ocsp.pki.goog/gts1c3
471 B IP
Hash 17d4dac18fa2e921b6142e9a6e7638e9
3e4d5337720590d6a2b8941baf90fa8dfd9d752b
f367bf987bcfb690ef53baf4cca8970b83fe522c820de2babb8cb3c943fa84c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
200 OK 47 kB URL User Request GET HTTP/2 informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8481)
Hash 902023fdb734e484596464aba734ea27
bbca313d9cd9cefed92baa1e288c9aa4c4a1ab72
7d8373427340722ac2002d9d541e3a6712fe2313da8e0ff95a84d74ffa595f4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8 HTTP/1.1
Host: informatiqueth4.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 21:39:33 GMT
date: Sat, 23 Sep 2023 21:39:33 GMT
cache-control: private, max-age=0
last-modified: Sun, 13 Aug 2023 00:55:31 GMT
etag: W/"61389a6e01c15cd23e155eeab212cf4543fb1f65ea9197e390fb0275ce86a107"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 47087
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 17d4dac18fa2e921b6142e9a6e7638e9
3e4d5337720590d6a2b8941baf90fa8dfd9d752b
f367bf987bcfb690ef53baf4cca8970b83fe522c820de2babb8cb3c943fa84c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-2.0.3.js
200 OK 72 kB URL GET HTTP/2 code.jquery.com/jquery-2.0.3.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
Hash b29c22eae459aa715cdd8fa340bb6e29
ad73590c92b4c3f08d02a0751ba4e4aef658daa0
9427fe2df51f7d4c6bf35f96d19169714d0b432b99dc18f41760d0342c538122
GET /jquery-2.0.3.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-3b1de"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 23 Sep 2023 21:39:34 GMT
age: 397535
x-served-by: cache-lga21970-LGA, cache-bma1653-BMA
x-cache: HIT, HIT
x-cache-hits: 129, 3
x-timer: S1695505174.491054,VS0,VE1
vary: Accept-Encoding
content-length: 71452
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
informatiqueth4.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/3 informatiqueth4.blogspot.com/js/cookienotice.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/cookienotice.js HTTP/1.1
Host: informatiqueth4.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sat, 30 Sep 2023 21:39:34 GMT
cache-control: public, max-age=604800
last-modified: Sat, 23 Sep 2023 17:50:44 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 126b0a9f06e2940180b9f3d7bf846ee3
837d11e1daeabaeb84b17ab34e3668d5f654f5bd
0f4e2ec6b04e2bbfec447077213cb23fe5008094a636f4de026a9534a0edb691
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/466517130-widget_css_bundle_rtl.css
200 OK 6.6 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/466517130-widget_css_bundle_rtl.css
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (30626)
Hash 899d98bd2ce51afc4f24ba70eeb58ed4
4703bb6ccfc1422f04ea7ebef00704bad77b00c9
7128c3dd35bd13376ad01db6d1c538815e90aa93bbe9887edb129e1c31a8cd5d
GET /static/v1/widgets/466517130-widget_css_bundle_rtl.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 20:58:13 GMT
expires: Wed, 18 Sep 2024 20:58:13 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Sep 2023 16:55:46 GMT
content-type: text/css
vary: Accept-Encoding
age: 348081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/562952797-widgets.js
200 OK 160 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/562952797-widgets.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2215)
Size 160 kB (160393 bytes)
Hash 0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c
GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 328664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
200 OK 52 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (64651)
Hash 3667ec0d9975a9580b9e5f3c577e8d07
429282063ca7f3bae9797d70a6f09f2e3e05458a
b0414cd9a63cee7af991c13817e46d30190ac41a8711cdae78718da6d380e572
GET /ajax/libs/jqueryui/1.8.23/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51646
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 14:47:29 GMT
expires: Sun, 22 Sep 2024 14:47:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 24725
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 7.9 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/show_ads.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3722)
Hash 40f3a0af2dea5e765b584d76398c17d6
18c662b7a7b40d7235238a9f5f290b7190636542
ab65ed6964dcb9654d064edb06bd8d9adbcdecd9b068f884c2468ecb9afe3995
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sat, 23 Sep 2023 21:39:34 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16934342013690277210
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-XQAhdYRi_Tw/U_k3e0O6NxI/AAAAAAAAAys/LMIgmkHs1go/s1600/638680956.gif
200 OK 24 kB URL GET HTTP/3 4.bp.blogspot.com/-XQAhdYRi_Tw/U_k3e0O6NxI/AAAAAAAAAys/LMIgmkHs1go/s1600/638680956.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 125 x 70\012- data
Hash 913ae6e1470045086c454b4ee5d795b2
5c48969e2b207f83af02ab555f009d0faf6c882f
cf557330925ad655197e4ca67e3c28832e309a394b0ec9423f8228b4bcdca41a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-XQAhdYRi_Tw/U_k3e0O6NxI/AAAAAAAAAys/LMIgmkHs1go/s1600/638680956.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v32b"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="638680956.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 24442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-2o0oXA5niXc/U_k3it7VuSI/AAAAAAAAAzI/o8Nv2m2-FQo/s1600/Sans%2Btits1%2Bcopie.png
200 OK 20 kB URL GET HTTP/3 1.bp.blogspot.com/-2o0oXA5niXc/U_k3it7VuSI/AAAAAAAAAzI/o8Nv2m2-FQo/s1600/Sans%2Btits1%2Bcopie.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 93, 8-bit/color RGB, non-interlaced\012- data
Hash 38f6fa064b7f3081f957706641c37ae1
be237027a1994a603b67936ee4ac2adc8cecc9a6
66e3c9b0fa27e5d4d4a32cd366c3f6eeabc1ec35818a6105b5d90dacb8b566e7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-2o0oXA5niXc/U_k3it7VuSI/AAAAAAAAAzI/o8Nv2m2-FQo/s1600/Sans%2Btits1%2Bcopie.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v332"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Sans tits1 copie.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 20536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-cja0zZVaqWs/U_k3hbkc6HI/AAAAAAAAAy8/ZJ1GosukmEE/s1600/Sans%2Bdcopie.png
200 OK 19 kB URL GET HTTP/2 3.bp.blogspot.com/-cja0zZVaqWs/U_k3hbkc6HI/AAAAAAAAAy8/ZJ1GosukmEE/s1600/Sans%2Bdcopie.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 93, 8-bit/color RGB, non-interlaced\012- data
Hash 811ef3560511b84fe1119bae99b5a452
cfa60f5b0613b63a4facc7dd2c376a3031d9d653
b670675c13279de25ac8b3b47beb9feafa2bfa86fb0659a56c92b51b3aa246d3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-cja0zZVaqWs/U_k3hbkc6HI/AAAAAAAAAy8/ZJ1GosukmEE/s1600/Sans%2Bdcopie.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v32f"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Sans dcopie.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 18577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-iJfjdHkxB9M/VAxPz-vdNDI/AAAAAAAAAHE/8WavWGJ3MGM/s1600/13.png
200 OK 3.3 kB URL GET HTTP/2 4.bp.blogspot.com/-iJfjdHkxB9M/VAxPz-vdNDI/AAAAAAAAAHE/8WavWGJ3MGM/s1600/13.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 130 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash ddd4719d6a79771e739e8c4365de1e85
6589520cdef76953f671960f1b283f0cadacde95
69eb44e5993a4cb614da97907210ad187b1471ffd5c27eaaa08cbffbf0e66da4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-iJfjdHkxB9M/VAxPz-vdNDI/AAAAAAAAAHE/8WavWGJ3MGM/s1600/13.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v72"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="13.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 3263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-7CgPEkJAUqw/VAxu0d1yBsI/AAAAAAAABAI/iJI1WN2w-b4/s1600/4.jpg
200 OK 72 kB URL GET HTTP/2 1.bp.blogspot.com/-7CgPEkJAUqw/VAxu0d1yBsI/AAAAAAAABAI/iJI1WN2w-b4/s1600/4.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 28b5c491c887fe8dffd6b372440a467b
961fdf313516dc0263c1c14077ed3c2dfd6dda24
6f65a9ef7e5ac2cd3a3b23dfcacdc8d7bef89b8afedf39a8c333a03947e31ef1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-7CgPEkJAUqw/VAxu0d1yBsI/AAAAAAAABAI/iJI1WN2w-b4/s1600/4.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v403"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 71486
