GET HTTP/1.1bypassmaestro.com/ntv.json?key=265506a9c539b6a69d8361ef3c6fa183&vstc=4 IP172.240.253.132:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
Hashc4ff15256289b91dea72cb9f2c926340 43a72d59ac4aeaa96dea021f99da42f41af21190 14a68ecee81b126879bbfc8f59e15fc0d994e05d2580814fbd549c56e9fea40f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ntv.json?key=265506a9c539b6a69d8361ef3c6fa183&vstc=4 HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:26 GMT
Content-Type: application/json
Content-Length: 18236
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kidsstorysai.blogspot.com
Access-Control-Allow-Origin: https://kidsstorysai.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=23116258; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 05 May 2024 04:43:26 GMT; secure; SameSite=None
nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]; expires=Sat, 04 May 2024 04:43:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 543bfa45a0952cec44a7e8dec163a26f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_snfBtLOcR029QdNOMDvr0Fxb2_YL3ZxkIFmon0FKL23h-SYZ9NjzZS34kQKsQBRCh3a9W7-bEGuselAQgZQtHCiqeCzmWLKAAwvSGQnPM5zbrZfXTUwGo=w352-h330-p-k-no-nu | 142.250.74.97 | 200 OK | 52 kB |
URL GET HTTP/3lh3.googleusercontent.com/blogger_img_proxy/AEn0k_snfBtLOcR029QdNOMDvr0Fxb2_YL3ZxkIFmon0FKL23h-SYZ9NjzZS34kQKsQBRCh3a9W7-bEGuselAQgZQtHCiqeCzmWLKAAwvSGQnPM5zbrZfXTUwGo=w352-h330-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x330, components 3 Hash3846dfde89fb603cbb17465719c743a5 9b44191b820e1babf76b6e5cf25a3d3701f57ac9 89718ced1580927d25084cd89b75116e667a125ad28f857474286ed705f27dce
GET /blogger_img_proxy/AEn0k_snfBtLOcR029QdNOMDvr0Fxb2_YL3ZxkIFmon0FKL23h-SYZ9NjzZS34kQKsQBRCh3a9W7-bEGuselAQgZQtHCiqeCzmWLKAAwvSGQnPM5zbrZfXTUwGo=w352-h330-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:26 GMT
server: fife
content-length: 52532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vx4czXBV_12_-UolATLP_ndi5BdgzYEmJaOBn5t54Cggl00dTpXogktM0_r04kNdb0o__H2DnQiioOiJ2O2hKPTf583ZO022NJPQhcFJiO03350Bwfm4U=w352-h330-p-k-no-nu | 142.250.74.97 | 200 OK | 51 kB |
URL GET HTTP/3lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vx4czXBV_12_-UolATLP_ndi5BdgzYEmJaOBn5t54Cggl00dTpXogktM0_r04kNdb0o__H2DnQiioOiJ2O2hKPTf583ZO022NJPQhcFJiO03350Bwfm4U=w352-h330-p-k-no-nu IP142.250.74.97:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x330, components 3 Hash3d201bce950fa4888c9aa6cf32dd5c89 92ac26941210369230e342cc3d37f413df9882f6 e82b9a6368b7e214db52c0b7652b68f1aec71b9caadbf9021f41846ca4dc536f
GET /blogger_img_proxy/AEn0k_vx4czXBV_12_-UolATLP_ndi5BdgzYEmJaOBn5t54Cggl00dTpXogktM0_r04kNdb0o__H2DnQiioOiJ2O2hKPTf583ZO022NJPQhcFJiO03350Bwfm4U=w352-h330-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 05 May 2024 04:43:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 04:43:26 GMT
server: fife
content-length: 51431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuXuaigYASAhIPg5coyGz3zE7PTHIQ13Vlcc3GxKA3ra6qni2nuqup6p6e3dNiQHKcgBc99X6zm0UNoseARpkNiC6I27c9uAd%2FgChCztLj6pAH3e9773sPvvdefbybnZImMnqy8pbelkrRxXbDrb%2F4nuddra%2FLOBvVR13%2FfX%2Fpat0Mr%2FT8hvtS%2FQ3BBnqx6Xqu67lefVUaEerRYkVCJvd7XqPnNpaaDa%2B9hJF5MraZA0sd8OEpeRaSl7VHzgVINkUcfb0i7CDVycuvR5miqTYY8oNb8SDWeYxoDkPjIIwPzqqh7fHqQ%2Bh4fyYXevh%2FYSBL4vz4EEF8cCYSwXBvpjNQEDECfg75cAqhppB0CqZvQ%2FJjAjCOaxuIo3vXtMnp1r8srdiS1B7%2FDZmXpPbbBcTRV8tKjuo3tcpSqWOLUVhAjqaQ%2FSmS7BDp9gJkfgiWfgTJfyGLj9cRR3sbVmlIXsxml3IKGU6hxBjUOsiqTzrIQgdZ4iDiJ3XmeV7H5Yy63R5jLd4Rgc9dj3ZCj3qu30XGKnljpMkYTI3BzA4Ss4OBvFsS56mLMNkPsJsFLHdg05I4b%2B9gyAvkgiC3BDklyCVBnhLkw2KfK9u0xT2ubBZ4Z7555lvFRKf9Xbqv076ICagZw%2FBiNzklz1RLcj548DsG4qTe9Ntt16c91m71Ap%2F6Pd5t%2BZ4IW8wPqddtwcoC0i7M5t6WJbly%2BVcksiSX%2FrqIgB7CqkMw%2BTxo5oHmBehmge34wUBya1NttiyVjUDpvk102mA6AtcFkrSGdMvZVafk0uxmz%2F3chGBH5MzATIHEFPhQPiLoqzuTGzonezd0bsk3G0kqI7lNq3veTGkqnC%2FeFFu5NnxtxY4%2Ff5VVRAXvvyNsuk5jLuO%2BJV8uS86FWdWGCfLdmn1XBNczu7mcmThL1q%2B%2FtroWJUZYK3U8BZXH58%2BDyZIs3PVmD%2FXczmVIM4XJCkTZXKnUh2DJDmwyz1lNYNQ8DhIHeVZMTDOYJ5UkUGIe06CAFUff%2F%2Flf0xxPDK26qSx27R30TQ00vY04KjA0BYaqAFVj2OzpSZqYo1d%2B%2BrSyzxCo2iRQprYXKKM%2BmS25%2BrkleaF2q0IerDypd1otl%2Fq9ttfpUNEJlprd0Pc4pc0lv%2Bn7tIXUlmH72z%2F%2BAQAA%2F%2F8BAAD%2F%2F1FJ%2Bb%2BMBAAA | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuXuaigYASAhIPg5coyGz3zE7PTHIQ13Vlcc3GxKA3ra6qni2nuqup6p6e3dNiQHKcgBc99X6zm0UNoseARpkNiC6I27c9uAd%2FgChCztLj6pAH3e9773sPvvdefbybnZImMnqy8pbelkrRxXbDrb%2F4nuddra%2FLOBvVR13%2FfX%2Fpat0Mr%2FT8hvtS%2FQ3BBnqx6Xqu67lefVUaEerRYkVCJvd7XqPnNpaaDa%2B9hJF5MraZA0sd8OEpeRaSl7VHzgVINkUcfb0i7CDVycuvR5miqTYY8oNb8SDWeYxoDkPjIIwPzqqh7fHqQ%2Bh4fyYXevh%2FYSBL4vz4EEF8cCYSwXBvpjNQEDECfg75cAqhppB0CqZvQ%2FJjAjCOaxuIo3vXtMnp1r8srdiS1B7%2FDZmXpPbbBcTRV8tKjuo3tcpSqWOLUVhAjqaQ%2FSmS7BDp9gJkfgiWfgTJfyGLj9cRR3sbVmlIXsxml3IKGU6hxBjUOsiqTzrIQgdZ4iDiJ3XmeV7H5Yy63R5jLd4Rgc9dj3ZCj3qu30XGKnljpMkYTI3BzA4Ss4OBvFsS56mLMNkPsJsFLHdg05I4b%2B9gyAvkgiC3BDklyCVBnhLkw2KfK9u0xT2ubBZ4Z7555lvFRKf9Xbqv076ICagZw%2FBiNzklz1RLcj548DsG4qTe9Ntt16c91m71Ap%2F6Pd5t%2BZ4IW8wPqddtwcoC0i7M5t6WJbly%2BVcksiSX%2FrqIgB7CqkMw%2BTxo5oHmBehmge34wUBya1NttiyVjUDpvk102mA6AtcFkrSGdMvZVafk0uxmz%2F3chGBH5MzATIHEFPhQPiLoqzuTGzonezd0bsk3G0kqI7lNq3veTGkqnC%2FeFFu5NnxtxY4%2Ff5VVRAXvvyNsuk5jLuO%2BJV8uS86FWdWGCfLdmn1XBNczu7mcmThL1q%2B%2FtroWJUZYK3U8BZXH58%2BDyZIs3PVmD%2FXczmVIM4XJCkTZXKnUh2DJDmwyz1lNYNQ8DhIHeVZMTDOYJ5UkUGIe06CAFUff%2F%2Flf0xxPDK26qSx27R30TQ00vY04KjA0BYaqAFVj2OzpSZqYo1d%2B%2BrSyzxCo2iRQprYXKKM%2BmS25%2BrkleaF2q0IerDypd1otl%2Fq9ttfpUNEJlprd0Pc4pc0lv%2Bn7tIXUlmH72z%2F%2BAQAA%2F%2F8BAAD%2F%2F1FJ%2Bb%2BMBAAA IP172.240.253.132:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuXuaigYASAhIPg5coyGz3zE7PTHIQ13Vlcc3GxKA3ra6qni2nuqup6p6e3dNiQHKcgBc99X6zm0UNoseARpkNiC6I27c9uAd%2FgChCztLj6pAH3e9773sPvvdefbybnZImMnqy8pbelkrRxXbDrb%2F4nuddra%2FLOBvVR13%2FfX%2Fpat0Mr%2FT8hvtS%2FQ3BBnqx6Xqu67lefVUaEerRYkVCJvd7XqPnNpaaDa%2B9hJF5MraZA0sd8OEpeRaSl7VHzgVINkUcfb0i7CDVycuvR5miqTYY8oNb8SDWeYxoDkPjIIwPzqqh7fHqQ%2Bh4fyYXevh%2FYSBL4vz4EEF8cCYSwXBvpjNQEDECfg75cAqhppB0CqZvQ%2FJjAjCOaxuIo3vXtMnp1r8srdiS1B7%2FDZmXpPbbBcTRV8tKjuo3tcpSqWOLUVhAjqaQ%2FSmS7BDp9gJkfgiWfgTJfyGLj9cRR3sbVmlIXsxml3IKGU6hxBjUOsiqTzrIQgdZ4iDiJ3XmeV7H5Yy63R5jLd4Rgc9dj3ZCj3qu30XGKnljpMkYTI3BzA4Ss4OBvFsS56mLMNkPsJsFLHdg05I4b%2B9gyAvkgiC3BDklyCVBnhLkw2KfK9u0xT2ubBZ4Z7555lvFRKf9Xbqv076ICagZw%2FBiNzklz1RLcj548DsG4qTe9Ntt16c91m71Ap%2F6Pd5t%2BZ4IW8wPqddtwcoC0i7M5t6WJbly%2BVcksiSX%2FrqIgB7CqkMw%2BTxo5oHmBehmge34wUBya1NttiyVjUDpvk102mA6AtcFkrSGdMvZVafk0uxmz%2F3chGBH5MzATIHEFPhQPiLoqzuTGzonezd0bsk3G0kqI7lNq3veTGkqnC%2FeFFu5NnxtxY4%2Ff5VVRAXvvyNsuk5jLuO%2BJV8uS86FWdWGCfLdmn1XBNczu7mcmThL1q%2B%2FtroWJUZYK3U8BZXH58%2BDyZIs3PVmD%2FXczmVIM4XJCkTZXKnUh2DJDmwyz1lNYNQ8DhIHeVZMTDOYJ5UkUGIe06CAFUff%2F%2Flf0xxPDK26qSx27R30TQ00vY04KjA0BYaqAFVj2OzpSZqYo1d%2B%2BrSyzxCo2iRQprYXKKM%2BmS25%2BrkleaF2q0IerDypd1otl%2Fq9ttfpUNEJlprd0Pc4pc0lv%2Bn7tIXUlmH72z%2F%2BAQAA%2F%2F8BAAD%2F%2F1FJ%2Bb%2BMBAAA HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74c020389cf40941c665807a05fc96cc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| disguisedgraceeveryday.