ocsp.pki.goog/gts1c3
472 B IP
Hash 11428f669a78b9590668faeac6f11163
4d0cd300ee04649eb98f53fe5e3b00f33cab04ab
5849cca08de7b7d0aa64f18b12542e31a194081f276123f9de442109ae5622c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fitnut4dummies.blogspot.nl/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
240 B URL fitnut4dummies.blogspot.nl/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c1da8e20a951ffc899173907db4c2b9c
e4cff227d129ac615403301e911da72c0b6e021a
f099645312ce52f4d12cc5be801fef89e136cde1b9348ce1e56336ced8e2d9c0
GET /search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1 HTTP/1.1
Host: fitnut4dummies.blogspot.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://fitnut4dummies.blogspot.com/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 19 Sep 2023 18:46:31 GMT
expires: Tue, 19 Sep 2023 18:46:31 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 240
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash ee6dd3d5e439506c1c5d882849b6871e
62243782389a088216d40b2bf0684b4fa6fc5728
e499212218f87a738674cdeeda68c4ec05bf8bd780fd89125f5287b776595ca7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 11428f669a78b9590668faeac6f11163
4d0cd300ee04649eb98f53fe5e3b00f33cab04ab
5849cca08de7b7d0aa64f18b12542e31a194081f276123f9de442109ae5622c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fitnut4dummies.blogspot.com/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
17 kB URL fitnut4dummies.blogspot.com/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1551)
Hash d9b0d39ce2b79bda76ac47db1a4e8861
a95c66bb407c823c4a635ef1f56bd94c6a6492de
24f588fb4b493a63698a28cc72da07aaaa9efa4850da5a006993c9b0f1b7180e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1 HTTP/1.1
Host: fitnut4dummies.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type: text/html; charset=UTF-8
expires: Tue, 19 Sep 2023 18:46:32 GMT
date: Tue, 19 Sep 2023 18:46:32 GMT
cache-control: private, max-age=0
last-modified: Tue, 15 Aug 2023 13:19:21 GMT
etag: W/"7570f22ea793e579545dc06518451c4f3e4bfb7a0ae13fce78c4a2ddd8d5d119"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fitnut4dummies.blogspot.com/js/cookienotice.js
2.0 kB URL fitnut4dummies.blogspot.com/js/cookienotice.js
IP
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/cookienotice.js HTTP/1.1
Host: fitnut4dummies.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Tue, 19 Sep 2023 18:46:32 GMT
expires: Tue, 26 Sep 2023 18:46:32 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 16:55:46 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash 9f0e261ab8e2a186c6abcb7311a0a9b1
5b2521de7c88b8f767301d6976696b49224ee36c
8c4a73c04f1e533a06f2f6a82e8946c188d432ce04702525b59dd59bb912cce9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
7.8 kB URL www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 20:27:35 GMT
expires: Tue, 17 Sep 2024 20:27:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 14:53:49 GMT
content-type: text/css
vary: Accept-Encoding
age: 80337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 7c6c4ab403868ce33ede1ab6647ba1f5
574286bad8cc750c13bae961e4ca9f949b7b0bab
2808d998194c57f0f000205adc947b346de85ce853383f4126c1bb0c868e647a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 9f0e261ab8e2a186c6abcb7311a0a9b1
5b2521de7c88b8f767301d6976696b49224ee36c
8c4a73c04f1e533a06f2f6a82e8946c188d432ce04702525b59dd59bb912cce9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a10c9ef71e1a6040cd98a8096dc61bbc
f033990641f4e87522f5b83d2fcdc269eda0dba9
bdfa32272569ad79c2959e7cd1240f7181c27144ce71b23a45742c0c55aa964e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_edit_allbkg.gif
162 B URL resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 21:35:00 GMT
expires: Mon, 25 Sep 2023 21:35:00 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 04:53:16 GMT