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-UPEcgTY0alU/VAxNGzg3YUI/AAAAAAAAAGw/H__A_bvgpY4/s1600/spiderman-3d-hd-wallpapers-desktop%2Bcopy%2Bcopy.jpg
200 OK 449 kB URL GET HTTP/2 3.bp.blogspot.com/-UPEcgTY0alU/VAxNGzg3YUI/AAAAAAAAAGw/H__A_bvgpY4/s1600/spiderman-3d-hd-wallpapers-desktop%2Bcopy%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1280x1024, components 3\012- data
Size 449 kB (448974 bytes)
Hash cc9f45426611dedafbaa0a8ea8d95e08
5ad94cfc94d6eed1bdd444efc970fec102ab219e
69b1aaa9f127d444e0c59bc00131239d40f62bfdb5b873c8962cff98f5152d65
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-UPEcgTY0alU/VAxNGzg3YUI/AAAAAAAAAGw/H__A_bvgpY4/s1600/spiderman-3d-hd-wallpapers-desktop%2Bcopy%2Bcopy.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6d"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="spiderman-3d-hd-wallpapers-desktop copy copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 448974
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1v3gi79QBVauLJCV-HuwBZZLw9bJa5tl31QqA1HbzE4A9EWZSsdxwP0VDZ_keb-OIE331lb8SXrPnPSc3qo5hXlqWNWG8_JdyZ5kbICTSwvnVu8yHapqz2Gdn9OzzSC4OQAi_t3yBOQVfPb0B52VvnIAsQlR-kRww-Js7o17wUe8g=s0-d
200 OK 7.1 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1v3gi79QBVauLJCV-HuwBZZLw9bJa5tl31QqA1HbzE4A9EWZSsdxwP0VDZ_keb-OIE331lb8SXrPnPSc3qo5hXlqWNWG8_JdyZ5kbICTSwvnVu8yHapqz2Gdn9OzzSC4OQAi_t3yBOQVfPb0B52VvnIAsQlR-kRww-Js7o17wUe8g=s0-d
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 170 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 206e48fd6a3cb7795940db9095079d3f
74e23a0a65b188aeff6616d9d84916898e3a8007
2d201b298e084185cfefc7220d536500cedd349776ca9dcf690580b1a9cc7a30
GET /blogger_img_proxy/ALY8t1v3gi79QBVauLJCV-HuwBZZLw9bJa5tl31QqA1HbzE4A9EWZSsdxwP0VDZ_keb-OIE331lb8SXrPnPSc3qo5hXlqWNWG8_JdyZ5kbICTSwvnVu8yHapqz2Gdn9OzzSC4OQAi_t3yBOQVfPb0B52VvnIAsQlR-kRww-Js7o17wUe8g=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 7092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-dAk0PlsedaA/U_pvjAJGjiI/AAAAAAAAA0s/eWcmftJBX0A/s1600/29nxp4khw3ge7.gif
200 OK 14 kB URL GET HTTP/2 2.bp.blogspot.com/-dAk0PlsedaA/U_pvjAJGjiI/AAAAAAAAA0s/eWcmftJBX0A/s1600/29nxp4khw3ge7.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 200 x 110\012- data
Hash 183d867fc9315c8d60abd8382831bc69
bfe5758e989b7578962ebfe35558ab2e538d83af
9a87e902230cdca3f8e93072e0f06c734c805575ed2437fe11ba8f9abb760235
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-dAk0PlsedaA/U_pvjAJGjiI/AAAAAAAAA0s/eWcmftJBX0A/s1600/29nxp4khw3ge7.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v34b"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="29nxp4khw3ge7.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 14443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-zaD0eYTAEWU/VBdrg2wL33I/AAAAAAAABFg/QP16_Jckw6A/s1600/3.jpg
200 OK 124 kB URL GET HTTP/2 1.bp.blogspot.com/-zaD0eYTAEWU/VBdrg2wL33I/AAAAAAAABFg/QP16_Jckw6A/s1600/3.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 796x560, components 3\012- data
Size 124 kB (123599 bytes)
Hash 1702108d2fb6cbf86c17ad80863b4dda
8faf4dd90d0826bd05a8ef337de7204fa17de92e
fb35703289810e9a32e3a1ca4404c3ee2f1b4ceff00c9ce79b603c36b590de91
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-zaD0eYTAEWU/VBdrg2wL33I/AAAAAAAABFg/QP16_Jckw6A/s1600/3.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v45a"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="3.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 123599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-SbOKWnPCTGQ/VAxvCGWRRoI/AAAAAAAABAk/xFs-MglQl64/s1600/7%2Bcopy.jpg
200 OK 63 kB URL GET HTTP/2 1.bp.blogspot.com/-SbOKWnPCTGQ/VAxvCGWRRoI/AAAAAAAABAk/xFs-MglQl64/s1600/7%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 696x524, components 3\012- data
Hash d1833c51f81937574d99aa16c8d47840
4359317ae6924bac983e9d2fd36ebd4904cac86c
01faed09bf82d05ecf766d6da2dc55a78236ef9c3607d3d1b98b9fd11eafb14f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-SbOKWnPCTGQ/VAxvCGWRRoI/AAAAAAAABAk/xFs-MglQl64/s1600/7%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v40b"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 62688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-5pN_RhRYfk8/VAxsq7KUC9I/AAAAAAAAA9w/djpGIPy9NDw/s1600/12%2Bcopy.jpg
200 OK 79 kB URL GET HTTP/2 4.bp.blogspot.com/-5pN_RhRYfk8/VAxsq7KUC9I/AAAAAAAAA9w/djpGIPy9NDw/s1600/12%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 696x524, components 3\012- data
Hash bc63be1a61cdade04ed4aac84324df22
06c2733f7ecbeaa96270565dc53182335660a965
6b1691fc092b80504fee8960ae957ab8adbf280deae58e676785e7edb3e06d25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-5pN_RhRYfk8/VAxsq7KUC9I/AAAAAAAAA9w/djpGIPy9NDw/s1600/12%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3dd"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="12 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 79237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-IU6XRlxHqTk/VBYpzfJJ8LI/AAAAAAAABDA/8KpEqq5mNOk/s1600/TMNT.0_cinema_640.0.jpg
200 OK 79 kB URL GET HTTP/2 2.bp.blogspot.com/-IU6XRlxHqTk/VBYpzfJJ8LI/AAAAAAAABDA/8KpEqq5mNOk/s1600/TMNT.0_cinema_640.0.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 640x359, components 3\012- data
Hash a93970708a2320268ebb040c5a288132
b4be46adaaf58eab059329f61b0629303916aae9
44fa9abe9d65a5429ed20bda070b3c5c122906a10052f69156d7b9791368a36c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-IU6XRlxHqTk/VBYpzfJJ8LI/AAAAAAAABDA/8KpEqq5mNOk/s1600/TMNT.0_cinema_640.0.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v431"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TMNT.0_cinema_640.0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 78588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-ptR1f-gCe-Y/VBdrhO5HZyI/AAAAAAAABFk/92xw5QpF7NY/s1600/5.jpg
200 OK 16 kB URL GET HTTP/2 2.bp.blogspot.com/-ptR1f-gCe-Y/VBdrhO5HZyI/AAAAAAAABFk/92xw5QpF7NY/s1600/5.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 303x153, components 3\012- data
Hash fb565ff08e65a1b6f577e3a1cf3d401e
6f474c86e32f7cfa921eb8a604afcb99b6833aa7
bd01775467f76f4193b9981b33a40b1cf8d4e0585d72f5f8aa5fdfb7d54bf1ce
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ptR1f-gCe-Y/VBdrhO5HZyI/AAAAAAAABFk/92xw5QpF7NY/s1600/5.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v45b"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 15894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Rx0KMZfJ5wM/VAxszynwL7I/AAAAAAAAA-I/cdRmyns3V0g/s1600/13%2Bcopy.jpg
200 OK 61 kB URL GET HTTP/2 2.bp.blogspot.com/-Rx0KMZfJ5wM/VAxszynwL7I/AAAAAAAAA-I/cdRmyns3V0g/s1600/13%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Hash 5d1e88a28089bf9f7319eb1f7f46039a
5380c403380159c79cff80f79cd98c5e4fed112f
7dfc82950bd537bd848dba31afd267c67e55c407c828b917ef27025f3af52fc4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Rx0KMZfJ5wM/VAxszynwL7I/AAAAAAAAA-I/cdRmyns3V0g/s1600/13%2Bcopy.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3e3"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="13 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 61404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-Aj72IWWwgow/VBdrjs1KLvI/AAAAAAAABGA/fBDpr4r-Evc/s1600/8.jpg
200 OK 49 kB URL GET HTTP/2 4.bp.blogspot.com/-Aj72IWWwgow/VBdrjs1KLvI/AAAAAAAABGA/fBDpr4r-Evc/s1600/8.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 503x388, components 3\012- data
Hash c68cb3d0cf5add4f7b6ceb3c3aa89336
be3faa03e4fb77912b6d5624528e4148b2568d38
e91307c3f17d423dcd3ffeb17589871b8a59a07c022f5c987df6fe9681c4ecf1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Aj72IWWwgow/VBdrjs1KLvI/AAAAAAAABGA/fBDpr4r-Evc/s1600/8.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v462"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 48982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-faEmyGLAr6g/VAxs5Zbb6cI/AAAAAAAAA-Q/hu7_ttBRvH8/s1600/14%2Bcopy.jpg
200 OK 62 kB URL GET HTTP/2 2.bp.blogspot.com/-faEmyGLAr6g/VAxs5Zbb6cI/AAAAAAAAA-Q/hu7_ttBRvH8/s1600/14%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 33cd991ee8ff79f5a4a8c3e0c6b86806