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxFBEEJuURhDoIR3Nn%2BMdM9mxyCSVxZXLMhiegt1o%2FuSTnVXU1V9%2FTsnoIByXH0L%2Bj9ZpMlGiQ5RjTIbMDDgpjxtIh78S6okLPMODj6oOq9V98r%2BN733me75THxUdKjS%2B%2FrHakUXW033caZjzzvXGNTZuWgMeiEN8LWuYbpn10Lm%2B6bjXdj3tOrvuu5rud6jXVp4kQPVqcgZP5gzWuuuc2W3%2FTaLQzM%2F3NbOrDUgegfk1cgxWT5qXMSko%2BRpQ8vxbZX6Pytd9JS0UIb9MX%2BB1kv01WGdBEmxkGS7c%2Broe2z9SfQ2d0ZXej%2Bv4VMTojzwxOwbH9OEqy%2FN%2BPJFOIMTLyIqj9GrMaQdAyub0OKZwTgApe3kKX3LmtT0e1%2FUDpFJ2T5%2BV%2BQ1YQs%2F3oSWfr1BSUHjWtalYXUmcUgqSEHY8juGHl5gGJnCbI6AC8%2BhRQ%2FktXnm8jSvS2rNKQ4ej1J%2FA5nHXclCHx3pUXb%2FgoLfW8l4rzNOq5wvYjNBJJyDJmMoeIhqHVQTo90UCYOytxBKo4a3PO8yBWcup01zgMRxSwUrkejxKOeG3ZQ8mkPQxT5EFwNwc0t5OYWevLzCXFeOAVTfg97s4YVDmxB0Bc1qpigsgQVJagkQVUQVP36rlDWt%2FU9oWzJvLn35z6oR7ro7tK7uujGGQE1QxhR7%2BbH5OWpis7Hj39BLz5qxC0e%2BywIEua7He52mMfciHeSJPYiLwwiWHn%2F4vpK0Gp1bniQdmnW%2FI6ckLNv%2FIRcTsjpP06B0QNYdQAuXwUtXwOtatCbNXayxz0prC202bZUNpnSXZvrosl1CqFr5MUyim1nVx2T07Ppbmw9RMwPz%2F8WzAzc1MhNjU%2FkU4KuujO6qiuyd1VXljzayguZyh06nfy1ghbxiS%2Ffi7crbcTGJTu8%2FzafAtPwwfXYFps0EzLrWvLVBSlEbNa14TH5bsN%2BGLMrpb15oTRZmW9eubi%2BkeYmtlbqbAw6XeI%2FDbickJdOX58t9ZlvtiDNGKaskZaHZG6Qegye34LNF%2FytJjBqUcNyB1VZj4zPFo9KEqh4kVNWw%2F4nZ4t4ZOj0N5X1rr2DrlkCLW4jS2v0TY2%2BqkHVELY8MSpyc3j%2B5zkNppZGTJmlPaaM%2BmIm8%2FR6BCuPGlEQuDRca3tRROOItfxOEnqCUr8V%2BmFIAxR2krS%2F%2Ff1vAAAA%2F%2F8BAAD%2F%2F76vyZ6uBAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxFBEEJuURhDoIR3Nn%2BMdM9mxyCSVxZXLMhiegt1o%2FuSTnVXU1V9%2FTsnoIByXH0L%2Bj9ZpMlGiQ5RjTIbMDDgpjxtIh78S6okLPMODj6oOq9V98r%2BN733me75THxUdKjS%2B%2FrHakUXW033caZjzzvXGNTZuWgMeiEN8LWuYbpn10Lm%2B6bjXdj3tOrvuu5rud6jXVp4kQPVqcgZP5gzWuuuc2W3%2FTaLQzM%2F3NbOrDUgegfk1cgxWT5qXMSko%2BRpQ8vxbZX6Pytd9JS0UIb9MX%2BB1kv01WGdBEmxkGS7c%2Broe2z9SfQ2d0ZXej%2Bv4VMTojzwxOwbH9OEqy%2FN%2BPJFOIMTLyIqj9GrMaQdAyub0OKZwTgApe3kKX3LmtT0e1%2FUDpFJ2T5%2BV%2BQ1YQs%2F3oSWfr1BSUHjWtalYXUmcUgqSEHY8juGHl5gGJnCbI6AC8%2BhRQ%2FktXnm8jSvS2rNKQ4ej1J%2FA5nHXclCHx3pUXb%2FgoLfW8l4rzNOq5wvYjNBJJyDJmMoeIhqHVQTo90UCYOytxBKo4a3PO8yBWcup01zgMRxSwUrkejxKOeG3ZQ8mkPQxT5EFwNwc0t5OYWevLzCXFeOAVTfg97s4YVDmxB0Bc1qpigsgQVJagkQVUQVP36rlDWt%2FU9oWzJvLn35z6oR7ro7tK7uujGGQE1QxhR7%2BbH5OWpis7Hj39BLz5qxC0e%2BywIEua7He52mMfciHeSJPYiLwwiWHn%2F4vpK0Gp1bniQdmnW%2FI6ckLNv%2FIRcTsjpP06B0QNYdQAuXwUtXwOtatCbNXayxz0prC202bZUNpnSXZvrosl1CqFr5MUyim1nVx2T07Ppbmw9RMwPz%2F8WzAzc1MhNjU%2FkU4KuujO6qiuyd1VXljzayguZyh06nfy1ghbxiS%2Ffi7crbcTGJTu8%2FzafAtPwwfXYFps0EzLrWvLVBSlEbNa14TH5bsN%2BGLMrpb15oTRZmW9eubi%2BkeYmtlbqbAw6XeI%2FDbickJdOX58t9ZlvtiDNGKaskZaHZG6Qegye34LNF%2FytJjBqUcNyB1VZj4zPFo9KEqh4kVNWw%2F4nZ4t4ZOj0N5X1rr2DrlkCLW4jS2v0TY2%2BqkHVELY8MSpyc3j%2B5zkNppZGTJmlPaaM%2BmIm8%2FR6BCuPGlEQuDRca3tRROOItfxOEnqCUr8V%2BmFIAxR2krS%2F%2Ff1vAAAA%2F%2F8BAAD%2F%2F76vyZ6uBAAA IP172.240.108.68:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxFBEEJuURhDoIR3Nn%2BMdM9mxyCSVxZXLMhiegt1o%2FuSTnVXU1V9%2FTsnoIByXH0L%2Bj9ZpMlGiQ5RjTIbMDDgpjxtIh78S6okLPMODj6oOq9V98r%2BN733me75THxUdKjS%2B%2FrHakUXW033caZjzzvXGNTZuWgMeiEN8LWuYbpn10Lm%2B6bjXdj3tOrvuu5rud6jXVp4kQPVqcgZP5gzWuuuc2W3%2FTaLQzM%2F3NbOrDUgegfk1cgxWT5qXMSko%2BRpQ8vxbZX6Pytd9JS0UIb9MX%2BB1kv01WGdBEmxkGS7c%2Broe2z9SfQ2d0ZXej%2Bv4VMTojzwxOwbH9OEqy%2FN%2BPJFOIMTLyIqj9GrMaQdAyub0OKZwTgApe3kKX3LmtT0e1%2FUDpFJ2T5%2BV%2BQ1YQs%2F3oSWfr1BSUHjWtalYXUmcUgqSEHY8juGHl5gGJnCbI6AC8%2BhRQ%2FktXnm8jSvS2rNKQ4ej1J%2FA5nHXclCHx3pUXb%2FgoLfW8l4rzNOq5wvYjNBJJyDJmMoeIhqHVQTo90UCYOytxBKo4a3PO8yBWcup01zgMRxSwUrkejxKOeG3ZQ8mkPQxT5EFwNwc0t5OYWevLzCXFeOAVTfg97s4YVDmxB0Bc1qpigsgQVJagkQVUQVP36rlDWt%2FU9oWzJvLn35z6oR7ro7tK7uujGGQE1QxhR7%2BbH5OWpis7Hj39BLz5qxC0e%2BywIEua7He52mMfciHeSJPYiLwwiWHn%2F4vpK0Gp1bniQdmnW%2FI6ckLNv%2FIRcTsjpP06B0QNYdQAuXwUtXwOtatCbNXayxz0prC202bZUNpnSXZvrosl1CqFr5MUyim1nVx2T07Ppbmw9RMwPz%2F8WzAzc1MhNjU%2FkU4KuujO6qiuyd1VXljzayguZyh06nfy1ghbxiS%2Ffi7crbcTGJTu8%2FzafAtPwwfXYFps0EzLrWvLVBSlEbNa14TH5bsN%2BGLMrpb15oTRZmW9eubi%2BkeYmtlbqbAw6XeI%2FDbickJdOX58t9ZlvtiDNGKaskZaHZG6Qegye34LNF%2FytJjBqUcNyB1VZj4zPFo9KEqh4kVNWw%2F4nZ4t4ZOj0N5X1rr2DrlkCLW4jS2v0TY2%2BqkHVELY8MSpyc3j%2B5zkNppZGTJmlPaaM%2BmIm8%2FR6BCuPGlEQuDRca3tRROOItfxOEnqCUr8V%2BmFIAxR2krS%2F%2Ff1vAAAA%2F%2F8BAAD%2F%2F76vyZ6uBAAA HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 387a22b09e94db076d7dd95063bc4dfa
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuXuZiAgElBCQeBi9RkNnumZ2emQQJxriyuGZjYtCbVldVz5ZT3dVUdU%2FP7mkxIDlOwIueer%2FZzaIG0WNAo8wGgi6I2xfZg3vwB4gi5Cw9rg4%2BaN73%2BnsPvve9%2Bmg7OyZNZPTo6pt6UypFF9sNt%2F7Cu553qb4q42xUH3X99%2FylS3UzvNjzG%2B6L9dcFG%2BjFpuu5rud69WVpRKhHixUJmdzveY2e21hqNrz2Ekbm%2F7XNHFjqgA%2BPyTOQvKw9cs5Csini6Kurwg5Snbz0WpQpmmqDId%2B7FQ9inceI5jA0DsJ476Qb2h4uP4SOd2dyoYf%2FNQayJM7jhwjivRORCIY7M52BgogR8NPIh1MINYWkUzB9G5IfEoBxXFtDHN27pk1ON%2F5hacWWpPbkL8i8JLVfzyKOvryi5Kh%2BU6sslTq2GIUF5GgK2Z8iyfaRbi5A5vtg6YeQ%2FCey%2BGQVcbSzZpWG5MVsdymnkOEUSoxBrYOs%2BqSDLHSQJQ4iflRnnud1XM6o2%2B0x1uIdEfjc9Wgn9Kjn%2Bl1krJI3RpqMwdQYzGwhMVsYyLslcZ46B5N9D7tewHIHNi2J89YWhrxALghyS5BTglwS5ClBPix2ubJNW9zjymaBd5KbJ7lVTHTa36a7Ou2LmICaMQwvtpNj8nRlkvP%2Bg98wEEf1pt9uuz7tsXarF%2FjU7%2FFuy%2FdE2GJ%2BSL1uC1YWkHZhtvemLMnFCz8jkSU5%2F%2Bc5BHQfVu2DyedAMw80L0DXC2zGDwaSW5tqs2GpbARK922i0wbTEbgukKQ1pBvOtjom52c3e%2FZHF4IdkJMAMwUSU%2BAD%2BYigr%2B5Mbuic7NzQuSVfryWpjOQmre55M6WpcD5%2FQ2zk2vCVq3b82SusIip4%2F21h01Uacxn3LfniiuRcmGVtmCDfrth3RHA9s%2BtXMhNnyer1V5dXosQIa6WOp6Dy8MwZMFmShbve7KGe3roAaaYwWYEomyuVeh8s2YJNDi4%2FPvVyMvnlFKwmMGreEyQLyLNiYprB%2FKeSBErMaxoUsOLguz%2F%2BHZrjiaHVNJXFtr2DvqmBprcRRwWGpsBQFaBqDJudmqSJObj8wydVfIpA1SaBMrWdQBn1cWVyc%2BZ0SZ6v3aqQByuP6p1Wy6V%2Br%2B11OlR0gqVmN%2FQ9TmlzyW%2F6Pm0htWXY%2Fub3vwEAAP%2F%2FAQAA%2F%2F9dXnnijAQAAA%3D%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuXuZiAgElBCQeBi9RkNnumZ2emQQJxriyuGZjYtCbVldVz5ZT3dVUdU%2FP7mkxIDlOwIueer%2FZzaIG0WNAo8wGgi6I2xfZg3vwB4gi5Cw9rg4%2BaN73%2BnsPvve9%2Bmg7OyZNZPTo6pt6UypFF9sNt%2F7Cu553qb4q42xUH3X99%2FylS3UzvNjzG%2B6L9dcFG%2BjFpuu5rud69WVpRKhHixUJmdzveY2e21hqNrz2Ekbm%2F7XNHFjqgA%2BPyTOQvKw9cs5Csini6Kurwg5Snbz0WpQpmmqDId%2B7FQ9inceI5jA0DsJ476Qb2h4uP4SOd2dyoYf%2FNQayJM7jhwjivRORCIY7M52BgogR8NPIh1MINYWkUzB9G5IfEoBxXFtDHN27pk1ON%2F5hacWWpPbkL8i8JLVfzyKOvryi5Kh%2BU6sslTq2GIUF5GgK2Z8iyfaRbi5A5vtg6YeQ%2FCey%2BGQVcbSzZpWG5MVsdymnkOEUSoxBrYOs%2BqSDLHSQJQ4iflRnnud1XM6o2%2B0x1uIdEfjc9Wgn9Kjn%2Bl1krJI3RpqMwdQYzGwhMVsYyLslcZ46B5N9D7tewHIHNi2J89YWhrxALghyS5BTglwS5ClBPix2ubJNW9zjymaBd5KbJ7lVTHTa36a7Ou2LmICaMQwvtpNj8nRlkvP%2Bg98wEEf1pt9uuz7tsXarF%2FjU7%2FFuy%2FdE2GJ%2BSL1uC1YWkHZhtvemLMnFCz8jkSU5%2F%2Bc5BHQfVu2DyedAMw80L0DXC2zGDwaSW5tqs2GpbARK922i0wbTEbgukKQ1pBvOtjom52c3e%2FZHF4IdkJMAMwUSU%2BAD%2BYigr%2B5Mbuic7NzQuSVfryWpjOQmre55M6WpcD5%2FQ2zk2vCVq3b82SusIip4%2F21h01Uacxn3LfniiuRcmGVtmCDfrth3RHA9s%2BtXMhNnyer1V5dXosQIa6WOp6Dy8MwZMFmShbve7KGe3roAaaYwWYEomyuVeh8s2YJNDi4%2FPvVyMvnlFKwmMGreEyQLyLNiYprB%2FKeSBErMaxoUsOLguz%2F%2BHZrjiaHVNJXFtr2DvqmBprcRRwWGpsBQFaBqDJudmqSJObj8wydVfIpA1SaBMrWdQBn1cWVyc%2BZ0SZ6v3aqQByuP6p1Wy6V%2Br%2B11OlR0gqVmN%2FQ9TmlzyW%2F6Pm0htWXY%2Fub3vwEAAP%2F%2FAQAA%2F%2F9dXnnijAQAAA%3D%3D