content-type: image/gif
age: 76292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon_feed12.png
500 B URL resources.blogblog.com/img/icon_feed12.png
IP
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 44e7355a788fd1082deff0018883758e
50e3a28a44978e85d13c30522e0c71c8d0b24675
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
GET /img/icon_feed12.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 08:29:49 GMT
expires: Mon, 25 Sep 2023 08:29:49 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 07:53:52 GMT
content-type: image/png
age: 123403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/arrow_dropdown.gif
141 B URL resources.blogblog.com/img/widgets/arrow_dropdown.gif
IP
File type GIF image data, version 89a, 13 x 10\012- data
Hash 2964a07d60a4e76b299130fb1b4115f6
3b72dcc19f3ad685513eaba612e07e0ed495f2e1
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
GET /img/widgets/arrow_dropdown.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 15:33:08 GMT
expires: Mon, 25 Sep 2023 15:33:08 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 07:53:52 GMT
content-type: image/gif
age: 98004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-netvibes.png
1.4 kB URL resources.blogblog.com/img/widgets/subscribe-netvibes.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash c52a5f4ecb6be5d7e93b23ef4122ee4e
4e698a5f455daf3a8ea1e219b1998079f0546716
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
GET /img/widgets/subscribe-netvibes.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 19:03:46 GMT
expires: Mon, 25 Sep 2023 19:03:46 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 05:51:50 GMT
content-type: image/png
age: 85366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-yahoo.png
580 B URL resources.blogblog.com/img/widgets/subscribe-yahoo.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash 79f602b6ac18bee79b4e2353a6674010
28accf82263aa1a11bb821439d4d185865662530
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
GET /img/widgets/subscribe-yahoo.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 04:21:54 GMT
expires: Tue, 26 Sep 2023 04:21:54 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 22:55:11 GMT
content-type: image/png
age: 51878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1465578468-widgets.js
58 kB URL www.blogger.com/static/v1/widgets/1465578468-widgets.js
IP
File type ASCII text, with very long lines (2215)
Hash a1cb4046392479f1acaeeba88535eaee
65ac5b085dd4b87ef3dbfe271254bd1d742f1abb
d49c1e3a643794375db57ab0f237a97a189577f3e822d8512ed383f95941dde8
GET /static/v1/widgets/1465578468-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57929
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 09:00:41 GMT
expires: Wed, 18 Sep 2024 09:00:41 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 15 Sep 2023 13:53:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 35151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mzt2jgWwZSkLiFOLoHH5sAFcRwtRBWfEQTjk2DXnHps3bDn9FOiiZaQrtygR3D2TazhwpZRvK-k35w4EpI9pvgHCN1_WwhkoZCwJKNOuzXD8A4rv15Mbg=s0-d
1.2 kB URL lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mzt2jgWwZSkLiFOLoHH5sAFcRwtRBWfEQTjk2DXnHps3bDn9FOiiZaQrtygR3D2TazhwpZRvK-k35w4EpI9pvgHCN1_WwhkoZCwJKNOuzXD8A4rv15Mbg=s0-d
IP
File type GIF image data, version 89a, 173 x 29\012- data
Hash 0903ae6a4f18cff21a1a91e9a08059a6
4e67e9d33964f406b17f1e566c92b1f74428c06f
093a055c6df5c899762a2e843fd7187d4b7e8b9e5cf2df5e0425dd0210b7990f
GET /blogger_img_proxy/AAOd8Mzt2jgWwZSkLiFOLoHH5sAFcRwtRBWfEQTjk2DXnHps3bDn9FOiiZaQrtygR3D2TazhwpZRvK-k35w4EpI9pvgHCN1_WwhkoZCwJKNOuzXD8A4rv15Mbg=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.gif"
x-content-type-options: nosniff
server: fife
content-length: 1204