b0881afa6ca4c5adaf98914db039e965bfce27a7
50be6d42ede3212befe90ae69d7172944e3606c56f4e245976df5b3f96a6c302
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-faEmyGLAr6g/VAxs5Zbb6cI/AAAAAAAAA-Q/hu7_ttBRvH8/s1600/14%2Bcopy.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3e5"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="14 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 61796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-2mFEHRbAT5A/U__Ku-ZSyfI/AAAAAAAAA3o/6rFLOxg6Dzs/s1600/1371851306211.gif
200 OK 172 kB URL GET HTTP/2 1.bp.blogspot.com/-2mFEHRbAT5A/U__Ku-ZSyfI/AAAAAAAAA3o/6rFLOxg6Dzs/s1600/1371851306211.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 87a, 1600 x 684\012- data
Size 172 kB (171651 bytes)
Hash 933751798f704769b4e103eb50c10d1b
95ea71ad3e931c688914c5bb5efc09bb7a18a034
45094f635bc9cdbcd72ce15e46ff8afa972a6dbb2c25d50187d6d5b76d5556eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-2mFEHRbAT5A/U__Ku-ZSyfI/AAAAAAAAA3o/6rFLOxg6Dzs/s1600/1371851306211.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v37a"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1371851306211.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 171651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-45hu-mEX5iY/U_4aGutm5PI/AAAAAAAAA2Y/oekq-ioEOyM/s1600/8vm25190%2Bc%C3%B3pia.png
200 OK 23 kB URL GET HTTP/3 1.bp.blogspot.com/-45hu-mEX5iY/U_4aGutm5PI/AAAAAAAAA2Y/oekq-ioEOyM/s1600/8vm25190%2Bc%C3%B3pia.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 209 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash dbea4df854ccf58f48cb0a8757e020a7
25b3e3a454512e59c0955e4fb404117e92d17242
288e07afffa98dd62f37af751f17783e595bd496a6bf57c8d8a00154864a41c6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-45hu-mEX5iY/U_4aGutm5PI/AAAAAAAAA2Y/oekq-ioEOyM/s1600/8vm25190%2Bc%C3%B3pia.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v366"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8vm25190 c_pia.png";filename*=UTF-8''8vm25190%20c%C3%B3pia.png
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 23168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Fuf8lmcfMaM/VBdrgIVmewI/AAAAAAAABFU/TlVtJcimGNU/s1600/4.jpg
200 OK 37 kB URL GET HTTP/2 2.bp.blogspot.com/-Fuf8lmcfMaM/VBdrgIVmewI/AAAAAAAABFU/TlVtJcimGNU/s1600/4.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 432x303, components 3\012- data
Hash 36039a18baaa0d735b65b4b949b4cbc3
6ff9a4bde4cb20aebb5bb5c9466eb9b92f95e772
2e434b350f25867d6a3610c63b2492fc5c468b958719a3b857dc16eee8d17a95
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Fuf8lmcfMaM/VBdrgIVmewI/AAAAAAAABFU/TlVtJcimGNU/s1600/4.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v457"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 37070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kIYzCOR2OXc/VBdrf6aECVI/AAAAAAAABFQ/hl51XM5odPM/s1600/2.jpg
200 OK 122 kB URL GET HTTP/2 1.bp.blogspot.com/-kIYzCOR2OXc/VBdrf6aECVI/AAAAAAAABFQ/hl51XM5odPM/s1600/2.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 796x560, components 3\012- data
Size 122 kB (122312 bytes)
Hash 7019237b2e8b074b7af4f8183044bc0e
48b1ceac230a978fa216abab2df95463a8b7227d
bc7a97a5c3aa9c1c002c42d9bc65a4aac552e0d776b6c76a7aef75d30630682b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-kIYzCOR2OXc/VBdrf6aECVI/AAAAAAAABFQ/hl51XM5odPM/s1600/2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v456"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 122312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-0mSAjk4DYng/U_285gBQnPI/AAAAAAAAA2A/zWfMgiRbySE/s72-c/PIC-643-1350403346.jpg
200 OK 5.1 kB URL GET HTTP/2 1.bp.blogspot.com/-0mSAjk4DYng/U_285gBQnPI/AAAAAAAAA2A/zWfMgiRbySE/s72-c/PIC-643-1350403346.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 14c6ad0fcf732a59fe08d2841c0e412e
8870ac4d54f6989415678227df57f985c364ca02
76fce4892b10ed71fb9c5d7b7aa97bca48131cf6ae841d7ea59b14959e4fd04a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-0mSAjk4DYng/U_285gBQnPI/AAAAAAAAA2A/zWfMgiRbySE/s72-c/PIC-643-1350403346.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v361"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PIC-643-1350403346.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 5099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-NeFG5dRPyxI/VAxSCUIy1aI/AAAAAAAAA9M/3qQlsYJeXjI/s1600/e57384f9f6.gif
200 OK 1.9 kB URL GET HTTP/2 2.bp.blogspot.com/-NeFG5dRPyxI/VAxSCUIy1aI/AAAAAAAAA9M/3qQlsYJeXjI/s1600/e57384f9f6.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 128 x 41\012- data
Hash a069747a36b1d579f3c64d82896151f6
f6ef01cab780c01026324cb4e81e988fc55a0075
3a72d615e3f3b6332c0ed2c19186c36b60767c9244a01c808929c964e2d1d820
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-NeFG5dRPyxI/VAxSCUIy1aI/AAAAAAAAA9M/3qQlsYJeXjI/s1600/e57384f9f6.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3d4"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="e57384f9f6.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 1924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Tbs3xy8X7dA/VBdrcJK3iSI/AAAAAAAABFA/n-cF871gBdY/s1600/1.jpg
200 OK 104 kB URL GET HTTP/2 2.bp.blogspot.com/-Tbs3xy8X7dA/VBdrcJK3iSI/AAAAAAAABFA/n-cF871gBdY/s1600/1.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1044x600, components 3\012- data
Size 104 kB (104335 bytes)
Hash 74a214e495d3933328eb8b01cb471bf7
8ceadd3cc9418c4382860b96149e3c00c8dc55f7
b175c1f2bd67f5449a7d15ac46f729e1d1ec6d810df95a17a68c7d32159a6179
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Tbs3xy8X7dA/VBdrcJK3iSI/AAAAAAAABFA/n-cF871gBdY/s1600/1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v451"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 104335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-dBKVx1rY1Ew/VAxtPn_bZaI/AAAAAAAAA-g/2JL_V5kPE-Y/s1600/16%2Bcopy.jpg
200 OK 229 kB URL GET HTTP/2 4.bp.blogspot.com/-dBKVx1rY1Ew/VAxtPn_bZaI/AAAAAAAAA-g/2JL_V5kPE-Y/s1600/16%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 229 kB (229109 bytes)
Hash 0b8b557d64a835e94a855f359cddb122
f159e924869c5e954d1ec735a1625405bcb8daae
3f52d7ddcaf32839a63dd5b2a20a0bfe66b07f0b373255e38abfcf3e98fadc93
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-dBKVx1rY1Ew/VAxtPn_bZaI/AAAAAAAAA-g/2JL_V5kPE-Y/s1600/16%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3e9"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="16 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 229109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Eq42d0BtWXk/VBdrhzuYQyI/AAAAAAAABFw/iaWDCV9m1Oc/s1600/6.jpg
200 OK 56 kB URL GET HTTP/2 2.bp.blogspot.com/-Eq42d0BtWXk/VBdrhzuYQyI/AAAAAAAABFw/iaWDCV9m1Oc/s1600/6.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 503x388, components 3\012- data
Hash 160b3633856f4df373c4270dc45aeb17
8161a1ea2abf9d35c3dbfc0e2f6848a50893f426
7d012355d17ad4dcd3ac489041b1253c79bae58c47e7dd90b18fedbd89ad3702
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Eq42d0BtWXk/VBdrhzuYQyI/AAAAAAAABFw/iaWDCV9m1Oc/s1600/6.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v45d"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 55522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-i2fZWYItns4/VAxtdhZYjjI/AAAAAAAAA-w/bnuF5vBjWZg/s1600/18%2Bcopy.jpg
200 OK 90 kB URL GET HTTP/2 1.bp.blogspot.com/-i2fZWYItns4/VAxtdhZYjjI/AAAAAAAAA-w/bnuF5vBjWZg/s1600/18%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 800x560, components 3\012- data
Hash 43631ea0560e08aa56d599c599a6bf80
ba90cee7601985e0aba6293268f633d772c2b530
e74c854257fd29ff55a902b8c5ffd3fb825899242492c4c9ef90bf190750a6c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-i2fZWYItns4/VAxtdhZYjjI/AAAAAAAAA-w/bnuF5vBjWZg/s1600/18%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3ed"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="18 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 89790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-TgjGGSa5F4M/VBdrbdSR6eI/AAAAAAAABEw/_WeDijoZbzg/s1600/10.jpg
200 OK 43 kB URL GET HTTP/2 3.bp.blogspot.com/-TgjGGSa5F4M/VBdrbdSR6eI/AAAAAAAABEw/_WeDijoZbzg/s1600/10.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 503x388, components 3\012- data