IP172.240.253.132:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRSuXuZiAgElBCQeBi9RkNnumZ2emQQJxriyuGZjYtCbVldVz5ZT3dVUdU%2FP7mkxIDlOwIueer%2FZzaIG0WNAo8wGgi6I2xfZg3vwB4gi5Cw9rg4%2BaN73%2BnsPvve9%2Bmg7OyZNZPTo6pt6UypFF9sNt%2F7Cu553qb4q42xUH3X99%2FylS3UzvNjzG%2B6L9dcFG%2BjFpuu5rud69WVpRKhHixUJmdzveY2e21hqNrz2Ekbm%2F7XNHFjqgA%2BPyTOQvKw9cs5Csini6Kurwg5Snbz0WpQpmmqDId%2B7FQ9inceI5jA0DsJ476Qb2h4uP4SOd2dyoYf%2FNQayJM7jhwjivRORCIY7M52BgogR8NPIh1MINYWkUzB9G5IfEoBxXFtDHN27pk1ON%2F5hacWWpPbkL8i8JLVfzyKOvryi5Kh%2BU6sslTq2GIUF5GgK2Z8iyfaRbi5A5vtg6YeQ%2FCey%2BGQVcbSzZpWG5MVsdymnkOEUSoxBrYOs%2BqSDLHSQJQ4iflRnnud1XM6o2%2B0x1uIdEfjc9Wgn9Kjn%2Bl1krJI3RpqMwdQYzGwhMVsYyLslcZ46B5N9D7tewHIHNi2J89YWhrxALghyS5BTglwS5ClBPix2ubJNW9zjymaBd5KbJ7lVTHTa36a7Ou2LmICaMQwvtpNj8nRlkvP%2Bg98wEEf1pt9uuz7tsXarF%2FjU7%2FFuy%2FdE2GJ%2BSL1uC1YWkHZhtvemLMnFCz8jkSU5%2F%2Bc5BHQfVu2DyedAMw80L0DXC2zGDwaSW5tqs2GpbARK922i0wbTEbgukKQ1pBvOtjom52c3e%2FZHF4IdkJMAMwUSU%2BAD%2BYigr%2B5Mbuic7NzQuSVfryWpjOQmre55M6WpcD5%2FQ2zk2vCVq3b82SusIip4%2F21h01Uacxn3LfniiuRcmGVtmCDfrth3RHA9s%2BtXMhNnyer1V5dXosQIa6WOp6Dy8MwZMFmShbve7KGe3roAaaYwWYEomyuVeh8s2YJNDi4%2FPvVyMvnlFKwmMGreEyQLyLNiYprB%2FKeSBErMaxoUsOLguz%2F%2BHZrjiaHVNJXFtr2DvqmBprcRRwWGpsBQFaBqDJudmqSJObj8wydVfIpA1SaBMrWdQBn1cWVyc%2BZ0SZ6v3aqQByuP6p1Wy6V%2Br%2B11OlR0gqVmN%2FQ9TmlzyW%2F6Pm0htWXY%2Fub3vwEAAP%2F%2FAQAA%2F%2F9dXnnijAQAAA%3D%3D HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c5579ca03132ca06d8f935e672d915f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 54 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:26 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 459cf8bc5b95714a6b4d183410593ebb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 04:43:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ka9dL4PsB9UyzUAywjw%2BYZFzSseHsfL%2BHGTuNPeBm6vfPD%2FUZKZDfM1kKwMbxW4vrUnAZKXK70aYXwnNK1SJUw4qfeex8Q3hm7y1Gwaayk%2FDvD5WidNLBadzfRieic5AjFxYj6qpsvskRXQcgVanVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5d46dfabe1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg | 45.133.44.9 | 200 OK | 24 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3 Hashd71c872fb9f50bd9383abc0721d1d51e 1f69b40ef2f95798b4e0fd738d630ad4319cd739 6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:26 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.21.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Mon, 06 May 2024 04:43:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=101 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=101 IP172.240.108.68:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=101 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2scZRj%2BpuxFCwWlFKQeFi9VkM3Mbnaz2x7EGiPB2NTWojf9fs3mc7%2BZb%2Fi%2BmZ1NTsGC9LgFL3qaPJs0qEX0WNAqm4JoQMzccjAH%2FwBRhJ5lttHFF2beH8%2F7wvM%2B7%2FfxTnZCmsjo8fJbZktpTRfaDb%2F%2B4ntBcKW%2BpuJsVB91O%2B93Fq%2FU7fByr9PwX6q%2FIfnALDT9wPcDP6ivKCtDM1qoQKjkfi9o9PzGYrMRtBcxsv%2FPXebBUQ9ieEKehRJl7ZF3HopPEUdfL0s3SE3y8utRpmlqLIZi%2F1Y8iE0eI5qHofUQxvun3TDuaOUhTLw3owsz%2FK%2BRqZJ4Pz4Ei%2FdPSYINd2c8mYaMwcRZ5MMppJ5C0Sm4uQ0ljgjABa6tI47uXTM2p5tPUFqhJak9%2FhsqL0ntt%2FOIo6%2BuajWq3zQ6S5WJHUZhATWaQvWnSLIDpFtnoPID8PQjKPELWXi8hjjaXXfaQIlitrtSU6hwCi3HoM5DVn3KQxZ6yBIPkTiu8yAIlnzBqd%2Ftcd4SS5J1hB%2FQpTCggd%2FpIuMVvTHSZAyux%2BB2G4ndxkDdLYn31AXY7Ae4jQJOeHBpSby3tzEUBXJJkDuCnBLkiiBPCfJhsSe0a7rintAuY8Gpb576VjExaX%2BH7pm0L2MCasewothJTsgzlUjeBw9%2Bx0Ae15uddtvv0B5vt3qsQzs90W11Ahm2eCekQbcFpwood2a295YqyeVLvyJRJbn41wUwegCnD8DV86BZAJoXoBsFtuIHAyWcS43ddFQ1mDZ9l5i0wU0EYQokaQ3pprejT8jF2c2e%2BzmA5Ifk1MBtgcQW%2BFA9IujrO5MbJie7N0zuyDfrSaoitUWre95MaSq9L96Um7mxYnXZjT9%2FlVdAFd5%2FR7p0jcZCxX1HvryqhJB2xVguyXer7l3Jrmdu42pm4yxZu%2F7aymqUWOmcMvEUVB2dOweuSnLmbjB7qGe3L0HZKWxWIMrmTJU5AE%2B24ZJ5zRkCq%2Bc5S2rIs2Jim2xe1IpAy3lOWQEnD7%2F%2F89%2BheTyxtJqmqthxd9C3NdD0NuKowNAWGOoCVI%2FhsqcnaWIPX%2Fnp08o%2BA9O1CdO2tsu01Z9UIjern1%2BSF2q3nmju1HG95YslJkO5xORiezGUXLB2m%2Fk85Kwlul2O1JVh%2B9s%2F%2FgEAAP%2F%2FAQAA%2F%2F%2Fu5RkljAQAAA%3D%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2scZRj%2BpuxFCwWlFKQeFi9VkM3Mbnaz2x7EGiPB2NTWojf9fs3mc7%2BZb%2Fi%2BmZ1NTsGC9LgFL3qaPJs0qEX0WNAqm4JoQMzccjAH%2FwBRhJ5lttHFF2beH8%2F7wvM%2B7%2FfxTnZCmsjo8fJbZktpTRfaDb%2F%2B4ntBcKW%2BpuJsVB91O%2B93Fq%2FU7fByr9PwX6q%2FIfnALDT9wPcDP6ivKCtDM1qoQKjkfi9o9PzGYrMRtBcxsv%2FPXebBUQ9ieEKehRJl7ZF3HopPEUdfL0s3SE3y8utRpmlqLIZi%2F1Y8iE0eI5qHofUQxvun3TDuaOUhTLw3owsz%2FK%2BRqZJ4Pz4Ei%2FdPSYINd2c8mYaMwcRZ5MMppJ5C0Sm4uQ0ljgjABa6tI47uXTM2p5tPUFqhJak9%2FhsqL0ntt%2FOIo6%2BuajWq3zQ6S5WJHUZhATWaQvWnSLIDpFtnoPID8PQjKPELWXi8hjjaXXfaQIlitrtSU6hwCi3HoM5DVn3KQxZ6yBIPkTiu8yAIlnzBqd%2Ftcd4SS5J1hB%2FQpTCggd%2FpIuMVvTHSZAyux%2BB2G4ndxkDdLYn31AXY7Ae4jQJOeHBpSby3tzEUBXJJkDuCnBLkiiBPCfJhsSe0a7rintAuY8Gpb576VjExaX%2BH7pm0L2MCasewothJTsgzlUjeBw9%2Bx0Ae15uddtvv0B5vt3qsQzs90W11Ahm2eCekQbcFpwood2a295YqyeVLvyJRJbn41wUwegCnD8DV86BZAJoXoBsFtuIHAyWcS43ddFQ1mDZ9l5i0wU0EYQokaQ3pprejT8jF2c2e%2BzmA5Ifk1MBtgcQW%2BFA9IujrO5MbJie7N0zuyDfrSaoitUWre95MaSq9L96Um7mxYnXZjT9%2FlVdAFd5%2FR7p0jcZCxX1HvryqhJB2xVguyXer7l3Jrmdu42pm4yxZu%2F7aymqUWOmcMvEUVB2dOweuSnLmbjB7qGe3L0HZKWxWIMrmTJU5AE%2B24ZJ5zRkCq%2Bc5S2rIs2Jim2xe1IpAy3lOWQEnD7%2F%2F89%2BheTyxtJqmqthxd9C3NdD0NuKowNAWGOoCVI%2FhsqcnaWIPX%2Fnp08o%2BA9O1CdO2tsu01Z9UIjern1%2BSF2q3nmju1HG95YslJkO5xORiezGUXLB2m%2Fk85Kwlul2O1JVh%2B9s%2F%2FgEAAP%2F%2FAQAA%2F%2F%2Fu5RkljAQAAA%3D%3D IP172.240.253.132:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2scZRj%2BpuxFCwWlFKQeFi9VkM3Mbnaz2x7EGiPB2NTWojf9fs3mc7%2BZb%2Fi%2BmZ1NTsGC9LgFL3qaPJs0qEX0WNAqm4JoQMzccjAH%2FwBRhJ5lttHFF2beH8%2F7wvM%2B7%2FfxTnZCmsjo8fJbZktpTRfaDb%2F%2B4ntBcKW%2BpuJsVB91O%2B93Fq%2FU7fByr9PwX6q%2FIfnALDT9wPcDP6ivKCtDM1qoQKjkfi9o9PzGYrMRtBcxsv%2FPXebBUQ9ieEKehRJl7ZF3HopPEUdfL0s3SE3y8utRpmlqLIZi%2F1Y8iE0eI5qHofUQxvun3TDuaOUhTLw3owsz%2FK%2BRqZJ4Pz4Ei%2FdPSYINd2c8mYaMwcRZ5MMppJ5C0Sm4uQ0ljgjABa6tI47uXTM2p5tPUFqhJak9%2FhsqL0ntt%2FOIo6%2BuajWq3zQ6S5WJHUZhATWaQvWnSLIDpFtnoPID8PQjKPELWXi8hjjaXXfaQIlitrtSU6hwCi3HoM5DVn3KQxZ6yBIPkTiu8yAIlnzBqd%2Ftcd4SS5J1hB%2FQpTCggd%2FpIuMVvTHSZAyux%2BB2G4ndxkDdLYn31AXY7Ae4jQJOeHBpSby3tzEUBXJJkDuCnBLkiiBPCfJhsSe0a7rintAuY8Gpb576VjExaX%2BH7pm0L2MCasewothJTsgzlUjeBw9%2Bx0Ae15uddtvv0B5vt3qsQzs90W11Ahm2eCekQbcFpwood2a295YqyeVLvyJRJbn41wUwegCnD8DV86BZAJoXoBsFtuIHAyWcS43ddFQ1mDZ9l5i0wU0EYQokaQ3pprejT8jF2c2e%2BzmA5Ifk1MBtgcQW%2BFA9IujrO5MbJie7N0zuyDfrSaoitUWre95MaSq9L96Um7mxYnXZjT9%2FlVdAFd5%2FR7p0jcZCxX1HvryqhJB2xVguyXer7l3Jrmdu42pm4yxZu%2F7aymqUWOmcMvEUVB2dOweuSnLmbjB7qGe3L0HZKWxWIMrmTJU5AE%2B24ZJ5zRkCq%2Bc5S2rIs2Jim2xe1IpAy3lOWQEnD7%2F%2F89%2BheTyxtJqmqthxd9C3NdD0NuKowNAWGOoCVI%2FhsqcnaWIPX%2Fnp08o%2BA9O1CdO2tsu01Z9UIjern1%2BSF2q3nmju1HG95YslJkO5xORiezGUXLB2m%2Fk85Kwlul2O1JVh%2B9s%2F%2FgEAAP%2F%2FAQAA%2F%2F%2Fu5RkljAQAAA%3D%3D HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9556eee42dbeb65c526b7e7c4c791f9a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 188.114.97.1 | 200 OK | 6.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP188.114.97.1:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:27 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 295503
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwTSi%2Bd%2BTx9s2NEWIBR4h1dxXB%2Fhk77SKzXELIKhOoh4MN%2BE%2FdALwwiLb0PzrXFFYfLud1qCzRhwsOQelUdLDH1y8qYF0LDg6zVSxXJhfM%2F1jBXKfRV%2BDhnfVNw65cjSTDz51QNl%2F0mJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5d4769b6c56b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.9 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:27 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Mon, 06 May 2024 04:43:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kidsstorysai.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery112409220310256934352_1714797805716&_=1714797805717 | 216.58.207.193 | 200 OK | 2.1 kB |
URL GET HTTP/3kidsstorysai.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery112409220310256934352_1714797805716&_=1714797805717 IP216.58.207.193:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeASCII text, with very long lines (15891) Hash3ad1e86f2a2d01226a8967455ed0f812 7e6939eb95a61a07dcdb30b303db53fb6682a29f 8bdc2ff499a7fc06038fa49ca4cf8741d968e5bfc276c5473f3ec6c44cb97ddf