x-xss-protection: 0
date: Tue, 19 Sep 2023 17:55:46 GMT
expires: Wed, 20 Sep 2023 17:55:46 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/gif
vary: Origin
age: 3046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
22 kB URL apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (2664)
Hash bc0c02039629e33a0f670270feb69b5f
74ea07e932b0800171297bca3b64c71d7c409bf3
13499aaf026263e1df495859efe16fc7e928d087b1206a593594cc7bee4728a0
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21840
date: Tue, 19 Sep 2023 18:46:32 GMT
expires: Tue, 19 Sep 2023 18:46:32 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6d6113196b448c31"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 3050f8e9fc21f3199fe194b0eb9a7b42
1c05b867d9fd08afefeb8e919e90006f24a913b4
2fd4fad4b095b269298a40660c643fa68c923cc6a06e593dfc0eaad9d48325d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mz2DYMFmzZ7RHrheDtTp5vPZVXBAYFq1_3NH-JHRRgT5XSZNTw0SzQdHSXng5eAxmPLix7Ot5Abd_h-uLd9_tdyNXKIMFiWi2w=w72-h72-p-k-no-nu
1.7 kB URL lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mz2DYMFmzZ7RHrheDtTp5vPZVXBAYFq1_3NH-JHRRgT5XSZNTw0SzQdHSXng5eAxmPLix7Ot5Abd_h-uLd9_tdyNXKIMFiWi2w=w72-h72-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 88f1f3316246c07d0b41012a5c1e8387
f6b74fb170dd7d17a9f5e03548aec6c3d2a948e9
43668bd0fd82f7bbae92bcdc635408d569a8de96204a652911b307bfd4bf4956
GET /blogger_img_proxy/AAOd8Mz2DYMFmzZ7RHrheDtTp5vPZVXBAYFq1_3NH-JHRRgT5XSZNTw0SzQdHSXng5eAxmPLix7Ot5Abd_h-uLd9_tdyNXKIMFiWi2w=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:32 GMT
server: fife
content-length: 1700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AAOd8MwejbSt_-aTt2DGSuoR9CI0OxMJbr0pz1bd4d2k5ZPS71_zT0WoophcMrVtMD12I2QhOLIMvzJT6bFiOXbnfbfE_ogQjeTrdXs=w72-h72-p-k-no-nu
1.7 kB URL lh3.googleusercontent.com/blogger_img_proxy/AAOd8MwejbSt_-aTt2DGSuoR9CI0OxMJbr0pz1bd4d2k5ZPS71_zT0WoophcMrVtMD12I2QhOLIMvzJT6bFiOXbnfbfE_ogQjeTrdXs=w72-h72-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 16f0086499b09e0eb579b6be263abe31
fdbe8c61ceff2fc453f60d10660a9e5af29b6b01
e5415e8348107e0f957c1e158d9cc0b5c5ddc37c61aef143222008db8503ae6d
GET /blogger_img_proxy/AAOd8MwejbSt_-aTt2DGSuoR9CI0OxMJbr0pz1bd4d2k5ZPS71_zT0WoophcMrVtMD12I2QhOLIMvzJT6bFiOXbnfbfE_ogQjeTrdXs=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:32 GMT
server: fife
content-length: 1700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 9f0e261ab8e2a186c6abcb7311a0a9b1
5b2521de7c88b8f767301d6976696b49224ee36c
8c4a73c04f1e533a06f2f6a82e8946c188d432ce04702525b59dd59bb912cce9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-xY65EmAHrUI/UuP8b4nAIsI/AAAAAAAABfc/jGzDU2MSZz8/w72-h72-p-k-no-nu/IMG_3728.jpg
3.2 kB URL 3.bp.blogspot.com/-xY65EmAHrUI/UuP8b4nAIsI/AAAAAAAABfc/jGzDU2MSZz8/w72-h72-p-k-no-nu/IMG_3728.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c0b62ffad531f0741a7605a5dfff63b7
f9cfac71c0b4aad1b2964ea88f3bd488b8903856
20bac512b8e825dc0d2b815ef08049217231dbcfda8d33cd4014d18938a7cfe1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-xY65EmAHrUI/UuP8b4nAIsI/AAAAAAAABfc/jGzDU2MSZz8/w72-h72-p-k-no-nu/IMG_3728.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "va97"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_3728.jpg"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 3184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 9f0e261ab8e2a186c6abcb7311a0a9b1
5b2521de7c88b8f767301d6976696b49224ee36c
8c4a73c04f1e533a06f2f6a82e8946c188d432ce04702525b59dd59bb912cce9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/show_ads.js
7.9 kB URL pagead2.googlesyndication.com/pagead/show_ads.js
IP
File type ASCII text, with very long lines (3722)
Hash fdea1ef6a5c02b30e1d4aa086a85a018
a111d34620ea48da630ad2f42edb8d1cade2177d
82f9d13ed4be172c5596eaa09df534e5346725b1df0effc6586d20ec32bc332b