Hash cc9ddcdc9df11fe7aa4170123f0bd258
1513460f5d92628706f7117ae7bfaa85a1a5499c
fffb219b18ecf44a623770bf97e154d95cb2baf3b866c42325d1d77e1d6b56e3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-TgjGGSa5F4M/VBdrbdSR6eI/AAAAAAAABEw/_WeDijoZbzg/s1600/10.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v44e"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 42918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/--Hn6mpOs144/VAxtT7kyM8I/AAAAAAAAA-o/K6Ld2Dsrgq8/s1600/17%2Bcopy.jpg
200 OK 227 kB URL GET HTTP/2 4.bp.blogspot.com/--Hn6mpOs144/VAxtT7kyM8I/AAAAAAAAA-o/K6Ld2Dsrgq8/s1600/17%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 227 kB (227062 bytes)
Hash 0cb7cd18e22ca27faa0b539f9aa9ac3e
2ab88968a689461b7befe9da0e050e46cb2fa091
cc9933153ecc4df880d7182470d239f2f42afa5246b76e54412b84521a2b2337
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /--Hn6mpOs144/VAxtT7kyM8I/AAAAAAAAA-o/K6Ld2Dsrgq8/s1600/17%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3eb"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="17 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 227062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-WabWAFvT818/VAxte9U-QhI/AAAAAAAAA-4/rZQ2Vd6BPDE/s1600/19%2Bcopy.jpg
200 OK 79 kB URL GET HTTP/2 2.bp.blogspot.com/-WabWAFvT818/VAxte9U-QhI/AAAAAAAAA-4/rZQ2Vd6BPDE/s1600/19%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 800x560, components 3\012- data
Hash b3e8e1cec098b18c8fa83c824bff3e3f
d85fe2c9059afdd9aab2d15863732ae14554d5fb
777c9e87ac21592e4fa91fe2e976f01d4f3870caf7590d0e0b82f67fdc7313f3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-WabWAFvT818/VAxte9U-QhI/AAAAAAAAA-4/rZQ2Vd6BPDE/s1600/19%2Bcopy.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3ef"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="19 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 78603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-W_kaVgzoqZQ/VAxtntA3_FI/AAAAAAAAA_I/IcDxqcKQavY/s1600/21%2Bcopy.jpg
200 OK 72 kB URL GET HTTP/2 1.bp.blogspot.com/-W_kaVgzoqZQ/VAxtntA3_FI/AAAAAAAAA_I/IcDxqcKQavY/s1600/21%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 800x560, components 3\012- data
Hash 8107360feed429d88356dbee4b0b176e
dc4a735000aaf1fff1d2b803a88f1d45df4b22e9
ec34b942aaad39ae0a0a295373702759392f81c4263d8f98443c8d4494a6c878
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-W_kaVgzoqZQ/VAxtntA3_FI/AAAAAAAAA_I/IcDxqcKQavY/s1600/21%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3f3"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="21 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 71798
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-P4aCo4KBJGo/U_k3g5KPWHI/AAAAAAAAAy0/JMwflaVMdKo/s1600/1345686098795.gif
200 OK 190 kB URL GET HTTP/3 1.bp.blogspot.com/-P4aCo4KBJGo/U_k3g5KPWHI/AAAAAAAAAy0/JMwflaVMdKo/s1600/1345686098795.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 489 x 97\012- data
Size 190 kB (189737 bytes)
Hash eb527123eff77a6ad7c9cf1f7578e188
2b4546ed8aa55f467cfc7fcad27deaa11728ec6e
b6fdaed5fc23d5734f262a905b3c6270ded0a9f8f12284133e9030d7966ba356
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-P4aCo4KBJGo/U_k3g5KPWHI/AAAAAAAAAy0/JMwflaVMdKo/s1600/1345686098795.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v32d"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1345686098795.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 189737
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-PViG5u82HYg/VAxty2uKYOI/AAAAAAAAA_Y/mcxme2bWbSw/s1600/22%2Bcopy.jpg
200 OK 154 kB URL GET HTTP/2 1.bp.blogspot.com/-PViG5u82HYg/VAxty2uKYOI/AAAAAAAAA_Y/mcxme2bWbSw/s1600/22%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 154 kB (153527 bytes)
Hash f310007244b6fbed7732caa5178ac45a
d1543ee45406aff135dcdaf69faecf6b97508c44
a733eae7a9f78827e7b3763ec63e3d8e8a8e489e7ee1d70f8fabd00d88d277ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-PViG5u82HYg/VAxty2uKYOI/AAAAAAAAA_Y/mcxme2bWbSw/s1600/22%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3f7"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="22 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 153527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-RR1AyHzepNU/VAxurY0iLFI/AAAAAAAABAA/OqAZZeQNj58/s1600/27%2Bcopy.jpg
200 OK 163 kB URL GET HTTP/2 1.bp.blogspot.com/-RR1AyHzepNU/VAxurY0iLFI/AAAAAAAABAA/OqAZZeQNj58/s1600/27%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 163 kB (163214 bytes)
Hash 60156aa25a716b7707a20d626a298ea0
040d34b4e32f5e52917f1e6815fd87135819d2b4
4b5d55ec2c1dbc47dc7ac461cfd04d00b9d93cddeab82da338a0c97d22c320ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-RR1AyHzepNU/VAxurY0iLFI/AAAAAAAABAA/OqAZZeQNj58/s1600/27%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v401"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="27 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 163214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-x7LquT7nT48/VAxvB2WkYmI/AAAAAAAABAg/NSgimnocIf0/s1600/6%2Bcopy.jpg
200 OK 66 kB URL GET HTTP/2 3.bp.blogspot.com/-x7LquT7nT48/VAxvB2WkYmI/AAAAAAAABAg/NSgimnocIf0/s1600/6%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 696x524, components 3\012- data
Hash 6a6994c31edce5a173cbf0492098d1dd
941e718a60100ca0416c6fa960c1c4ae2453b2b9
9ec9b6728beb9edd204a42ae2a2f8e34d22343e0e41d0c4b7e606fd930ffe4e4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-x7LquT7nT48/VAxvB2WkYmI/AAAAAAAABAg/NSgimnocIf0/s1600/6%2Bcopy.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v40a"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 65605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-uehFhKsKSyQ/VAxVk6GY8NI/AAAAAAAAA9k/6tgP6yNTt20/s1600/abdoooocopy%2Bcopy.jpg
200 OK 7.6 kB URL GET HTTP/2 2.bp.blogspot.com/-uehFhKsKSyQ/VAxVk6GY8NI/AAAAAAAAA9k/6tgP6yNTt20/s1600/abdoooocopy%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 305x64, components 3\012- data
Hash e5375d6e80b4ef68e8882af2363f6725
7854bce08231347417540a57ead51e03df17a86f
0e089f1276b94d4f930c9416c1b28d3cf65854220129e67e6e43096a6ad5d5ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-uehFhKsKSyQ/VAxVk6GY8NI/AAAAAAAAA9k/6tgP6yNTt20/s1600/abdoooocopy%2Bcopy.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3d9"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="abdoooocopy copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 7598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Vntv57wfhuc/U_k3ih_zl5I/AAAAAAAAAzM/Ba8ndE9yKyM/s1600/20130228095502X.gif
200 OK 272 kB URL GET HTTP/2 1.bp.blogspot.com/-Vntv57wfhuc/U_k3ih_zl5I/AAAAAAAAAzM/Ba8ndE9yKyM/s1600/20130228095502X.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 240 x 180\012- data
Size 272 kB (271981 bytes)
Hash be69078664f698312fc5bab17321d9c6
f0271c7b6060d75e05fa07c077550c5906f93d65
c1db47c24637fbf1acd3feb1bd0af2146b9e854f191c11ccd4051d6f0021896a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Vntv57wfhuc/U_k3ih_zl5I/AAAAAAAAAzM/Ba8ndE9yKyM/s1600/20130228095502X.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v333"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="20130228095502X.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 271981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-uehFhKsKSyQ/VAxVk6GY8NI/AAAAAAAAA9g/aQxMuSBapXI/s1600/abdoooocopy%2Bcopy.jpg
200 OK 7.6 kB URL GET HTTP/2 1.bp.blogspot.com/-uehFhKsKSyQ/VAxVk6GY8NI/AAAAAAAAA9g/aQxMuSBapXI/s1600/abdoooocopy%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 305x64, components 3\012- data
Hash e5375d6e80b4ef68e8882af2363f6725
7854bce08231347417540a57ead51e03df17a86f
0e089f1276b94d4f930c9416c1b28d3cf65854220129e67e6e43096a6ad5d5ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-uehFhKsKSyQ/VAxVk6GY8NI/AAAAAAAAA9g/aQxMuSBapXI/s1600/abdoooocopy%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3d9"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="abdoooocopy copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 7598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-s_WVTnD8Mz0/VBdrb4M06WI/AAAAAAAABE0/Rt5vKr1_fhI/s1600/11.jpg