GET /feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery112409220310256934352_1714797805716&_=1714797805717 HTTP/1.1
Host: kidsstorysai.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e%3A2%3A1; pp_main_343805875c0264c5b68b9d0061ac1953=1; sb_main_e4ce2b33fb208c08b1b07c8ffe171637=1; sb_count_e4ce2b33fb208c08b1b07c8ffe171637=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"47959eae196cb184f89d34bf7789adf60b930afc1b0f0d4ae66c8013f6474484"
date: Sat, 04 May 2024 04:43:26 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 04 May 2024 04:43:27 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 03 May 2024 12:42:32 GMT
content-encoding: gzip
content-length: 2080
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuXuaigYASAhIPg5coyGz3zE7PTHIQ13Vlcc3GxKA3ra6qni2nuqup6p6e3dNiQHKcgBc99X6zm0UNoseARpkNiC6I27c9uAf%2FAFGEnKUnq4MPut%2BP7z343vfq493slDSR0ZOVt%2FS2VIouthtu%2FcX3PO9qfV3G2ag%2B6vrv%2B0tX62Z4pec33Jfqbwg20ItN13Ndz%2FXqq9KIUI8WKxAyud%2FzGj23sdRseO0ljMz%2Fc5s5sNQBH56SZyF5WXvkXIBkU8TR1yvCDlKdvPx6lCmaaoMhP7gVD2Kdx4jmYWgchPHBWTe0PV59CB3vz%2BhCD%2F9rDGRJnB8fIogPzkgiGO7NeAYKIkbAzyEfTiHUFJJOwfRtSH5MAMZxbQNxdO%2BaNjndeoLSCi1J7fHfkHlJar9dQBx9tazkqH5TqyyVOrYYhQXkaArZnyLJDpFuL0Dmh2DpR5D8F7L4eB1xtLdhlYbkxWx3KaeQ4RRKjEGtg6z6pIMsdJAlDiJ%2BUmee53Vczqjb7THW4h0R%2BNz1aCf0qOf6XWSsojdGmozB1BjM7CAxOxjIuyVxnroIk%2F0Au1nAcgc2LYnz9g6GvEAuCHJLkFOCXBLkKUE%2BLPa5sk1b3OPKZoF35ptnvlVMdNrfpfs67YuYgJoxDC92k1PyTCWS88GD3zEQJ%2FWm3267Pu2xdqsX%2BNTv8W7L90TYYn5IvW4LVhaQdmG297YsyZXLvyKRJbn010UE9BBWHYLJ50EzDzQvQDcLbMcPBpJbm2qzZalsBEr3baLTBtMRuC6QpDWkW86uOiWXZjd77mcPgh2RMwMzBRJT4EP5iKCv7kxu6Jzs3dC5Jd9sJKmM5Dat7nkzpalwvnhTbOXa8LUVO%2F78VVYBVXj%2FHWHTdRpzGfct%2BXJZci7MqjZMkO%2FW7LsiuJ7ZzeXMxFmyfv211bUoMcJaqeMpqDw%2Bfx5MlmThrjd7qOd2LkOaKUxWIMrmTKU%2BBEt2YJN5zWoCo%2BZ5kNSQZ8XENIN5UUkCJeY5DQpYcfT9n%2F8OzeOJodU0lcWuvYO%2BqYGmtxFHBYamwFAVoGoMmz09SRNz9MpPn1b2GQJVmwTK1PYCZdQnlcjN6ueW5IXarSeaW3lS77RaLvV7ba%2FToaITLDW7oe9xSptLftP3aQupLcP2t3%2F8AwAA%2F%2F8BAAD%2F%2F24xzM2MBAAA | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuXuaigYASAhIPg5coyGz3zE7PTHIQ13Vlcc3GxKA3ra6qni2nuqup6p6e3dNiQHKcgBc99X6zm0UNoseARpkNiC6I27c9uAf%2FAFGEnKUnq4MPut%2BP7z343vfq493slDSR0ZOVt%2FS2VIouthtu%2FcX3PO9qfV3G2ag%2B6vrv%2B0tX62Z4pec33Jfqbwg20ItN13Ndz%2FXqq9KIUI8WKxAyud%2FzGj23sdRseO0ljMz%2Fc5s5sNQBH56SZyF5WXvkXIBkU8TR1yvCDlKdvPx6lCmaaoMhP7gVD2Kdx4jmYWgchPHBWTe0PV59CB3vz%2BhCD%2F9rDGRJnB8fIogPzkgiGO7NeAYKIkbAzyEfTiHUFJJOwfRtSH5MAMZxbQNxdO%2BaNjndeoLSCi1J7fHfkHlJar9dQBx9tazkqH5TqyyVOrYYhQXkaArZnyLJDpFuL0Dmh2DpR5D8F7L4eB1xtLdhlYbkxWx3KaeQ4RRKjEGtg6z6pIMsdJAlDiJ%2BUmee53Vczqjb7THW4h0R%2BNz1aCf0qOf6XWSsojdGmozB1BjM7CAxOxjIuyVxnroIk%2F0Au1nAcgc2LYnz9g6GvEAuCHJLkFOCXBLkKUE%2BLPa5sk1b3OPKZoF35ptnvlVMdNrfpfs67YuYgJoxDC92k1PyTCWS88GD3zEQJ%2FWm3267Pu2xdqsX%2BNTv8W7L90TYYn5IvW4LVhaQdmG297YsyZXLvyKRJbn010UE9BBWHYLJ50EzDzQvQDcLbMcPBpJbm2qzZalsBEr3baLTBtMRuC6QpDWkW86uOiWXZjd77mcPgh2RMwMzBRJT4EP5iKCv7kxu6Jzs3dC5Jd9sJKmM5Dat7nkzpalwvnhTbOXa8LUVO%2F78VVYBVXj%2FHWHTdRpzGfct%2BXJZci7MqjZMkO%2FW7LsiuJ7ZzeXMxFmyfv211bUoMcJaqeMpqDw%2Bfx5MlmThrjd7qOd2LkOaKUxWIMrmTKU%2BBEt2YJN5zWoCo%2BZ5kNSQZ8XENIN5UUkCJeY5DQpYcfT9n%2F8OzeOJodU0lcWuvYO%2BqYGmtxFHBYamwFAVoGoMmz09SRNz9MpPn1b2GQJVmwTK1PYCZdQnlcjN6ueW5IXarSeaW3lS77RaLvV7ba%2FToaITLDW7oe9xSptLftP3aQupLcP2t3%2F8AwAA%2F%2F8BAAD%2F%2F24xzM2MBAAA IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuXuaigYASAhIPg5coyGz3zE7PTHIQ13Vlcc3GxKA3ra6qni2nuqup6p6e3dNiQHKcgBc99X6zm0UNoseARpkNiC6I27c9uAf%2FAFGEnKUnq4MPut%2BP7z343vfq493slDSR0ZOVt%2FS2VIouthtu%2FcX3PO9qfV3G2ag%2B6vrv%2B0tX62Z4pec33Jfqbwg20ItN13Ndz%2FXqq9KIUI8WKxAyud%2FzGj23sdRseO0ljMz%2Fc5s5sNQBH56SZyF5WXvkXIBkU8TR1yvCDlKdvPx6lCmaaoMhP7gVD2Kdx4jmYWgchPHBWTe0PV59CB3vz%2BhCD%2F9rDGRJnB8fIogPzkgiGO7NeAYKIkbAzyEfTiHUFJJOwfRtSH5MAMZxbQNxdO%2BaNjndeoLSCi1J7fHfkHlJar9dQBx9tazkqH5TqyyVOrYYhQXkaArZnyLJDpFuL0Dmh2DpR5D8F7L4eB1xtLdhlYbkxWx3KaeQ4RRKjEGtg6z6pIMsdJAlDiJ%2BUmee53Vczqjb7THW4h0R%2BNz1aCf0qOf6XWSsojdGmozB1BjM7CAxOxjIuyVxnroIk%2F0Au1nAcgc2LYnz9g6GvEAuCHJLkFOCXBLkKUE%2BLPa5sk1b3OPKZoF35ptnvlVMdNrfpfs67YuYgJoxDC92k1PyTCWS88GD3zEQJ%2FWm3267Pu2xdqsX%2BNTv8W7L90TYYn5IvW4LVhaQdmG297YsyZXLvyKRJbn010UE9BBWHYLJ50EzDzQvQDcLbMcPBpJbm2qzZalsBEr3baLTBtMRuC6QpDWkW86uOiWXZjd77mcPgh2RMwMzBRJT4EP5iKCv7kxu6Jzs3dC5Jd9sJKmM5Dat7nkzpalwvnhTbOXa8LUVO%2F78VVYBVXj%2FHWHTdRpzGfct%2BXJZci7MqjZMkO%2FW7LsiuJ7ZzeXMxFmyfv211bUoMcJaqeMpqDw%2Bfx5MlmThrjd7qOd2LkOaKUxWIMrmTKU%2BBEt2YJN5zWoCo%2BZ5kNSQZ8XENIN5UUkCJeY5DQpYcfT9n%2F8OzeOJodU0lcWuvYO%2BqYGmtxFHBYamwFAVoGoMmz09SRNz9MpPn1b2GQJVmwTK1PYCZdQnlcjN6ueW5IXarSeaW3lS77RaLvV7ba%2FToaITLDW7oe9xSptLftP3aQupLcP2t3%2F8AwAA%2F%2F8BAAD%2F%2F24xzM2MBAAA HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a74ae70c06257a41ff073bb27fae85d2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scVRd9FXrzfYGAEgISF42bKEhPVfd0T3eyEMdxZHDMxMSgO32%2FqufZr%2BoV71V19cxqMCBZdsCNrmpOz2RQg%2BgyoFF6AqID4tRuFs7CP0AUIWupdrTxQtU995574dx734e72SlpIqMnK2%2BYbaU1XWg3%2FPrz7wTBtfq6irNRfdTtvNtZvFa3w6u9TsN%2Fof6a5AOz0PQD3w%2F8oL6qrAzNaKEioZIHvaDR8xuLzUbQXsTI%2Fjd2mQdHPYjhKXkaSpS1x95FKD5FHH25It0gNcmLr0aZpqmxGIqD2%2FEgNnmMaA5D6yGMD86qYdzx6iOYeH8mF2b4byFTJfG%2BfwQWH5yJBBvuzXQyDRmDifPIh1NIPYWiU3BzB0ocE4ALXN9AHN2%2FbmxOt%2F5macWWpPbkT6i8JLVfLiKOvljWalS%2FZXSWKhM7jMICajSF6k%2BRZIdIt89B5Yfg6QdQ4iey8GQdcbS34bSBEsVsdqWmUOEUWo5BnYes%2BpSHLPSQJR4icVLnQRAs%2BYJTv9vjvCWWJOsIP6BLYUADv9NFxit5Y6TJGFyPwe0OEruDgbpXEu9%2Fl2Cz7%2BA2CzjhwaUl8d7cwVAUyCVB7ghySpArgjwlyIfFvtCu6Yr7QruMBWe%2BeeZbxcSk%2FV26b9K%2BjAmoHcOKYjc5JU9VS%2FLee%2FgrBvKk3uy0236H9ni71WMd2umJbqsTyLDFOyENui04VUC5c7O5t1VJrl75GYkqyeU%2FLoHRQzh9CK6eBc0C0LwA3SywHT8cKOFcauyWo6rBtOm7xKQNbiIIUyBJa0i3vF19Si7PbvbMj01IfkTODNwWSGyB99Vjgr6%2BO7lpcrJ30%2BSOfLWRpCpS27S6562UptL77HW5lRsr1lbc%2BNOXeUVU8MFb0qXrNBYq7jvy%2BbISQtpVY7kk36y5tyW7kbnN5czGWbJ%2B45XVtSix0jll4imoOr5wAVyV5Ny9YPZQz%2B9cgbJT2KxAlM2VKnMInuzAJfOcMwRWz2OWeMizYmKbbJ7UikDLeUxZASePvv39n6Y5nlhadVNV7Lq76NsaaHoHcVRgaAsMdQGqx3DZ%2FydpYo9e%2BuHjyj4B07UJ07a2x7TVH82WXP38kjxXu12hAE6d1Fu%2BWGIylEtMLrYXQ8kFa7eZz0POWqLb5UhdGba%2F%2Fu0vAAAA%2F%2F8BAAD%2F%2F9GdLFeMBAAA | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scVRd9FXrzfYGAEgISF42bKEhPVfd0T3eyEMdxZHDMxMSgO32%2FqufZr%2BoV71V19cxqMCBZdsCNrmpOz2RQg%2BgyoFF6AqID4tRuFs7CP0AUIWupdrTxQtU995574dx734e72SlpIqMnK2%2BYbaU1XWg3%2FPrz7wTBtfq6irNRfdTtvNtZvFa3w6u9TsN%2Fof6a5AOz0PQD3w%2F8oL6qrAzNaKEioZIHvaDR8xuLzUbQXsTI%2Fjd2mQdHPYjhKXkaSpS1x95FKD5FHH25It0gNcmLr0aZpqmxGIqD2%2FEgNnmMaA5D6yGMD86qYdzx6iOYeH8mF2b4byFTJfG%2BfwQWH5yJBBvuzXQyDRmDifPIh1NIPYWiU3BzB0ocE4ALXN9AHN2%2FbmxOt%2F5macWWpPbkT6i8JLVfLiKOvljWalS%2FZXSWKhM7jMICajSF6k%2BRZIdIt89B5Yfg6QdQ4iey8GQdcbS34bSBEsVsdqWmUOEUWo5BnYes%2BpSHLPSQJR4icVLnQRAs%2BYJTv9vjvCWWJOsIP6BLYUADv9NFxit5Y6TJGFyPwe0OEruDgbpXEu9%2Fl2Cz7%2BA2CzjhwaUl8d7cwVAUyCVB7ghySpArgjwlyIfFvtCu6Yr7QruMBWe%2BeeZbxcSk%2FV26b9K%2BjAmoHcOKYjc5JU9VS%2FLee%2FgrBvKk3uy0236H9ni71WMd2umJbqsTyLDFOyENui04VUC5c7O5t1VJrl75GYkqyeU%2FLoHRQzh9CK6eBc0C0LwA3SywHT8cKOFcauyWo6rBtOm7xKQNbiIIUyBJa0i3vF19Si7PbvbMj01IfkTODNwWSGyB99Vjgr6%2BO7lpcrJ30%2BSOfLWRpCpS27S6562UptL77HW5lRsr1lbc%2BNOXeUVU8MFb0qXrNBYq7jvy%2BbISQtpVY7kk36y5tyW7kbnN5czGWbJ%2B45XVtSix0jll4imoOr5wAVyV5Ny9YPZQz%2B9cgbJT2KxAlM2VKnMInuzAJfOcMwRWz2OWeMizYmKbbJ7UikDLeUxZASePvv39n6Y5nlhadVNV7Lq76NsaaHoHcVRgaAsMdQGqx3DZ%2FydpYo9e%2BuHjyj4B07UJ07a2x7TVH82WXP38kjxXu12hAE6d1Fu%2BWGIylEtMLrYXQ8kFa7eZz0POWqLb5UhdGba%2F%2Fu0vAAAA%2F%2F8BAAD%2F%2F9GdLFeMBAAA IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scVRd9FXrzfYGAEgISF42bKEhPVfd0T3eyEMdxZHDMxMSgO32%2FqufZr%2BoV71V19cxqMCBZdsCNrmpOz2RQg%2BgyoFF6AqID4tRuFs7CP0AUIWupdrTxQtU995574dx734e72SlpIqMnK2%2BYbaU1XWg3%2FPrz7wTBtfq6irNRfdTtvNtZvFa3w6u9TsN%2Fof6a5AOz0PQD3w%2F8oL6qrAzNaKEioZIHvaDR8xuLzUbQXsTI%2Fjd2mQdHPYjhKXkaSpS1x95FKD5FHH25It0gNcmLr0aZpqmxGIqD2%2FEgNnmMaA5D6yGMD86qYdzx6iOYeH8mF2b4byFTJfG%2BfwQWH5yJBBvuzXQyDRmDifPIh1NIPYWiU3BzB0ocE4ALXN9AHN2%2FbmxOt%2F5macWWpPbkT6i8JLVfLiKOvljWalS%2FZXSWKhM7jMICajSF6k%2BRZIdIt89B5Yfg6QdQ4iey8GQdcbS34bSBEsVsdqWmUOEUWo5BnYes%2BpSHLPSQJR4icVLnQRAs%2BYJTv9vjvCWWJOsIP6BLYUADv9NFxit5Y6TJGFyPwe0OEruDgbpXEu9%2Fl2Cz7%2BA2CzjhwaUl8d7cwVAUyCVB7ghySpArgjwlyIfFvtCu6Yr7QruMBWe%2BeeZbxcSk%2FV26b9K%2BjAmoHcOKYjc5JU9VS%2FLee%2FgrBvKk3uy0236H9ni71WMd2umJbqsTyLDFOyENui04VUC5c7O5t1VJrl75GYkqyeU%2FLoHRQzh9CK6eBc0C0LwA3SywHT8cKOFcauyWo6rBtOm7xKQNbiIIUyBJa0i3vF19Si7PbvbMj01IfkTODNwWSGyB99Vjgr6%2BO7lpcrJ30%2BSOfLWRpCpS27S6562UptL77HW5lRsr1lbc%2BNOXeUVU8MFb0qXrNBYq7jvy%2BbISQtpVY7kk36y5tyW7kbnN5czGWbJ%2B45XVtSix0jll4imoOr5wAVyV5Ny9YPZQz%2B9cgbJT2KxAlM2VKnMInuzAJfOcMwRWz2OWeMizYmKbbJ7UikDLeUxZASePvv39n6Y5nlhadVNV7Lq76NsaaHoHcVRgaAsMdQGqx3DZ%2FydpYo9e%2BuHjyj4B07UJ07a2x7TVH82WXP38kjxXu12hAE6d1Fu%2BWGIylEtMLrYXQ8kFa7eZz0POWqLb5UhdGba%2F%2Fu0vAAAA%2F%2F8BAAD%2F%2F9GdLFeMBAAA HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab3ff4daa1b4b47d578665cab65b844e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS32scVRS%2BE%2FbFFgpKKUh9WHypgmxmdrOb3RYpxhgJxqa2Fn3T%2B2s2170zd7h3ZmeTp2BB%2BrgFX%2FRp8m3SoBbRx4JW2RSKBsTsi%2BTBPPgHiCL0WWaNLh4YznfmOwe%2B85370U52QurI6PHym2ZLaU3nmzW%2F%2BsK7QXCluqbibFAdtFvvtRauVG3%2FcqdV81%2Bsvi55z8zX%2FcD3Az%2BorigrQzOYL0mo5H4nqHX82kK9FjQXMLD%2Fr13mwVEPon9CnoESk8oj7zwUHyOOvlqWrpea5KXXokzT1Fj0xf6tuBebPEY0g6H1EMb7p90w7mjlIUy8N5UL0%2F%2BvkakJ8R4%2FBIv3T0WC9XenOpmGjMHEWeT9MaQeQ9ExuLkNJY4IwAWurSOO7l0zNqeb%2F7C0ZCek8uQvqHxCKr%2BeRxx9uaTVoHrT6CxVJnYYhAXUYAzVHSPJDpBuzUHlB%2BDph1DiJzL%2FZA1xtLvutIESxXR3pcZQ4RhaDkGdh6z8lIcs9JAlHiJxXOVBECz6glO%2F3eG8IRYlawk%2FoIthQAO%2F1UbGS3lDpMkQXA%2FB7TYSu42eujsh3lMXYLPv4TYKOOHBpRPivbWNviiQS4LcEeSUIFcEeUqQ94s9oV3dFfeEdhkLTnP9NDeKkUm7O3TPpF0ZE1A7hBXFTnJCni5N8t5%2F8Bt68rhabzWbfot2eLPRYS3a6oh2oxXIsMFbIQ3aDThVQLm56d5bakIuX%2FoZiZqQi39eAKMHcPoAXD0HmgWgeQG6UWArftBTwrnU2E1HVY1p03WJSWvcRBCmQJJWkG56O%2FqEXJze7NkffUh%2BSE4D3BZIbIEP1COCrr4zumFysnvD5I58vZ6kKlJbtLznzZSm0vv8DbmZGytWl93ws1d4SZTw%2FtvSpWs0FiruOvLFkhJC2hVjuSTfrrp3JLueuY2lzMZZsnb91ZXVKLHSOWXiMag6OncOXE3I3N1g%2BlDPbl%2BCsmPYrECUzZQqcwCebMMlh1cfn3k5Gf1yBs4QWD3rYckc8qwY2Tqb%2FdSKQMtZTVkBJw%2B%2F%2B%2BPfoRkeWVpOU1XsuDvo2gpoehtxVKBvC%2FR1AaqHcNmZUZrYw6s%2FfFLGp2C6MmLaVnaZtvrj0uT61OkJeb5yq0QBnDquNnyxyGQoF5lcaC6EkgvWbDKfh5w1RLvNkbpJ2Pzm978BAAD%2F%2FwEAAP%2F%2F3YqsCowEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RS32scVRS%2BE%2FbFFgpKKUh9WHypgmxmdrOb3RYpxhgJxqa2Fn3T%2B2s2170zd7h3ZmeTp2BB%2BrgFX%2FRp8m3SoBbRx4JW2RSKBsTsi%2BTBPPgHiCL0WWaNLh4YznfmOwe%2B85370U52QurI6PHym2ZLaU3nmzW%2F%2BsK7QXCluqbibFAdtFvvtRauVG3%2FcqdV81%2Bsvi55z8zX%2FcD3Az%2BorigrQzOYL0mo5H4nqHX82kK9FjQXMLD%2Fr13mwVEPon9CnoESk8oj7zwUHyOOvlqWrpea5KXXokzT1Fj0xf6tuBebPEY0g6H1EMb7p90w7mjlIUy8N5UL0%2F%2BvkakJ8R4%2FBIv3T0WC9XenOpmGjMHEWeT9MaQeQ9ExuLkNJY4IwAWurSOO7l0zNqeb%2F7C0ZCek8uQvqHxCKr%2BeRxx9uaTVoHrT6CxVJnYYhAXUYAzVHSPJDpBuzUHlB%2BDph1DiJzL%2FZA1xtLvutIESxXR3pcZQ4RhaDkGdh6z8lIcs9JAlHiJxXOVBECz6glO%2F3eG8IRYlawk%2FoIthQAO%2F1UbGS3lDpMkQXA%2FB7TYSu42eujsh3lMXYLPv4TYKOOHBpRPivbWNviiQS4LcEeSUIFcEeUqQ94s9oV3dFfeEdhkLTnP9NDeKkUm7O3TPpF0ZE1A7hBXFTnJCni5N8t5%2F8Bt68rhabzWbfot2eLPRYS3a6oh2oxXIsMFbIQ3aDThVQLm56d5bakIuX%2FoZiZqQi39eAKMHcPoAXD0HmgWgeQG6UWArftBTwrnU2E1HVY1p03WJSWvcRBCmQJJWkG56O%2FqEXJze7NkffUh%2BSE4D3BZIbIEP1COCrr4zumFysnvD5I58vZ6kKlJbtLznzZSm0vv8DbmZGytWl93ws1d4SZTw%2FtvSpWs0FiruOvLFkhJC2hVjuSTfrrp3JLueuY2lzMZZsnb91ZXVKLHSOWXiMag6OncOXE3I3N1g%2BlDPbl%2BCsmPYrECUzZQqcwCebMMlh1cfn3k5Gf1yBs4QWD3rYckc8qwY2Tqb%2FdSKQMtZTVkBJw%2B%2F%2B%2BPfoRkeWVpOU1XsuDvo2gpoehtxVKBvC%2FR1AaqHcNmZUZrYw6s%2FfFLGp2C6MmLaVnaZtvrj0uT61OkJeb5yq0QBnDquNnyxyGQoF5lcaC6EkgvWbDKfh5w1RLvNkbpJ2Pzm978BAAD%2F%2FwEAAP%2F%2F3YqsCowEAAA%3D IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RS32scVRS%2BE%2FbFFgpKKUh9WHypgmxmdrOb3RYpxhgJxqa2Fn3T%2B2s2170zd7h3ZmeTp2BB%2BrgFX%2FRp8m3SoBbRx4JW2RSKBsTsi%2BTBPPgHiCL0WWaNLh4YznfmOwe%2B85370U52QurI6PHym2ZLaU3nmzW%2F%2BsK7QXCluqbibFAdtFvvtRauVG3%2FcqdV81%2Bsvi55z8zX%2FcD3Az%2BorigrQzOYL0mo5H4nqHX82kK9FjQXMLD%2Fr13mwVEPon9CnoESk8oj7zwUHyOOvlqWrpea5KXXokzT1Fj0xf6tuBebPEY0g6H1EMb7p90w7mjlIUy8N5UL0%2F%2BvkakJ8R4%2FBIv3T0WC9XenOpmGjMHEWeT9MaQeQ9ExuLkNJY4IwAWurSOO7l0zNqeb%2F7C0ZCek8uQvqHxCKr%2BeRxx9uaTVoHrT6CxVJnYYhAXUYAzVHSPJDpBuzUHlB%2BDph1DiJzL%2FZA1xtLvutIESxXR3pcZQ4RhaDkGdh6z8lIcs9JAlHiJxXOVBECz6glO%2F3eG8IRYlawk%2FoIthQAO%2F1UbGS3lDpMkQXA%2FB7TYSu42eujsh3lMXYLPv4TYKOOHBpRPivbWNviiQS4LcEeSUIFcEeUqQ94s9oV3dFfeEdhkLTnP9NDeKkUm7O3TPpF0ZE1A7hBXFTnJCni5N8t5%2F8Bt68rhabzWbfot2eLPRYS3a6oh2oxXIsMFbIQ3aDThVQLm56d5bakIuX%2FoZiZqQi39eAKMHcPoAXD0HmgWgeQG6UWArftBTwrnU2E1HVY1p03WJSWvcRBCmQJJWkG56O%2FqEXJze7NkffUh%2BSE4D3BZIbIEP1COCrr4zumFysnvD5I58vZ6kKlJbtLznzZSm0vv8DbmZGytWl93ws1d4SZTw%2FtvSpWs0FiruOvLFkhJC2hVjuSTfrrp3JLueuY2lzMZZsnb91ZXVKLHSOWXiMag6OncOXE3I3N1g%2BlDPbl%2BCsmPYrECUzZQqcwCebMMlh1cfn3k5Gf1yBs4QWD3rYckc8qwY2Tqb%2FdSKQMtZTVkBJw%2B%2F%2B%2BPfoRkeWVpOU1XsuDvo2gpoehtxVKBvC%2FR1AaqHcNmZUZrYw6s%2FfFLGp2C6MmLaVnaZtvrj0uT61OkJeb5yq0QBnDquNnyxyGQoF5lcaC6EkgvWbDKfh5w1RLvNkbpJ2Pzm978BAAD%2F%2FwEAAP%2F%2F3YqsCowEAAA%3D HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b19c81f4651ae19b64b1f5544eef4579
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuTuby7XfxRwhIPAyCqCCz3T07PTMJElzXlcU1GxOD3rS6qnu2nOqupqp7enZPiwHJcQQveup9ZjeLGkSPAQ0yGwi6KG5fZA%2FuwT8gIELwKD0Ojr7Q%2FT5vPU%2FB875vfbibnRIXGT1ZeUNtCynpYqth159%2Fx3Eu1ddFnA3rw473rrd0qa4HF7tew36h%2FlrA%2BmrRtR3bdmynvip0EKrhYkVCJHe6TqNrN5bchtNawlD%2FtzaZBUMt8MEpeQKCl7X71jkINkEcfbUSmH6qkhdfjTJJU6Ux4Ac34n6s8hjRHIbaQhgfzNRQ5nj1HlS8P7ULNfhH6IuSWA%2FuwY8PZibhD%2FamPn2JIIbP%2F498MEEgJxB0AqZuQvBjAjCOKxuIo9tXlM7p1t8srdiS1B79AZGXpPbrOcTRl8tSDOvXlcxSoWKDYVhADCcQvQmS7BDp9hmI%2FBAs%2FQCC%2F0QWH60jjvY2jFQQvJj2LsQEIpxABiNQYyGrPmEhCy1kiYWIn9SZ4zhtmzNqd7qMNXk78D1uO7QdOtSxvQ4yVtkbIU1GYHIEpneQ6B30xUclsf53Hjr7DmazgOEWTFoS680dDHiBPCDIDUFOCXJBkKcE%2BaDY59K4prjNpcl8Z5bdWW4WY5X2dum%2BSntBTED1CJoXu8kpebwakvXe3d%2FQD07qrtdq2R7tslaz63vU6%2FJO03OCsMm8kDqdJowoIMyZad%2FboiQXn%2FsZiSjJhd%2FPw6eHMPIQTDwNmjmgeQG6WWA7vtsX3JhU6S1DRcOXqmcSlTaYisBVgSStId2yduUpuTDd2TO1GwjY0eUHCy8l418WwHSBRBd4X9wn6Mlb42sqJ3vXVG7I1xtJKiKxTat9Xk9pGpz9%2FPVgK1ear62Y0Wcvs4qo4J23ApOu05iLuGfIF8uC80CvKs0C8u2aeTvwr2ZmcznTcZasX31ldS1KdGCMUPEEVBxv%2FAkmSlJ79snpQ33sx4cQegKdFYiyIzILCHUIluzAJHP3RhFoOdf4yVnkWTHWrj8%2FlIJABvOa%2BgXMv2p%2FjseaVrepKHbNLfR0DTS9iTgqMNAFBrIAlSOYbGGcJvro8vefVPEpfFkb%2B1LX9nyp5ccleeoHt%2FrZ03FXyIERJ%2FV2s2lTr9ty2m0atP0ltxN6DqfUXfJcz6NNpKYMW988%2FAsAAP%2F%2FAQAA%2F%2F9Gdv1KjAQAAA%3D%3D | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuTuby7XfxRwhIPAyCqCCz3T07PTMJElzXlcU1GxOD3rS6qnu2nOqupqp7enZPiwHJcQQveup9ZjeLGkSPAQ0yGwi6KG5fZA%2FuwT8gIELwKD0Ojr7Q%2FT5vPU%2FB875vfbibnRIXGT1ZeUNtCynpYqth159%2Fx3Eu1ddFnA3rw473rrd0qa4HF7tew36h%2FlrA%2BmrRtR3bdmynvip0EKrhYkVCJHe6TqNrN5bchtNawlD%2FtzaZBUMt8MEpeQKCl7X71jkINkEcfbUSmH6qkhdfjTJJU6Ux4Ac34n6s8hjRHIbaQhgfzNRQ5nj1HlS8P7ULNfhH6IuSWA%2FuwY8PZibhD%2FamPn2JIIbP%2F498MEEgJxB0AqZuQvBjAjCOKxuIo9tXlM7p1t8srdiS1B79AZGXpPbrOcTRl8tSDOvXlcxSoWKDYVhADCcQvQmS7BDp9hmI%2FBAs%2FQCC%2F0QWH60jjvY2jFQQvJj2LsQEIpxABiNQYyGrPmEhCy1kiYWIn9SZ4zhtmzNqd7qMNXk78D1uO7QdOtSxvQ4yVtkbIU1GYHIEpneQ6B30xUclsf53Hjr7DmazgOEWTFoS680dDHiBPCDIDUFOCXJBkKcE%2BaDY59K4prjNpcl8Z5bdWW4WY5X2dum%2BSntBTED1CJoXu8kpebwakvXe3d%2FQD07qrtdq2R7tslaz63vU6%2FJO03OCsMm8kDqdJowoIMyZad%2FboiQXn%2FsZiSjJhd%2FPw6eHMPIQTDwNmjmgeQG6WWA7vtsX3JhU6S1DRcOXqmcSlTaYisBVgSStId2yduUpuTDd2TO1GwjY0eUHCy8l418WwHSBRBd4X9wn6Mlb42sqJ3vXVG7I1xtJKiKxTat9Xk9pGpz9%2FPVgK1ear62Y0Wcvs4qo4J23ApOu05iLuGfIF8uC80CvKs0C8u2aeTvwr2ZmcznTcZasX31ldS1KdGCMUPEEVBxv%2FAkmSlJ79snpQ33sx4cQegKdFYiyIzILCHUIluzAJHP3RhFoOdf4yVnkWTHWrj8%2FlIJABvOa%2BgXMv2p%2FjseaVrepKHbNLfR0DTS9iTgqMNAFBrIAlSOYbGGcJvro8vefVPEpfFkb%2B1LX9nyp5ccleeoHt%2FrZ03FXyIERJ%2FV2s2lTr9ty2m0atP0ltxN6DqfUXfJcz6NNpKYMW988%2FAsAAP%2F%2FAQAA%2F%2F9Gdv1KjAQAAA%3D%3D IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRuuTuby7XfxRwhIPAyCqCCz3T07PTMJElzXlcU1GxOD3rS6qnu2nOqupqp7enZPiwHJcQQveup9ZjeLGkSPAQ0yGwi6KG5fZA%2FuwT8gIELwKD0Ojr7Q%2FT5vPU%2FB875vfbibnRIXGT1ZeUNtCynpYqth159%2Fx3Eu1ddFnA3rw473rrd0qa4HF7tew36h%2FlrA%2BmrRtR3bdmynvip0EKrhYkVCJHe6TqNrN5bchtNawlD%2FtzaZBUMt8MEpeQKCl7X71jkINkEcfbUSmH6qkhdfjTJJU6Ux4Ac34n6s8hjRHIbaQhgfzNRQ5nj1HlS8P7ULNfhH6IuSWA%2FuwY8PZibhD%2FamPn2JIIbP%2F498MEEgJxB0AqZuQvBjAjCOKxuIo9tXlM7p1t8srdiS1B79AZGXpPbrOcTRl8tSDOvXlcxSoWKDYVhADCcQvQmS7BDp9hmI%2FBAs%2FQCC%2F0QWH60jjvY2jFQQvJj2LsQEIpxABiNQYyGrPmEhCy1kiYWIn9SZ4zhtmzNqd7qMNXk78D1uO7QdOtSxvQ4yVtkbIU1GYHIEpneQ6B30xUclsf53Hjr7DmazgOEWTFoS680dDHiBPCDIDUFOCXJBkKcE%2BaDY59K4prjNpcl8Z5bdWW4WY5X2dum%2BSntBTED1CJoXu8kpebwakvXe3d%2FQD07qrtdq2R7tslaz63vU6%2FJO03OCsMm8kDqdJowoIMyZad%2FboiQXn%2FsZiSjJhd%2FPw6eHMPIQTDwNmjmgeQG6WWA7vtsX3JhU6S1DRcOXqmcSlTaYisBVgSStId2yduUpuTDd2TO1GwjY0eUHCy8l418WwHSBRBd4X9wn6Mlb42sqJ3vXVG7I1xtJKiKxTat9Xk9pGpz9%2FPVgK1ear62Y0Wcvs4qo4J23ApOu05iLuGfIF8uC80CvKs0C8u2aeTvwr2ZmcznTcZasX31ldS1KdGCMUPEEVBxv%2FAkmSlJ79snpQ33sx4cQegKdFYiyIzILCHUIluzAJHP3RhFoOdf4yVnkWTHWrj8%2FlIJABvOa%2BgXMv2p%2FjseaVrepKHbNLfR0DTS9iTgqMNAFBrIAlSOYbGGcJvro8vefVPEpfFkb%2B1LX9nyp5ccleeoHt%2FrZ03FXyIERJ%2FV2s2lTr9ty2m0atP0ltxN6DqfUXfJcz6NNpKYMW988%2FAsAAP%2F%2FAQAA%2F%2F9Gdv1KjAQAAA%3D%3D HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a53da6d0f7d6d6f7d8a68c3dc517837
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdObX34bP4YBGReNICpIp6o73emeQQZjjATjZJxx0J2%2Br%2Bo8%2B1W94r2qrk5WwQGZZQtudFU5nUxQB9HlgA7SGRg0KKY3koVZ%2BAcMiDC4lGqDrReq7rnvnAfn3vs%2B3MlOSB0ZPV5%2Bw2wprel8s%2BZXn38nCC5V11ScDaqDduvd1sKlqu1f7LRq%2FgvV1yTvmfm6H%2Fh%2B4AfVFWVlaAbzJQmV3OkEtY5fW6jXguYCBva%2Ftcs8OOpB9E%2FIE1BiUrnvnYPiY8TRV8vS9VKTvPhqlGmaGou%2B2L8R92KTx4hmMLQewnj%2FVA3jjlbuwcR7U7sw%2FX%2BETE2I9%2BAeWLx%2FahKsvzv1yTRkDCb%2Bj7w%2FhtRjKDoGNzehxBEBuMCVdcTR7SvG5nTzb5aW7IRUHv0BlU9I5ddziKMvl7QaVK8bnaXKxA6DsIAajKG6YyTZAdKtM1D5AXj6AZT4icw%2FWkMc7a47baBEMe1dqTFUOIaWQ1DnISs%2F5SELPWSJh0gcV3kQBIu%2B4NRvdzhviEXJWsIP6GIY0MBvtZHx0t4QaTIE10Nwu43EbqOnPpoQ73%2FnYbPv4DYKOOHBpRPivbmNviiQS4LcEeSUIFcEeUqQ94s9oV3dFbeFdhkLTnP9NDeKkUm7O3TPpF0ZE1A7hBXFTnJCHi%2BH5L139zf05HG13mo2%2FRbt8Gajw1q01RHtRiuQYYO3Qhq0G3CqgHJnpn1vqQm5%2BNzPSNSEXPj9PBg9gNMH4Opp0CwAzQvQjQJb8d2eEs6lxm46qmpMm65LTFrjJoIwBZK0gnTT29En5MJ0Z89UbkDyw8sP5l5KRr%2FMgdsCiS3wvrpP0NW3RtdMTnavmdyRr9eTVEVqi5b7vJ7SVJ79%2FHW5mRsrVpfd8LOXeUmU8M5b0qVrNBYq7jryxZISQtoVY7kk3666tyW7mrmNpczGWbJ29ZWV1Six0jll4jGoOlr%2FE1xNSOXZJ6cP9bEfH0LZMWxWIMoOyWlAmQPwZBsumbl3hsDqmYYlZ5FnxcjW2exQKwItZzVlBdy%2FajbDI0vL21QVO%2B4WurYCmt5EHBXo2wJ9XYDqIVw2N0oTe3j5%2B0%2FK%2BBRMV0ZM28ou01Z%2FPCFP%2FVAvf%2F503CUK4NRxteGLRSZDucjkQnMhlFywZpP5POSsIdptjtRNwuY3D%2F8CAAD%2F%2FwEAAP%2F%2FxqIooowEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1bypassmaestro.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdObX34bP4YBGReNICpIp6o73emeQQZjjATjZJxx0J2%2Br%2Bo8%2B1W94r2qrk5WwQGZZQtudFU5nUxQB9HlgA7SGRg0KKY3koVZ%2BAcMiDC4lGqDrReq7rnvnAfn3vs%2B3MlOSB0ZPV5%2Bw2wprel8s%2BZXn38nCC5V11ScDaqDduvd1sKlqu1f7LRq%2FgvV1yTvmfm6H%2Fh%2B4AfVFWVlaAbzJQmV3OkEtY5fW6jXguYCBva%2Ftcs8OOpB9E%2FIE1BiUrnvnYPiY8TRV8vS9VKTvPhqlGmaGou%2B2L8R92KTx4hmMLQewnj%2FVA3jjlbuwcR7U7sw%2FX%2BETE2I9%2BAeWLx%2FahKsvzv1yTRkDCb%2Bj7w%2FhtRjKDoGNzehxBEBuMCVdcTR7SvG5nTzb5aW7IRUHv0BlU9I5ddziKMvl7QaVK8bnaXKxA6DsIAajKG6YyTZAdKtM1D5AXj6AZT4icw%2FWkMc7a47baBEMe1dqTFUOIaWQ1DnISs%2F5SELPWSJh0gcV3kQBIu%2B4NRvdzhviEXJWsIP6GIY0MBvtZHx0t4QaTIE10Nwu43EbqOnPpoQ73%2FnYbPv4DYKOOHBpRPivbmNviiQS4LcEeSUIFcEeUqQ94s9oV3dFbeFdhkLTnP9NDeKkUm7O3TPpF0ZE1A7hBXFTnJCHi%2BH5L139zf05HG13mo2%2FRbt8Gajw1q01RHtRiuQYYO3Qhq0G3CqgHJnpn1vqQm5%2BNzPSNSEXPj9PBg9gNMH4Opp0CwAzQvQjQJb8d2eEs6lxm46qmpMm65LTFrjJoIwBZK0gnTT29En5MJ0Z89UbkDyw8sP5l5KRr%2FMgdsCiS3wvrpP0NW3RtdMTnavmdyRr9eTVEVqi5b7vJ7SVJ79%2FHW5mRsrVpfd8LOXeUmU8M5b0qVrNBYq7jryxZISQtoVY7kk3666tyW7mrmNpczGWbJ29ZWV1Six0jll4jGoOlr%2FE1xNSOXZJ6cP9bEfH0LZMWxWIMoOyWlAmQPwZBsumbl3hsDqmYYlZ5FnxcjW2exQKwItZzVlBdy%2FajbDI0vL21QVO%2B4WurYCmt5EHBXo2wJ9XYDqIVw2N0oTe3j5%2B0%2FK%2BBRMV0ZM28ou01Z%2FPCFP%2FVAvf%2F503CUK4NRxteGLRSZDucjkQnMhlFywZpP5POSsIdptjtRNwuY3D%2F8CAAD%2F%2FwEAAP%2F%2FxqIooowEAAA%3D IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbypassmaestro.com Fingerprint9D:D9:B3:51:45:6B:5A:87:0C:6F:89:BF:4C:6F:1A:99:8A:FB:D5:D4 ValidityMon, 29 Apr 2024 08:36:15 GMT - Sun, 28 Jul 2024 08:36:14 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdObX34bP4YBGReNICpIp6o73emeQQZjjATjZJxx0J2%2Br%2Bo8%2B1W94r2qrk5WwQGZZQtudFU5nUxQB9HlgA7SGRg0KKY3koVZ%2BAcMiDC4lGqDrReq7rnvnAfn3vs%2B3MlOSB0ZPV5%2Bw2wprel8s%2BZXn38nCC5V11ScDaqDduvd1sKlqu1f7LRq%2FgvV1yTvmfm6H%2Fh%2B4AfVFWVlaAbzJQmV3OkEtY5fW6jXguYCBva%2Ftcs8OOpB9E%2FIE1BiUrnvnYPiY8TRV8vS9VKTvPhqlGmaGou%2B2L8R92KTx4hmMLQewnj%2FVA3jjlbuwcR7U7sw%2FX%2BETE2I9%2BAeWLx%2FahKsvzv1yTRkDCb%2Bj7w%2FhtRjKDoGNzehxBEBuMCVdcTR7SvG5nTzb5aW7IRUHv0BlU9I5ddziKMvl7QaVK8bnaXKxA6DsIAajKG6YyTZAdKtM1D5AXj6AZT4icw%2FWkMc7a47baBEMe1dqTFUOIaWQ1DnISs%2F5SELPWSJh0gcV3kQBIu%2B4NRvdzhviEXJWsIP6GIY0MBvtZHx0t4QaTIE10Nwu43EbqOnPpoQ73%2FnYbPv4DYKOOHBpRPivbmNviiQS4LcEeSUIFcEeUqQ94s9oV3dFbeFdhkLTnP9NDeKkUm7O3TPpF0ZE1A7hBXFTnJCHi%2BH5L139zf05HG13mo2%2FRbt8Gajw1q01RHtRiuQYYO3Qhq0G3CqgHJnpn1vqQm5%2BNzPSNSEXPj9PBg9gNMH4Opp0CwAzQvQjQJb8d2eEs6lxm46qmpMm65LTFrjJoIwBZK0gnTT29En5MJ0Z89UbkDyw8sP5l5KRr%2FMgdsCiS3wvrpP0NW3RtdMTnavmdyRr9eTVEVqi5b7vJ7SVJ79%2FHW5mRsrVpfd8LOXeUmU8M5b0qVrNBYq7jryxZISQtoVY7kk3666tyW7mrmNpczGWbJ29ZWV1Six0jll4jGoOlr%2FE1xNSOXZJ6cP9bEfH0LZMWxWIMoOyWlAmQPwZBsumbl3hsDqmYYlZ5FnxcjW2exQKwItZzVlBdy%2FajbDI0vL21QVO%2B4WurYCmt5EHBXo2wJ9XYDqIVw2N0oTe3j5%2B0%2FK%2BBRMV0ZM28ou01Z%2FPCFP%2FVAvf%2F503CUK4NRxteGLRSZDucjkQnMhlFywZpP5POSsIdptjtRNwuY3D%2F8CAAD%2F%2FwEAAP%2F%2FxqIooowEAAA%3D HTTP/1.1
Host: bypassmaestro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116258; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec265506a9c539b6a69d8361ef3c6fa183=[1690162,1690160,2229333,1690161]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 902632f04a424ca0771cf9bd1399ebf9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| img.youtube.com/vi/IKVUYJs1ZCE/0.jpg | 142.250.74.78 | 200 OK | 39 kB |
URL GET HTTP/2img.youtube.com/vi/IKVUYJs1ZCE/0.jpg IP142.250.74.78:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash11f10f20f50a30e11efb00ed9827d27d bba46a984ae5ea603065f68a8e175d7b1b49972c 66b9a6db56e4079db1c5c68a02120671ce9780656eb5744283944506affa2ba6