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 19 Sep 2023 18:46:33 GMT
expires: Tue, 19 Sep 2023 18:46:33 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4542012592935299849
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-YfryySMhYXI/UvFokFDSOWI/AAAAAAAABk8/h7EAuHMTl4I/w72-h72-p-k-no-nu/IMG_0136.jpg
2.9 kB URL 3.bp.blogspot.com/-YfryySMhYXI/UvFokFDSOWI/AAAAAAAABk8/h7EAuHMTl4I/w72-h72-p-k-no-nu/IMG_0136.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 40581ff938d9e8efa47f725fe75a7ac6
f6c4189554056f2ab10d4049aace737c78a01e8d
b026843ef940851d8821910359c2240a3cafeaaec39422e025d248cbb59aa414
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-YfryySMhYXI/UvFokFDSOWI/AAAAAAAABk8/h7EAuHMTl4I/w72-h72-p-k-no-nu/IMG_0136.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "va9d"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_0136.jpg"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 2938
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-PjC_1onnouM/TzOaXgERFnI/AAAAAAAAANc/pMpcEw_2yw4/w72-h72-p-k-no-nu/IMG_0877.JPG
3.4 kB URL 4.bp.blogspot.com/-PjC_1onnouM/TzOaXgERFnI/AAAAAAAAANc/pMpcEw_2yw4/w72-h72-p-k-no-nu/IMG_0877.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 76a15fdcb463514e579508b7add3b1a0
b3ca0344a7d8509f54f01b385f7b7fff34011749
e42fcb3d9917f22b93dc6d49a2a30563af882651a5eb8a97a6ccbcd77e96e393
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-PjC_1onnouM/TzOaXgERFnI/AAAAAAAAANc/pMpcEw_2yw4/w72-h72-p-k-no-nu/IMG_0877.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vc5a"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_0877.JPG"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 3438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-CcXWdfFX81w/Taro-1qDqCI/AAAAAAAAAAU/tCsm6M9jQhI/s1600/banner%2Bprovs.jpg
39 kB URL 3.bp.blogspot.com/-CcXWdfFX81w/Taro-1qDqCI/AAAAAAAAAAU/tCsm6M9jQhI/s1600/banner%2Bprovs.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 900x200, components 3\012- data
Hash 190191f70232d843bba6dff3dae8cd0c
a1e73a6a65dbf8d835b00da41f5a6df4377b45a3
6e8a1f1d3fb7d2e115d83ab8c96becbd4da9b5600b45a59ce8616a2c660e41f9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-CcXWdfFX81w/Taro-1qDqCI/AAAAAAAAAAU/tCsm6M9jQhI/s1600/banner%2Bprovs.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner provs.jpg"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 38674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-yR0JHu9_Rlc/Tft6DVw1hQI/AAAAAAAAAGI/94sLam2hCj0/w72-h72-p-k-no-nu/metaboliche.png
4.5 kB URL 4.bp.blogspot.com/-yR0JHu9_Rlc/Tft6DVw1hQI/AAAAAAAAAGI/94sLam2hCj0/w72-h72-p-k-no-nu/metaboliche.png
IP
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 7dfe164f4bd5f24ce0299fa5e8a693f2
6abd5e2cb19d8232a0ea00c02bae43f1400a045d
390b8283a4ac06fa6c420c6ee10e5daf5edff17f9c9596a4ec59cfc390bf7a6f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-yR0JHu9_Rlc/Tft6DVw1hQI/AAAAAAAAAGI/94sLam2hCj0/w72-h72-p-k-no-nu/metaboliche.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v62"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="metaboliche.png"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 4454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash fe704f1fc624b4900172e83e20ad7c95
584b993ed1557e607362f7ba7f34b7b588c409ad
32c845313425787f331e7b2173d258f5f2f878e8a876b32bbb2b1e275d6ca705
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 64ed688baf8887c3e918f1a762cdc5b2
057b28a887cac1050b7c08d5647a1e4d8b416ebf
267244dad1693002d314ef71cc0317d4d942c4740009aacafac6a6ab7900a712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-Gcynry7Pbpc/UTCxgnty1tI/AAAAAAAAA-o/COnn7nPWjw0/w72-h72-p-k-no-nu/008.JPG
3.8 kB URL 1.bp.blogspot.com/-Gcynry7Pbpc/UTCxgnty1tI/AAAAAAAAA-o/COnn7nPWjw0/w72-h72-p-k-no-nu/008.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a22ee681af03834444f3fa1bc83b2848