200 OK 51 kB URL GET HTTP/2 4.bp.blogspot.com/-s_WVTnD8Mz0/VBdrb4M06WI/AAAAAAAABE0/Rt5vKr1_fhI/s1600/11.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 503x388, components 3\012- data
Hash 1d09f6952a2ef8accdfeefc1cf5351ad
cc6b2326195fb051bb8a9aeadeaea9269a360f45
6a5fee95cc4f0dc006f95c58853475f51ba1c64e16a0a33cfe65dca6f693f738
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-s_WVTnD8Mz0/VBdrb4M06WI/AAAAAAAABE0/Rt5vKr1_fhI/s1600/11.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v44f"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 51268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-5oNARnHL3cU/VAxuNfrtNDI/AAAAAAAAA_w/nV4K0IZY4Ac/s1600/25%2Bcopy.jpg
200 OK 148 kB URL GET HTTP/2 1.bp.blogspot.com/-5oNARnHL3cU/VAxuNfrtNDI/AAAAAAAAA_w/nV4K0IZY4Ac/s1600/25%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 148 kB (148381 bytes)
Hash 077e8e81943ccfbc120111337c755515
0b6c3fbf0441d39937a417001194d7cf2398d9ef
e198e549763442ec89513fded2d0288292220d40eef6365ecb692fbed46a75c3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-5oNARnHL3cU/VAxuNfrtNDI/AAAAAAAAA_w/nV4K0IZY4Ac/s1600/25%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3fd"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="25 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 148381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-WZUftouDz9Q/VAxu_qzp74I/AAAAAAAABAY/5vixbkPfQpU/s1600/3.jpg
200 OK 241 kB URL GET HTTP/2 4.bp.blogspot.com/-WZUftouDz9Q/VAxu_qzp74I/AAAAAAAABAY/5vixbkPfQpU/s1600/3.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 241 kB (241269 bytes)
Hash 127b3da05cc87c4722fb35b5c46a4adf
c3a10f6d7951866de30e8a058909faf257b6a48d
ebb30bd2c594990d3c416b039abec8515a6afa62a7fe4f0f106c93d20bcf2fde
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-WZUftouDz9Q/VAxu_qzp74I/AAAAAAAABAY/5vixbkPfQpU/s1600/3.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v407"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="3.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 241269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-pP0_MrSN66s/VAxSja6BEkI/AAAAAAAAA9U/bUqTqyFcKaQ/s1600/mod124au5.gif
200 OK 1.2 kB URL GET HTTP/2 3.bp.blogspot.com/-pP0_MrSN66s/VAxSja6BEkI/AAAAAAAAA9U/bUqTqyFcKaQ/s1600/mod124au5.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 195 x 13\012- data
Hash d67e978d9d8e1bfe74fbcc67e033f677
3d698f3721feacad9b531c38f92598200106b325
bac043a724cd2e2a6cb1d02b5a467d73854a0d8fdc0658f5b90206b107723e66
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-pP0_MrSN66s/VAxSja6BEkI/AAAAAAAAA9U/bUqTqyFcKaQ/s1600/mod124au5.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3d6"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mod124au5.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 1221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Lr34UdTCsFk/VAxss9tLU4I/AAAAAAAAA94/67P6z_L42hY/s1600/1.jpg
200 OK 113 kB URL GET HTTP/2 2.bp.blogspot.com/-Lr34UdTCsFk/VAxss9tLU4I/AAAAAAAAA94/67P6z_L42hY/s1600/1.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1044x600, components 3\012- data
Size 113 kB (113348 bytes)
Hash 6d412087ab7fe47e8fd350471940d17f
2c5127930dab1ff223260c809b166cf22a256851
f57646a6b8b9e7fe45e7bf235f81dd9d29eb067cab6c9f4a4d9bcfafb31aa873
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Lr34UdTCsFk/VAxss9tLU4I/AAAAAAAAA94/67P6z_L42hY/s1600/1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3df"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 113348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-mbm3GvyPrHM/VBdrdNkXOxI/AAAAAAAABFI/M8MZ3ia1fG4/s1600/12.jpg
200 OK 41 kB URL GET HTTP/2 1.bp.blogspot.com/-mbm3GvyPrHM/VBdrdNkXOxI/AAAAAAAABFI/M8MZ3ia1fG4/s1600/12.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 503x388, components 3\012- data
Hash 2c93c8e922910895c3801ee9624e3982
d93bdefb75266f4854ab1ecadc8255d9215ce943
cd6cbcca4184ce5573cabd35557bceaa185076db14e7e5e6a9be551e7e1eb3dc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-mbm3GvyPrHM/VBdrdNkXOxI/AAAAAAAABFI/M8MZ3ia1fG4/s1600/12.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v453"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="12.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 40591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-t_ZhOrb6KWo/VBR6b8PaFtI/AAAAAAAABCY/m-UcSITJf-s/s72-c/deamon.png
200 OK 9.1 kB URL GET HTTP/2 1.bp.blogspot.com/-t_ZhOrb6KWo/VBR6b8PaFtI/AAAAAAAABCY/m-UcSITJf-s/s72-c/deamon.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 47fd9a2434dc815761c6c4f793efd1cf
61f9c2ed47c5549b5359954937e89fc060889719
2a9c985731df87db3ccbeee1220d65dcbc72173ac09838c66bb2aaadc3044d49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-t_ZhOrb6KWo/VBR6b8PaFtI/AAAAAAAABCY/m-UcSITJf-s/s72-c/deamon.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v427"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="deamon.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 9140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-lext4xJ0LF4/VAxtpeOK-gI/AAAAAAAAA_Q/MqP5eoHatrQ/s1600/20%2Bcopy.jpg
200 OK 111 kB URL GET HTTP/2 4.bp.blogspot.com/-lext4xJ0LF4/VAxtpeOK-gI/AAAAAAAAA_Q/MqP5eoHatrQ/s1600/20%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 800x560, components 3\012- data
Size 111 kB (110775 bytes)
Hash 04ef1015c4e3c1207898d12e96b92743
08ff068c5149a67d0f0d0189a2ca76bfdf1cdeb4
08032efbec80d89c844605ad3fde8571eef1370dc9f73ef74e3384066d889749
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-lext4xJ0LF4/VAxtpeOK-gI/AAAAAAAAA_Q/MqP5eoHatrQ/s1600/20%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3f5"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="20 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 110775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-tpsbo6ST0aE/VAxtNhE5FmI/AAAAAAAAA-Y/scPZzun5Tqo/s1600/15%2Bcopy.jpg
200 OK 249 kB URL GET HTTP/2 3.bp.blogspot.com/-tpsbo6ST0aE/VAxtNhE5FmI/AAAAAAAAA-Y/scPZzun5Tqo/s1600/15%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 249 kB (249027 bytes)
Hash cbb4d10f9f9d3bfcbcfda3e7036afe8d
53ad192c24309bc66bd8c7188d34c054862353cb
aa634fa9d91225a6e976f56d9b971a9d05361ccaf1be0f238fd087b1ba01d48b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-tpsbo6ST0aE/VAxtNhE5FmI/AAAAAAAAA-Y/scPZzun5Tqo/s1600/15%2Bcopy.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3e7"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="15 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 249027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-gueKjScGzOc/VAG9lE3FmBI/AAAAAAAAAGk/u8BwyfeiNWQ/s1600/1371851306211.gif
200 OK 172 kB URL GET HTTP/2 1.bp.blogspot.com/-gueKjScGzOc/VAG9lE3FmBI/AAAAAAAAAGk/u8BwyfeiNWQ/s1600/1371851306211.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 87a, 1600 x 684\012- data
Size 172 kB (171651 bytes)
Hash 933751798f704769b4e103eb50c10d1b
95ea71ad3e931c688914c5bb5efc09bb7a18a034
45094f635bc9cdbcd72ce15e46ff8afa972a6dbb2c25d50187d6d5b76d5556eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-gueKjScGzOc/VAG9lE3FmBI/AAAAAAAAAGk/u8BwyfeiNWQ/s1600/1371851306211.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v69"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1371851306211.gif"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 171651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-vU4PcDtV2e4/VAxt-xM8VLI/AAAAAAAAA_g/dPCm6C8jQlA/s1600/23%2Bcopy.jpg
200 OK 163 kB URL GET HTTP/2 4.bp.blogspot.com/-vU4PcDtV2e4/VAxt-xM8VLI/AAAAAAAAA_g/dPCm6C8jQlA/s1600/23%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 163 kB (162560 bytes)
Hash 2d9841e8ecf223aae00d8889c0ebf446
1a42d1027e13fcabf201963fc3564d4d6e78567d
5bc6f962db8847ac82b8b2a2d67d5068b22c586ea6a0179ecec9435f1b7ef435
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-vU4PcDtV2e4/VAxt-xM8VLI/AAAAAAAAA_g/dPCm6C8jQlA/s1600/23%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3f9"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="23 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 162560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-xwwkXJAgWOU/VDxOcQy7JXI/AAAAAAAAAH8/S3VGrz1uVV4/s1600/8vm25190%2Bc%25C3%25B3pia.png