GET /vi/IKVUYJs1ZCE/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 39153
date: Sat, 04 May 2024 04:43:27 GMT
expires: Sat, 04 May 2024 06:43:27 GMT
cache-control: public, max-age=7200
etag: "1698673500"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/JCAWygsibLc/0.jpg | 142.250.74.78 | 200 OK | 41 kB |
URL GET HTTP/2img.youtube.com/vi/JCAWygsibLc/0.jpg IP142.250.74.78:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash1df92dbe0b06d5655a804b90eb3ce94b ff96fb45fc3ae7b989a407d82625d29503c555a7 718ae3ff8ad5568a515045ef3366da50540608d82ae4fb9632a51f78a95a3e3f
GET /vi/JCAWygsibLc/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 40670
date: Sat, 04 May 2024 04:43:27 GMT
expires: Sat, 04 May 2024 06:43:27 GMT
cache-control: public, max-age=7200
etag: "1702150360"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.4 | 200 OK | 56 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typegzip compressed data, from Unix Hash7742261d7baf3b2314b0dfc1b8c909e8 e4987affb288e57db342d1df937f3fcb9ecf420a 4adb4a7ab3c8ac66102546b15126287c53735d62cb786178e7c06c724dba54d6
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:26 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 05:43:26 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/VBmRUcKiSRw/0.jpg | 142.250.74.78 | 200 OK | 40 kB |
URL GET HTTP/2img.youtube.com/vi/VBmRUcKiSRw/0.jpg IP142.250.74.78:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hasheb838ad0d17e60b58dcb24a788d83119 e967b0be63deef64468b45b43f841ea1c3019561 c2a604f3f43eeb86adbfa0dd18cdd096a6d1134fbb8ea5edd03265ca7448b3b6
GET /vi/VBmRUcKiSRw/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 39802
date: Sat, 04 May 2024 04:43:27 GMT
expires: Sat, 04 May 2024 06:43:27 GMT
cache-control: public, max-age=7200
etag: "1701455287"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/CxDsHECL_Eo/0.jpg | 142.250.74.78 | 200 OK | 39 kB |
URL GET HTTP/2img.youtube.com/vi/CxDsHECL_Eo/0.jpg IP142.250.74.78:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash132430c1b7faa3f02d07fea3f2e18065 ac597eb6c6fc0a004b631bb623e5e6c3a7287445 cc5ebbd025becbb0ac8a0e0f6fa742be4d19a91045c738550234e539c02c401e
GET /vi/CxDsHECL_Eo/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 39309
date: Sat, 04 May 2024 04:43:27 GMT
expires: Sat, 04 May 2024 06:43:27 GMT
cache-control: public, max-age=7200
etag: "1706551659"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/NIjlr-1TlDQ/0.jpg | 142.250.74.78 | 200 OK | 35 kB |
URL GET HTTP/2img.youtube.com/vi/NIjlr-1TlDQ/0.jpg IP142.250.74.78:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash9d2bddc401f0ea95fb190dfefe6dd126 ac4c3670404d0519db44697c32f72140a52cea6b eefa568b5a72c3b41bda4943a29a141cb05d66156d76659feac47bd9a5132de7
GET /vi/NIjlr-1TlDQ/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 35104
date: Sat, 04 May 2024 04:43:27 GMT
expires: Sat, 04 May 2024 06:43:27 GMT
cache-control: public, max-age=7200
etag: "1708458544"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:27 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0bcc4508e1208f8e9799257e3391655
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=386 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=386 IP172.240.108.68:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=386 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=414 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=414 IP172.240.108.68:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=414 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=290 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=290 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=290 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:40:35 GMT
expires: Fri, 02 May 2025 22:40:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 108173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 182908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| disguisedgraceeveryday.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxFBEEJuURhDoIR3Nnunl%2B9ySGYxJXFNRuSiN5i%2FepJOdVdTVX39OyeggHJcfQv6P1mkyUaJDlGNMhswMOCmPG0iHvxLqiQs8w4OPqg6r1X3yv43vfeZ7vFMQlR0KNL75sdpTVdbdX92pmPguBcbVOlxaA2iNo32s1zNds%2Fu9au%2B2%2FW3pW8Z1ZDP%2FD9wA9q68rK2AxWpyBU9mAtqK%2F59WZYD1pNDOz%2Fc1d4cNSD6B%2BTV6DEZPmpdxKKj5EmDy9J18tN9tY7SaFpbiz6Yv%2BDtJeaMkWyCGPrIU7359Uw7tn6E5j07owuTP%2FfQqYmxPvhCVi6PycJ1t%2Bb8WQaMgUTL6LsjyH1GIqOwc1tKPGMAFzg8hbS5N5lY0u6%2FQ9Kp%2BiELD%2F%2FC6qckOVfTyJNvr6g1aB2zegiVyZ1GMQV1GAM1R0jKw6Q7yxBlQfg%2BadQ4key%2BnwTabK35bSBEkevx3EYcRb5K41G6K80aStcYe0wWOlw3mKRL%2Fygw2YCKTWGisfQcgjqPBTTozwUsYci85CIoxoPgqDjC079aI3zhuhI1hZ%2BQDtxQAO%2FHaHg0x6GyLMhuB6C21vI7C301OcT4r1wCrb4Hu5mBSc8uJygLyqUkqB0BCUlKBVBmROU%2Fequ0C501T2hXcGCuQ%2FnvlGNTN7dpXdN3pUpAbVDWFHtZsfk5amK3sePf0FPHtVkk8uQNRoxC%2F2I%2BxELmN%2FhURzLoBO0Gx04df%2Fi%2Bkqj2YxuBFBuadb8jpqQs2%2F8hExNyOk%2FToHRAzh9AK5eBS1eAy0r0JsVdtLHPSWcy43ddlTVmTZdl5m8zk0CYSpk%2BTLybW9XH5PTs%2BlubD2E5Ifnf2vMDNxWyGyFT9RTgq6%2BM7pqSrJ31ZSOPNrKcpWoHTqd%2FLWc5vLEl%2B%2FJ7dJYsXHJDe%2B%2FzafANHxwXbp8k6ZCpV1HvrqghJB23VguyXcb7kPJrhTu5oXCpkW2eeXi%2BkaSWemcMukYdLrEf1pwNSEvnb4%2BW%2Boz32xB2TFsUSEpDsncoMwYPLsFly34O0Ng9aKGZR7KohrZkC0etSLQcpFTVsH9J2eLeGTp9DdV1a67g65dAs1vI00q9G2Fvq5A9RCuODHKM3t4%2Fuc5DaaXRkzbpT2mrf5iJvP0egSnjmoNX3SYjGWHyWarGUsuWKvFfB5z1hBRxJG7Sdz69ve%2FAQAA%2F%2F8BAAD%2F%2Fz57HHauBAAA | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxFBEEJuURhDoIR3Nnunl%2B9ySGYxJXFNRuSiN5i%2FepJOdVdTVX39OyeggHJcfQv6P1mkyUaJDlGNMhswMOCmPG0iHvxLqiQs8w4OPqg6r1X3yv43vfeZ7vFMQlR0KNL75sdpTVdbdX92pmPguBcbVOlxaA2iNo32s1zNds%2Fu9au%2B2%2FW3pW8Z1ZDP%2FD9wA9q68rK2AxWpyBU9mAtqK%2F59WZYD1pNDOz%2Fc1d4cNSD6B%2BTV6DEZPmpdxKKj5EmDy9J18tN9tY7SaFpbiz6Yv%2BDtJeaMkWyCGPrIU7359Uw7tn6E5j07owuTP%2FfQqYmxPvhCVi6PycJ1t%2Bb8WQaMgUTL6LsjyH1GIqOwc1tKPGMAFzg8hbS5N5lY0u6%2FQ9Kp%2BiELD%2F%2FC6qckOVfTyJNvr6g1aB2zegiVyZ1GMQV1GAM1R0jKw6Q7yxBlQfg%2BadQ4key%2BnwTabK35bSBEkevx3EYcRb5K41G6K80aStcYe0wWOlw3mKRL%2Fygw2YCKTWGisfQcgjqPBTTozwUsYci85CIoxoPgqDjC079aI3zhuhI1hZ%2BQDtxQAO%2FHaHg0x6GyLMhuB6C21vI7C301OcT4r1wCrb4Hu5mBSc8uJygLyqUkqB0BCUlKBVBmROU%2Fequ0C501T2hXcGCuQ%2FnvlGNTN7dpXdN3pUpAbVDWFHtZsfk5amK3sePf0FPHtVkk8uQNRoxC%2F2I%2BxELmN%2FhURzLoBO0Gx04df%2Fi%2Bkqj2YxuBFBuadb8jpqQs2%2F8hExNyOk%2FToHRAzh9AK5eBS1eAy0r0JsVdtLHPSWcy43ddlTVmTZdl5m8zk0CYSpk%2BTLybW9XH5PTs%2BlubD2E5Ifnf2vMDNxWyGyFT9RTgq6%2BM7pqSrJ31ZSOPNrKcpWoHTqd%2FLWc5vLEl%2B%2FJ7dJYsXHJDe%2B%2FzafANHxwXbp8k6ZCpV1HvrqghJB23VguyXcb7kPJrhTu5oXCpkW2eeXi%2BkaSWemcMukYdLrEf1pwNSEvnb4%2BW%2Boz32xB2TFsUSEpDsncoMwYPLsFly34O0Ng9aKGZR7KohrZkC0etSLQcpFTVsH9J2eLeGTp9DdV1a67g65dAs1vI00q9G2Fvq5A9RCuODHKM3t4%2Fuc5DaaXRkzbpT2mrf5iJvP0egSnjmoNX3SYjGWHyWarGUsuWKvFfB5z1hBRxJG7Sdz69ve%2FAQAA%2F%2F8BAAD%2F%2Fz57HHauBAAA IP172.240.108.68:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxFBEEJuURhDoIR3Nnunl%2B9ySGYxJXFNRuSiN5i%2FepJOdVdTVX39OyeggHJcfQv6P1mkyUaJDlGNMhswMOCmPG0iHvxLqiQs8w4OPqg6r1X3yv43vfeZ7vFMQlR0KNL75sdpTVdbdX92pmPguBcbVOlxaA2iNo32s1zNds%2Fu9au%2B2%2FW3pW8Z1ZDP%2FD9wA9q68rK2AxWpyBU9mAtqK%2F59WZYD1pNDOz%2Fc1d4cNSD6B%2BTV6DEZPmpdxKKj5EmDy9J18tN9tY7SaFpbiz6Yv%2BDtJeaMkWyCGPrIU7359Uw7tn6E5j07owuTP%2FfQqYmxPvhCVi6PycJ1t%2Bb8WQaMgUTL6LsjyH1GIqOwc1tKPGMAFzg8hbS5N5lY0u6%2FQ9Kp%2BiELD%2F%2FC6qckOVfTyJNvr6g1aB2zegiVyZ1GMQV1GAM1R0jKw6Q7yxBlQfg%2BadQ4key%2BnwTabK35bSBEkevx3EYcRb5K41G6K80aStcYe0wWOlw3mKRL%2Fygw2YCKTWGisfQcgjqPBTTozwUsYci85CIoxoPgqDjC079aI3zhuhI1hZ%2BQDtxQAO%2FHaHg0x6GyLMhuB6C21vI7C301OcT4r1wCrb4Hu5mBSc8uJygLyqUkqB0BCUlKBVBmROU%2Fequ0C501T2hXcGCuQ%2FnvlGNTN7dpXdN3pUpAbVDWFHtZsfk5amK3sePf0FPHtVkk8uQNRoxC%2F2I%2BxELmN%2FhURzLoBO0Gx04df%2Fi%2Bkqj2YxuBFBuadb8jpqQs2%2F8hExNyOk%2FToHRAzh9AK5eBS1eAy0r0JsVdtLHPSWcy43ddlTVmTZdl5m8zk0CYSpk%2BTLybW9XH5PTs%2BlubD2E5Ifnf2vMDNxWyGyFT9RTgq6%2BM7pqSrJ31ZSOPNrKcpWoHTqd%2FLWc5vLEl%2B%2FJ7dJYsXHJDe%2B%2FzafANHxwXbp8k6ZCpV1HvrqghJB23VguyXcb7kPJrhTu5oXCpkW2eeXi%2BkaSWemcMukYdLrEf1pwNSEvnb4%2BW%2Boz32xB2TFsUSEpDsncoMwYPLsFly34O0Ng9aKGZR7KohrZkC0etSLQcpFTVsH9J2eLeGTp9DdV1a67g65dAs1vI00q9G2Fvq5A9RCuODHKM3t4%2Fuc5DaaXRkzbpT2mrf5iJvP0egSnjmoNX3SYjGWHyWarGUsuWKvFfB5z1hBRxJG7Sdz69ve%2FAQAA%2F%2F8BAAD%2F%2Fz57HHauBAAA HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 04:43:28 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a2e75b1612be6583de064a1e9d57339