e9b9b44fff6303073143e4d369339778317456ab
adc1bba681419f01e498c39496c7373162fc38df7ce76c46fe539bf5f8c7f739
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Gcynry7Pbpc/UTCxgnty1tI/AAAAAAAAA-o/COnn7nPWjw0/w72-h72-p-k-no-nu/008.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3eb"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="008.JPG"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 3824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-LlL_iV7luKc/Uyd30Imz2NI/AAAAAAAACRs/-ZHmoODiEEU/w72-h72-p-k-no-nu/IMG_4129.jpg
2.9 kB URL 1.bp.blogspot.com/-LlL_iV7luKc/Uyd30Imz2NI/AAAAAAAACRs/-ZHmoODiEEU/w72-h72-p-k-no-nu/IMG_4129.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash bca474bca526d49892b53b347fbba1e7
2e288d28936e81e1335da91583323b17ca066d0a
88ea68b234e8358eb40acb061bf9b8c86d3c99cbe70c4a5e675fcb77f0912173
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-LlL_iV7luKc/Uyd30Imz2NI/AAAAAAAACRs/-ZHmoODiEEU/w72-h72-p-k-no-nu/IMG_4129.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "va53"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_4129.jpg"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 2928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 5edd9547dfabd68a235178dd7f5ebac2
48801897d490b1b7c4d4b87c291eb8b094c0f109
10808a6d5adbac605187a63d862cb9629c633fe48d459805581274a39681c4f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 19 Sep 2023 18:46:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
42 B URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Tue, 19 Sep 2023 14:42:48 GMT
expires: Tue, 03 Oct 2023 14:42:48 GMT
cache-control: public, max-age=1209600
age: 14625
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs
61 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1368)
Hash 60cb3b69fb3e3b24891141159eb940ad
8b183b5d8df902f7919cec452bce4c7f1bd950a7
6bbd65596c2e3d24a2d396fbf8753545e8d6a3fe2a7467f9ef4e1b4c2a0494f9
GET /_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61126
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 22:31:53 GMT
expires: Tue, 17 Sep 2024 22:31:53 GMT
cache-control: public, max-age=31536000
age: 72880
last-modified: Wed, 02 Aug 2023 15:23:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lh3.googleusercontent.com/blogger_img_proxy/AAOd8MzdAK6Img1kmVa3vk7Z5e40iZT9ZArHohHhu1o-6iLeSb1ZWTK9M8mXAJp2bzsQmxJlTLxzpdgNZxqEmoNVIrFHdXoX3ni0xSBIEj4mSawvZItECZToJAGaIA2_7NfWki73pjgWljiatYd0GTsDNYtkofwPNGXe=w72-h72-p-k-no-nu
8.3 kB URL lh3.googleusercontent.com/blogger_img_proxy/AAOd8MzdAK6Img1kmVa3vk7Z5e40iZT9ZArHohHhu1o-6iLeSb1ZWTK9M8mXAJp2bzsQmxJlTLxzpdgNZxqEmoNVIrFHdXoX3ni0xSBIEj4mSawvZItECZToJAGaIA2_7NfWki73pjgWljiatYd0GTsDNYtkofwPNGXe=w72-h72-p-k-no-nu
IP
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash f843e5d8a151f6ccbb209729ce858d42
9257cc7650ff9f132bdaeec70fd19491c9b660f7
624c2c267e8d4a155cf2a9fbc9b00351f483996ad62fbcd56a8ba56cb47bcf74
GET /blogger_img_proxy/AAOd8MzdAK6Img1kmVa3vk7Z5e40iZT9ZArHohHhu1o-6iLeSb1ZWTK9M8mXAJp2bzsQmxJlTLxzpdgNZxqEmoNVIrFHdXoX3ni0xSBIEj4mSawvZItECZToJAGaIA2_7NfWki73pjgWljiatYd0GTsDNYtkofwPNGXe=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 8321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogblog.com/1kt/awesomeinc/header_gradient_artsy.png
83 B URL www.blogblog.com/1kt/awesomeinc/header_gradient_artsy.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 24666ebe4be8cf496cc7a409826f9d9c
758b645a214e23ea3401daa783d8eab527b94179
c6e665e63cf4c57878281dca273bd1bdca1dbc841740bcaf30e18cef9ac81446
GET /1kt/awesomeinc/header_gradient_artsy.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 83
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 08:11:11 GMT