200 OK 23 kB URL GET HTTP/2 3.bp.blogspot.com/-xwwkXJAgWOU/VDxOcQy7JXI/AAAAAAAAAH8/S3VGrz1uVV4/s1600/8vm25190%2Bc%25C3%25B3pia.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 209 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash dbea4df854ccf58f48cb0a8757e020a7
25b3e3a454512e59c0955e4fb404117e92d17242
288e07afffa98dd62f37af751f17783e595bd496a6bf57c8d8a00154864a41c6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-xwwkXJAgWOU/VDxOcQy7JXI/AAAAAAAAAH8/S3VGrz1uVV4/s1600/8vm25190%2Bc%25C3%25B3pia.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v80"
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8vm25190 c_pia.png";filename*=UTF-8''8vm25190%20c%C3%B3pia.png
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:34 GMT
server: fife
content-length: 23168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-nH0wC1V2r64/VBdri0KkDzI/AAAAAAAABF4/Y1xB2l3HWQ4/s1600/7.jpg
200 OK 44 kB URL GET HTTP/2 4.bp.blogspot.com/-nH0wC1V2r64/VBdri0KkDzI/AAAAAAAABF4/Y1xB2l3HWQ4/s1600/7.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 503x388, components 3\012- data
Hash df6c829228a161ae7cec4cba33b5ce50
5fbb5088cd6ef826dd7fe01bb7c8027abe69b28a
211b4500592ef5554a40678c4feec8718e2900709327a12a48c9dbd8344296a5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-nH0wC1V2r64/VBdri0KkDzI/AAAAAAAABF4/Y1xB2l3HWQ4/s1600/7.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v45f"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 43933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
200 OK 58 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (23577)
Hash 04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 21:39:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 9410771
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80b5f0ebadd75688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
3.bp.blogspot.com/-Z9p7rnCDmQc/VAxPgd6jWyI/AAAAAAAAAG8/BVDuuRKdUW8/s1600/t%C3%A9l%C3%A9chargement.jpg
200 OK 9.8 kB URL GET HTTP/2 3.bp.blogspot.com/-Z9p7rnCDmQc/VAxPgd6jWyI/AAAAAAAAAG8/BVDuuRKdUW8/s1600/t%C3%A9l%C3%A9chargement.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 225x225, components 3\012- data
Hash 9d464a7d35fe0a34da31b4dda917079c
8b9f2e4603b001e2f73eed49aefea2d5420d7b7f
7c403f0fa47f48dde72b6f7d91680254f77119115d8e272daf710e75b736824b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Z9p7rnCDmQc/VAxPgd6jWyI/AAAAAAAAAG8/BVDuuRKdUW8/s1600/t%C3%A9l%C3%A9chargement.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v70"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="t_l_chargement.jpg";filename*=UTF-8''t%C3%A9l%C3%A9chargement.jpg
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 9751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-G1aBS_AWk9U/VAxsvr5QWjI/AAAAAAAAA-A/eCqFEPmGqrw/s1600/11%2Bcopy.jpg
200 OK 130 kB URL GET HTTP/2 4.bp.blogspot.com/-G1aBS_AWk9U/VAxsvr5QWjI/AAAAAAAAA-A/eCqFEPmGqrw/s1600/11%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 130 kB (129748 bytes)
Hash f36512da072fa9f1b68883db0eaf285f
82eb71a02c96d1c04d7498129e9220fcfebfb1fc
dfe7c6d42d2e1fe8543e475c98734acc4299bd62a8a889f2491a87dbe81909d0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-G1aBS_AWk9U/VAxsvr5QWjI/AAAAAAAAA-A/eCqFEPmGqrw/s1600/11%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3e1"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 129748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Uvn3IBZH6Lo/VAxvGGsiYcI/AAAAAAAABAw/VBuronDUmQY/s1600/8%2Bcopy.jpg
200 OK 74 kB URL GET HTTP/2 1.bp.blogspot.com/-Uvn3IBZH6Lo/VAxvGGsiYcI/AAAAAAAABAw/VBuronDUmQY/s1600/8%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 696x524, components 3\012- data
Hash 5e4646362bd6ca8ff33d68fc12ba211e
2d9f73d5bc1a52d70b1f2d2158790487319b9942
8091cb152e2c3bc87fb30fc5514f25262849a0c23ae72477d7763bb4ddd95ced
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Uvn3IBZH6Lo/VAxvGGsiYcI/AAAAAAAABAw/VBuronDUmQY/s1600/8%2Bcopy.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v40d"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 74360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-ydhZfDN5NsU/VAxumTJNdII/AAAAAAAAA_4/lHSH3qVEbv0/s1600/26%2Bcopy.jpg
200 OK 150 kB URL GET HTTP/2 2.bp.blogspot.com/-ydhZfDN5NsU/VAxumTJNdII/AAAAAAAAA_4/lHSH3qVEbv0/s1600/26%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 150 kB (149519 bytes)
Hash 56d9fae7ff6521eaee0e1a92dcf3f538
65e459bc7a9b9dcb5835d6cbd70dfae246c2b5c7
432e1f16b072bdcceebe65d0574dad5a511fedf8c4f7de9203ad986e4c86081f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ydhZfDN5NsU/VAxumTJNdII/AAAAAAAAA_4/lHSH3qVEbv0/s1600/26%2Bcopy.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3ff"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="26 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 149519
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-OiJxYAbVKR8/U8P3iggE52I/AAAAAAAAAGo/VeTqsObshQs/s72-c/normal_lassdoss.jpg
200 OK 5.8 kB URL GET HTTP/2 3.bp.blogspot.com/-OiJxYAbVKR8/U8P3iggE52I/AAAAAAAAAGo/VeTqsObshQs/s72-c/normal_lassdoss.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 144a078ff4049215acc1eb3712b08f68
b0af80695deb893dc430ea6e910376f72e9b949c
c71992c2405c19321b51a16c4954630ac981490ce8790d4e49e5197fbde28029
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-OiJxYAbVKR8/U8P3iggE52I/AAAAAAAAAGo/VeTqsObshQs/s72-c/normal_lassdoss.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6b"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="normal_lassdoss.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 5771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-iPDWP1rMu2A/VAxthFIPj4I/AAAAAAAAA_A/UgoD2WKUnow/s1600/2.jpg
200 OK 79 kB URL GET HTTP/2 2.bp.blogspot.com/-iPDWP1rMu2A/VAxthFIPj4I/AAAAAAAAA_A/UgoD2WKUnow/s1600/2.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 800x560, components 3\012- data
Hash 4eb0eb4c0423fa137ebecb973f11ad50
da9bc6234bfd6bd9cb62c39f1e407eca4f90d2ff
a832d11b86b7df0ee88473290412d5adea761cb1c494e738201aacaee4ab8a86
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-iPDWP1rMu2A/VAxthFIPj4I/AAAAAAAAA_A/UgoD2WKUnow/s1600/2.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3f1"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 79441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-u1BZ_bewY04/VAxuAgOEFoI/AAAAAAAAA_o/Mkmag1LimwM/s1600/24%2Bcopy.jpg
200 OK 153 kB URL GET HTTP/2 4.bp.blogspot.com/-u1BZ_bewY04/VAxuAgOEFoI/AAAAAAAAA_o/Mkmag1LimwM/s1600/24%2Bcopy.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1152x864, components 3\012- data
Size 153 kB (152686 bytes)
Hash 06f2f51eda0a1ce9c8d62388711c812b
f7f5930b4f8e042d62e3a9fda71a317a7af1344f
812b342c70512f21b98ecbab3c985cf1b9007465cd26c2e349c805d13c6c56b0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-u1BZ_bewY04/VAxuAgOEFoI/AAAAAAAAA_o/Mkmag1LimwM/s1600/24%2Bcopy.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3fb"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="24 copy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 152686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 126b0a9f06e2940180b9f3d7bf846ee3
837d11e1daeabaeb84b17ab34e3668d5f654f5bd
0f4e2ec6b04e2bbfec447077213cb23fe5008094a636f4de026a9534a0edb691
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png
200 OK 237 B URL GET HTTP/3 4.bp.blogspot.com/-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash cc1b56913d2f7dccf89833c9f13c1166
cf385fddd75a65e4f90b8c4c61219e37afbbd55d
dce80244c3d820d996560fbaeda32f1855b6a871a8093a46ae9eaf292733f8d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="downarrow-dark.png"
x-content-type-options: nosniff
server: fife
content-length: 237
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:15:02 GMT
expires: Sun, 24 Sep 2023 21:15:02 GMT
cache-control: public, max-age=86400, no-transform
age: 1473
etag: "v189e"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
4.bp.blogspot.com/-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png
200 OK 1.2 kB URL GET HTTP/3 4.bp.blogspot.com/-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 30 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash e41bc01fc66820dc1901d37cb5df3b3d