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| disguisedgraceeveryday.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1disguisedgraceeveryday.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdisguisedgraceeveryday.com Fingerprint16:DC:B3:22:C8:B6:B2:82:32:C9:AC:95:10:84:7F:8B:4A:4F:AE:EF ValidityTue, 30 Apr 2024 15:31:31 GMT - Mon, 29 Jul 2024 15:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: disguisedgraceeveryday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: u_pl=23116251; uid_id2=ff28cb80-3320-4a52-b621-7cc5b80d017b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| kidsstorysai.blogspot.com/favicon.ico | 216.58.207.193 | 200 OK | 412 B |
URL GET HTTP/3kidsstorysai.blogspot.com/favicon.ico IP216.58.207.193:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: kidsstorysai.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e%3A2%3A1; pp_main_343805875c0264c5b68b9d0061ac1953=1; sb_main_e4ce2b33fb208c08b1b07c8ffe171637=1; sb_count_e4ce2b33fb208c08b1b07c8ffe171637=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=bypassmaestro.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=disguisedgraceeveryday.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type: image/x-icon; charset=UTF-8
expires: Sat, 04 May 2024 04:43:29 GMT
date: Sat, 04 May 2024 04:43:29 GMT
cache-control: private, max-age=86400
last-modified: Fri, 03 May 2024 12:42:32 GMT
etag: W/"c5c55f94a29486c1ae23cce2e926b3a6228094775f8fdc75c4c4157ff0f62376"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP188.114.97.1:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:27 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhuHPu0RUnXkz28H1P%2BSsGL%2Fm27KvxyFuoCF1YOS04bUxLajiCjoL087FcEI3IhtcsBr1XHXhL%2BDccrYGHb1H4hTQsYp9Mis044LsGJTSoStzPxNNboqKuS5BwrafmQxbpnEquBpRJB8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5d4767b5656b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 188.114.97.1 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP188.114.97.1:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash630f303dfe147dec2c4a226287393b69 3e9f8270b84e09595181bd55de6785a89f53ba10 967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:27 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6SvL9b4EBi21smY4JBTyltzsgxFyTux%2FWYQzdSUBPimUe2VOgU4DRcYjEYKN4E2GQulaho3AMnGWJJ%2FENk3ocIQmsS873lXpiODuvdGCp49HqGG7D1u6cyem5D5cFG8Xe68nZGGAUwnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5d4766b4f56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.youtube.com/vi/gLLTusjSps0/0.jpg | 142.250.74.78 | 200 OK | 24 kB |
URL GET HTTP/2img.youtube.com/vi/gLLTusjSps0/0.jpg IP142.250.74.78:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3 Hash6c9572bac929e11c1819a24d1a30b698 e00f8597fbf73e03a8dd8c486c522a2ab8071de0 54316316b70cb5acbd1f08b6eda606d06184e974a2d29a2a0c208302a3ffbd9b
GET /vi/gLLTusjSps0/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 23510
date: Sat, 04 May 2024 04:43:27 GMT
expires: Sat, 04 May 2024 06:43:27 GMT
cache-control: public, max-age=7200
etag: "1620202594"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 188.114.97.1 | 200 OK | 382 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP188.114.97.1:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (411), with no line terminators Hash9ffae600059bf4e6adb35ebb274ae385 6130e466c04551baa2a5d650e6bd5a87daba73a7 a7d15e051fb3d3c31494683306bb7752478354894825b110d26d333cbeaaeb39
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kidsstorysai.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:27 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHIVBYNOcjlIQHvZHj7dezvkx0chtiM3YgE8%2BhuIY%2B5P6QoRNgzSeu%2Ft8fZBqN55GBr%2BrEKIqL6tx5OvV6OBqcOOcqNmxVDNnR%2FNEEomjtJbOjrGu%2FO8zEFjWFDJEz0Ar%2B8JrNqZtcap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5d4772bb756b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP188.114.97.1:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:27 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 303951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trCYF9aNKAzGtll3jybXChff12XoaYNJ3u4Ub6owgj8goViFDYIhvvzDju3XuCUqBr8Z8kZw%2FAoUbK7NSOQ4VdbYsA4yWKe9%2FCvehh2gvoJoe1Qgg4nV5tu2KCWaHoJbB3UA%2BEcepcH8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e5d476ab7256b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:24 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9e01696f4dd85a48838a9ea9ee82ef4a
cdn-cache: HIT
cf-cache-status: HIT
age: 303949
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5d463c8d556c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 04:43:27 GMT
date: Sat, 04 May 2024 04:43:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=343805875c0264c5b68b9d0061ac1953&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=343805875c0264c5b68b9d0061ac1953&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=343805875c0264c5b68b9d0061ac1953&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59313ca13ee84377c6660e551c747d59
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e4ce2b33fb208c08b1b07c8ffe171637&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e4ce2b33fb208c08b1b07c8ffe171637&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=7c30e9d3-a083-45fa-bea9-cd3d1cdb301e&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e4ce2b33fb208c08b1b07c8ffe171637&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 04:43:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e20d7dade67a82d7a878dead1edbecfc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/bi/0a/53/90/0a53908c9034476078b3f956b9663221/1595867552.jpeg | 45.133.44.9 | 200 OK | 26 kB |
URL GET HTTP/2cdn.cloudimagesb.com/bi/0a/53/90/0a53908c9034476078b3f956b9663221/1595867552.jpeg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://kidsstorysai.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3 Hash3e1892e0453f03d4ec6a0b45987918c5 82fb49dde6bed053485f2614e8f2fef6c8296387 3ffc29b8b73ec8921b9595e98665d1e2886fce31ffcc8fea2cd0ba5eb612cd89
GET /bi/0a/53/90/0a53908c9034476078b3f956b9663221/1595867552.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kidsstorysai.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:43:26 GMT
content-type: image/jpeg
content-length: 26445
server: nginx/1.21.6
last-modified: Mon, 27 Jul 2020 16:32:35 GMT
etag: "5f1f01a3-674d"
expires: Mon, 06 May 2024 04:43:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|