expires: Tue, 26 Sep 2023 08:11:11 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 00:57:57 GMT
content-type: image/png
age: 38122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogblog.com/1kt/awesomeinc/tabs_gradient_artsy.png
82 B URL www.blogblog.com/1kt/awesomeinc/tabs_gradient_artsy.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 73336b9c5df097d0474629bff544f7c8
8332df4ebc9b264ae8655d62c9e938181badd786
f59ba6fa947e94570a92a8d3df697cb9b9db33cfebb87a7c652f05ee6e79945e
GET /1kt/awesomeinc/tabs_gradient_artsy.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 82
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 00:28:01 GMT
expires: Tue, 26 Sep 2023 00:28:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 14:53:49 GMT
content-type: image/png
age: 65912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/dyn-css/authorization.css?targetBlogID=6151912036471170949&zx=e1553e01-bd8f-4a7b-8de1-90d99e441a7a
21 B URL www.blogger.com/dyn-css/authorization.css?targetBlogID=6151912036471170949&zx=e1553e01-bd8f-4a7b-8de1-90d99e441a7a
IP
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=6151912036471170949&zx=e1553e01-bd8f-4a7b-8de1-90d99e441a7a HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 19 Sep 2023 18:46:33 GMT
last-modified: Tue, 19 Sep 2023 18:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
themes.googleusercontent.com/image?id=1CwJW5m0Ws7aa94aruzb_ThRKyT7L21QZWeRE6VCvWEmEVSvK7EiC-EIxpnn1EijGlfAK&options=w1600
393 kB URL themes.googleusercontent.com/image?id=1CwJW5m0Ws7aa94aruzb_ThRKyT7L21QZWeRE6VCvWEmEVSvK7EiC-EIxpnn1EijGlfAK&options=w1600
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1424, components 3\012- data
Size 393 kB (393072 bytes)
Hash bee0de703317d63ae45ab491d90e56fe
5454ea27374ee42301f58a0a1482f503133bb87b
4e4214b0a1f8aafb6f947a1bb45890af32a0882fbd101028d9c60cc8c0e103dd
GET /image?id=1CwJW5m0Ws7aa94aruzb_ThRKyT7L21QZWeRE6VCvWEmEVSvK7EiC-EIxpnn1EijGlfAK&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 20 Sep 2023 18:46:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 18:46:33 GMT
server: fife
content-length: 393072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/navbar.g?targetBlogID=6151912036471170949&blogName=Fitness+%26+Nutrition+FOR+DUMMIES&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://fitnut4dummies.blogspot.com/search&blogLocale=it&v=2&homepageUrl=https://fitnut4dummies.blogspot.com/&vt=-502111868068700872&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IoxrLNdlTyI.O%2Fd%3D1%2Frs%3DAHpOoo9N48n3oloz8UTxoCozKcpUKaADkg%2Fm%3D__features__
2.6 kB URL www.blogger.com/navbar.g?targetBlogID=6151912036471170949&blogName=Fitness+%26+Nutrition+FOR+DUMMIES&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://fitnut4dummies.blogspot.com/search&blogLocale=it&v=2&homepageUrl=https://fitnut4dummies.blogspot.com/&vt=-502111868068700872&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IoxrLNdlTyI.O%2Fd%3D1%2Frs%3DAHpOoo9N48n3oloz8UTxoCozKcpUKaADkg%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Hash a018fb92a13a447625aae01c4752f270
e49f904f80af67ab77b7ab2b279610d28a34ba7b
7124cc9d6ccde3c5c07d1e9592d719ca51b251d4c55b46dec5c0e2de3d72a0bf
GET /navbar.g?targetBlogID=6151912036471170949&blogName=Fitness+%26+Nutrition+FOR+DUMMIES&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://fitnut4dummies.blogspot.com/search&blogLocale=it&v=2&homepageUrl=https://fitnut4dummies.blogspot.com/&vt=-502111868068700872&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IoxrLNdlTyI.O%2Fd%3D1%2Frs%3DAHpOoo9N48n3oloz8UTxoCozKcpUKaADkg%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 19 Sep 2023 18:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2609
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/icons_peach.png
907 B URL resources.blogblog.com/img/navbar/icons_peach.png