c361c23886a387ca32db187a0ef84940b9100328
39960302b1ec5b58a87c5a50830875969d9adb66619ceca7af2843c668161f48
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="home (1).png"
x-content-type-options: nosniff
server: fife
content-length: 1211
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:35 GMT
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1a07"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash cd47bb1bf3ada0c11eb9693a57c91a9f
b345577d47bc654a64ba2a922a616b03f120da8c
e9aaeb4348e939bd52fb296ae3cec28a4bef0c66e95e9cfc5e7231c31b7c91f1
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 21:39:35 GMT
expires: Sat, 23 Sep 2023 21:39:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17777649197953724862
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
200 OK 57 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 23 Sep 2023 21:39:35 GMT
content-type: font/woff2
content-length: 56780
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 09/15/2023 23:19:11
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 405a6bc31e4dc7df5c1e771741d7c8ea
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80b5f0f55ccc568d-OSL
alt-svc: h3=":443"; ma=86400
themes.googleusercontent.com/static/fonts/earlyaccess/droidarabickufi/v3/DroidKufi-Bold.woff
200 OK 41 kB URL GET HTTP/2 themes.googleusercontent.com/static/fonts/earlyaccess/droidarabickufi/v3/DroidKufi-Bold.woff
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type Web Open Font Format, TrueType, length 41156, version 1.1\012- data
Hash 1040258be731ef7842224457a9294231
08fc4efcfa4e6e1e8237ca93f39a644024b0e380
0fc3239ae79ac25b20bcac09b36d8019b05c0fd00595349a9d7a64b29a39ce50
GET /static/fonts/earlyaccess/droidarabickufi/v3/DroidKufi-Bold.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 41156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 21:26:08 GMT
expires: Fri, 20 Sep 2024 21:26:08 GMT
cache-control: public, max-age=31536000
age: 173607
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
themes.googleusercontent.com/static/fonts/earlyaccess/droidarabickufi/v3/DroidKufi-Regular.woff
200 OK 41 kB URL GET HTTP/2 themes.googleusercontent.com/static/fonts/earlyaccess/droidarabickufi/v3/DroidKufi-Regular.woff
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type Web Open Font Format, TrueType, length 40868, version 1.1\012- data
Hash e22da300d90905754b7a097046d629bb
8cdb9326f2f7f0476921e95bb9701c5c51973a34
5c18083240ae7692ad1ceb4e567f164c44beb49f71b2f9634befef5c047aa60c
GET /static/fonts/earlyaccess/droidarabickufi/v3/DroidKufi-Regular.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
timing-allow-origin: *
content-length: 40868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 05:44:38 GMT
expires: Sun, 22 Sep 2024 05:44:38 GMT
cache-control: public, max-age=31536000
age: 57297
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.7oys_F1j_Ks.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq1hgtdi168tW40ImsstAJbL5yjCA/m=el_main
200 OK 78 kB URL GET HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.7oys_F1j_Ks.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq1hgtdi168tW40ImsstAJbL5yjCA/m=el_main
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (1660)
Hash d6a5cd989485c06a7ecf8500cb064345
af916a6f31c3f695444cdeaf47449ff9b02c1809
07e4580c8a2e3079fe0704dcbe0163aac0c4be58208a370aaf61c968215be2cf
GET /_/translate_http/_/js/k=translate_http.tr.no.7oys_F1j_Ks.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq1hgtdi168tW40ImsstAJbL5yjCA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 78269
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 19:14:48 GMT
expires: Fri, 20 Sep 2024 19:14:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 01:12:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 181487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
200 OK 4.0 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (20367), with no line terminators
Hash 72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 18:36:14 GMT
expires: Fri, 20 Sep 2024 18:36:14 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 183802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=1733899009165304966&zx=ce7787c1-d880-4b68-ba0d-094add918722
200 OK 21 B URL GET HTTP/3 www.blogger.com/dyn-css/authorization.css?targetBlogID=1733899009165304966&zx=ce7787c1-d880-4b68-ba0d-094add918722
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=1733899009165304966&zx=ce7787c1-d880-4b68-ba0d-094add918722 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 21:39:36 GMT
last-modified: Sat, 23 Sep 2023 21:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
informatiqueth4.blogspot.com/feeds/posts/summary/-/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8?alt=json-in-script&callback=pageNavi&max-results=99999
200 OK 6.5 kB URL GET HTTP/3 informatiqueth4.blogspot.com/feeds/posts/summary/-/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8?alt=json-in-script&callback=pageNavi&max-results=99999
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type Unicode text, UTF-8 text, with very long lines (29277)
Hash fa1c3596e795568c6bfa55f2ddfbea5b
98cc731b705fcd2eccbed1ecea291e94c224538e
ef32ba5e0c6dce9067f703e9259277c20b1e91da26c010cc45b05313f8ba589c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /feeds/posts/summary/-/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8?alt=json-in-script&callback=pageNavi&max-results=99999 HTTP/1.1
Host: informatiqueth4.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"a1cdd131c7e3856f6daaaa48d5f3b5e81b60d2f92fb857374259384060c4e763"
date: Sat, 23 Sep 2023 21:39:36 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 23 Sep 2023 21:39:37 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 00:55:31 GMT
content-encoding: gzip
content-length: 6542
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 7.9 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/show_ads.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3722)
Hash 5c8dda64c0eef22fb0a5319c5064e191
abf4ca3680ec56c88916f01fbe656b91ca3db0ff
d9573d3ec90843ae2c8613d97fd0d8cb2b969ad1f9e861195d3c5e600d4ddccd
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 21:39:36 GMT
expires: Sat, 23 Sep 2023 21:39:36 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5425370753496452382
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/subscribe_widget?p=theinformatiqueyou
410 Gone 0 B URL GET HTTP/3 www.youtube.com/subscribe_widget?p=theinformatiqueyou
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /subscribe_widget?p=theinformatiqueyou HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 410 Gone
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 23 Sep 2023 21:39:36 GMT
date: Sat, 23 Sep 2023 21:39:36 GMT
cache-control: private, max-age=86400
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
server: ESF
content-length: 0
x-xss-protection: 0
set-cookie: YSC=0LDgcnop5X0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ZRrTehrBcz4; Domain=.youtube.com; Expires=Thu, 21-Mar-2024 21:39:36 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIA; Domain=.youtube.com; Expires=Thu, 21-Mar-2024 21:39:36 GMT; Path=/; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 7.9 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/show_ads.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3722)
Hash 758f717844089ad0e00861c1bffa91e2
30bbc3e468fc5d4f3bddb5ec6cd8d5682a0fb76f
c8b286d2f97a9757af7ad97737e305e7db3692700af8f70a583f940c8d4386f6
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 21:39:36 GMT
expires: Sat, 23 Sep 2023 21:39:36 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14594813648416676332
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2.bp.blogspot.com/-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png
200 OK 727 B URL GET HTTP/3 2.bp.blogspot.com/-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 0566fd58559a796a665a8a9f87b69591
14878358b0b13f38cd8ba4e279a2e731a55e3c7b
2c879d9752b3d7c4990fead74006bc48a210cc6181b2b0082020221d383e4b87