IP
File type PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Hash 3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 02:45:24 GMT
expires: Tue, 26 Sep 2023 02:45:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 11:52:55 GMT
content-type: image/png
age: 57670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/arrows-light.png
200 OK 117 B URL GET HTTP/3 resources.blogblog.com/img/navbar/arrows-light.png
IP
Requested by https://www.blogger.com/navbar.g?targetBlogID=6151912036471170949&blogName=Fitness+%26+Nutrition+FOR+DUMMIES&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://fitnut4dummies.blogspot.com/search&blogLocale=it&v=2&homepageUrl=https://fitnut4dummies.blogspot.com/&vt=-502111868068700872&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IoxrLNdlTyI.O%2Fd%3D1%2Frs%3DAHpOoo9N48n3oloz8UTxoCozKcpUKaADkg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Ffitnut4dummies.blogspot.com&pfname=&rpctoken=36599493
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint0A:37:73:3D:BD:C2:5F:FA:38:2B:9B:AB:96:77:54:94:B6:E3:4A:EE
ValidityMon, 14 Aug 2023 08:16:07 GMT - Mon, 06 Nov 2023 08:16:06 GMT
File type PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 02:56:18 GMT
expires: Tue, 26 Sep 2023 02:56:18 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 01:56:24 GMT
content-type: image/png
age: 57016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/js/platform:gapi.iframes.style.common.js
22 kB URL apis.google.com/js/platform:gapi.iframes.style.common.js
IP
File type ASCII text, with very long lines (2664)
Hash 3e680d5a22266127e8a36263d1aff76d
792c1e4b9c3082d83eadb73e0a171f5af216b74b
646858dc6120e933f6d0951560063dea27b2cbf64693f5b3e45d637166266de1
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21850
date: Tue, 19 Sep 2023 18:46:34 GMT
expires: Tue, 19 Sep 2023 18:46:34 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3da185580d4f9ca7"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs
200 OK 46 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs
IP
Requested by https://www.blogger.com/navbar.g?targetBlogID=6151912036471170949&blogName=Fitness+%26+Nutrition+FOR+DUMMIES&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://fitnut4dummies.blogspot.com/search&blogLocale=it&v=2&homepageUrl=https://fitnut4dummies.blogspot.com/&vt=-502111868068700872&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IoxrLNdlTyI.O%2Fd%3D1%2Frs%3DAHpOoo9N48n3oloz8UTxoCozKcpUKaADkg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Ffitnut4dummies.blogspot.com&pfname=&rpctoken=36599493
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (1368)
Hash 6ad382fa50a2250514d6142072a647f4
316d68172c63ff03f82bb644b5a1ef54149ae818
6c34aa6863dc470b805525b8db49e29a2946b73cc81c1ab6b558efd49a5b2efe
GET /_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45681
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 22:31:54 GMT
expires: Tue, 17 Sep 2024 22:31:54 GMT
cache-control: public, max-age=31536000
age: 72880
last-modified: Wed, 02 Aug 2023 15:23:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fitnut4dummies.blogspot.com/favicon.ico
412 B URL fitnut4dummies.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: fitnut4dummies.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fitnut4dummies.blogspot.com/search?updated-min=2008-01-01T00:00:00-08:00&updated-max=2009-01-01T00:00:00-08:00&max-results=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Tue, 19 Sep 2023 18:46:35 GMT
date: Tue, 19 Sep 2023 18:46:35 GMT
cache-control: private, max-age=86400
last-modified: Tue, 15 Aug 2023 13:19:21 GMT
etag: W/"7570f22ea793e579545dc06518451c4f3e4bfb7a0ae13fce78c4a2ddd8d5d119"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
172.217.21.161
0.0.0.0