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="link-overlay.png"
x-content-type-options: nosniff
server: fife
content-length: 727
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:15:02 GMT
expires: Sun, 24 Sep 2023 21:15:02 GMT
cache-control: public, max-age=86400, no-transform
age: 1474
etag: "v19fb"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/www-player.css
200 OK 49 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/www-player.css
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash ee113c2fd024ac56f71eaecd779226c4
a6c0f0f28ee8924ffdaccb46516c88093459376f
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
GET /s/player/9cbb6b90/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48765
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 07:28:24 GMT
expires: Tue, 17 Sep 2024 07:28:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 483072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/embed.js
200 OK 17 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3391)
Hash 0634fe0bbd81dee2f78ea73905699a32
60f070925b24a488529e44998702b761940bfc12
0e0790121ab615b8a885f11bf9b05c0c9f961bc0c5ba748e18d0ac1168ee6583
GET /s/player/9cbb6b90/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17138
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 19:47:35 GMT
expires: Sun, 22 Sep 2024 19:47:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 6721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js
200 OK 96 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (682)
Hash 116a5fe46325d930c09e12813c4179bb
5dddd872b57e06b4e5f2406a4259c3bece6d46c9
ba96780d2ab1b1efe09f18d20459cbc7d0aeda172548a23ea7dc1274aad29c98
GET /s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 96160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 14:40:19 GMT
expires: Sat, 21 Sep 2024 14:40:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 111557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lh3.googleusercontent.com/-QPogFZS_z-g/UtfMvEJAUlI/AAAAAAAAAKI/CdJERxGfxmM/w102-h41-no/it9an1.png
200 OK 1.9 kB URL GET HTTP/3 lh3.googleusercontent.com/-QPogFZS_z-g/UtfMvEJAUlI/AAAAAAAAAKI/CdJERxGfxmM/w102-h41-no/it9an1.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 102 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 21fa6410950dab84cfd576a61f7f2d28
4995209bf037f93235432520ea068982dec10334
ddbeaf14226591204aba8939dee6ba9c0d51317dd3490286d6a94a9f3bb378fd
GET /-QPogFZS_z-g/UtfMvEJAUlI/AAAAAAAAAKI/CdJERxGfxmM/w102-h41-no/it9an1.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="it9an1.png"
x-content-type-options: nosniff
server: fife
content-length: 1930
x-xss-protection: 0
date: Sat, 23 Sep 2023 20:19:13 GMT
expires: Sun, 24 Sep 2023 20:19:13 GMT
cache-control: public, max-age=86400, no-transform
age: 4824
etag: "va2"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/embed/g71HVyqMyg4
200 OK 836 kB URL GET HTTP/3 www.youtube.com/embed/g71HVyqMyg4
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58254)
Size 836 kB (835774 bytes)
Hash 8f1d76b4455131f80ec38b457c92e5a7
8ded679f69589cf532e5cdd468f94c12443b50ff
9600255e93d45a690739a0db42083699384b6415bebe7abdab167024e95fdfab
GET /embed/g71HVyqMyg4 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 21:39:36 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'nonce-0ZHI8qaiF9uECOnJmHc_oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=DeguQNTFyIo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=dBkFy-oCKt0; Domain=.youtube.com; Expires=Thu, 21-Mar-2024 21:39:36 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIA; Domain=.youtube.com; Expires=Thu, 21-Mar-2024 21:39:36 GMT; Path=/; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+723; expires=Mon, 22-Sep-2025 21:39:36 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lh6.googleusercontent.com/-agvrl5tEOh4/UlsA6hY1wSI/AAAAAAAAAcg/L0gb0-LTKaE/w45-h41-no/it9an2.png
200 OK 2.3 kB URL GET HTTP/3 lh6.googleusercontent.com/-agvrl5tEOh4/UlsA6hY1wSI/AAAAAAAAAcg/L0gb0-LTKaE/w45-h41-no/it9an2.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 45 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash b9e4c831906e99a0fdfb66cec300ef47
7385807399c57fef77c8ac43a26219112c18a0f5
7ed2e92ea849e41bfe32f898d36eaa55fa4d4bc0d6b933d937f802a5ba457a49
GET /-agvrl5tEOh4/UlsA6hY1wSI/AAAAAAAAAcg/L0gb0-LTKaE/w45-h41-no/it9an2.png HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="it9an2.png"
x-content-type-options: nosniff
server: fife
content-length: 2283
x-xss-protection: 0
date: Sat, 23 Sep 2023 20:19:14 GMT
expires: Sun, 24 Sep 2023 20:19:14 GMT
cache-control: public, max-age=86400, no-transform
age: 4823
etag: "v1c8"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lh5.googleusercontent.com/-OUQnr2pFVGw/UVduZ_K-DpI/AAAAAAAAAjg/ak9auHwEado/h120/top_arrow.png
200 OK 491 B URL GET HTTP/3 lh5.googleusercontent.com/-OUQnr2pFVGw/UVduZ_K-DpI/AAAAAAAAAjg/ak9auHwEado/h120/top_arrow.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 616b343a5ef5997eca57256fa84c61e0
9f653650d1ef4bcf0a3ed1791ccf3bb1c8cd3a62
c9c4ac33d883b7b8c4c7283bff522f887caecf08f937d905916197bbff0ecc64
GET /-OUQnr2pFVGw/UVduZ_K-DpI/AAAAAAAAAjg/ak9auHwEado/h120/top_arrow.png HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="top_arrow.png"
x-content-type-options: nosniff
server: fife
content-length: 491
x-xss-protection: 0
date: Sat, 23 Sep 2023 20:19:13 GMT
expires: Sun, 24 Sep 2023 20:19:13 GMT
cache-control: public, max-age=86400, no-transform
age: 4824
etag: "v251"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 05:45:56 GMT
expires: Wed, 18 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 402821
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:24:26 GMT
expires: Fri, 20 Sep 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 195311
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4382567890622076&plah=informatiqueth4.blogspot.com&bust=31077998
200 OK 131 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4382567890622076&plah=informatiqueth4.blogspot.com&bust=31077998
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (2079)
Size 131 kB (131076 bytes)
Hash d7f3650bc9dfd581d3b706e898aa8948
81d687591d5aa74c69189afb8a271d4eee50b176
5619d9aa32a1851a7b7abb91594d7de75e9c29b3c873336fbd9d3f322c6b2ff9
GET /pagead/managed/js/adsense/m202309180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4382567890622076&plah=informatiqueth4.blogspot.com&bust=31077998 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 21:39:37 GMT
expires: Sat, 23 Sep 2023 21:39:37 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 10893662049566947291
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 131076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3.bp.blogspot.com/-OiJxYAbVKR8/U8P3iggE52I/AAAAAAAAAGo/VeTqsObshQs/s150/normal_lassdoss.jpg
200 OK 17 kB URL GET HTTP/3 3.bp.blogspot.com/-OiJxYAbVKR8/U8P3iggE52I/AAAAAAAAAGo/VeTqsObshQs/s150/normal_lassdoss.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 146x150, components 3\012- data
Hash cdffcddaa3de3b8296e85642283a61d6
eb9de4e0d1457bd5e24d47f3ec7420ee07eb4189
21d58f03adb1515310a63856276edc343ec7ab110ba0f30cb9f875a244eca2a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-OiJxYAbVKR8/U8P3iggE52I/AAAAAAAAAGo/VeTqsObshQs/s150/normal_lassdoss.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6b"
expires: Sun, 24 Sep 2023 21:39:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="normal_lassdoss.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:37 GMT
server: fife
content-length: 16551
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
informatiqueth4.blogspot.com/feeds/posts/default/-/%D8%A7%D9%84%D8%AD%D9%85%D8%A7%D9%8A%D8%A9?alt=json-in-script&max-results=9&callback=jQuery20308268949222744664_1695505175019&_=1695505175020
200 OK 8.3 kB URL GET HTTP/3 informatiqueth4.blogspot.com/feeds/posts/default/-/%D8%A7%D9%84%D8%AD%D9%85%D8%A7%D9%8A%D8%A9?alt=json-in-script&max-results=9&callback=jQuery20308268949222744664_1695505175019&_=1695505175020
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type Unicode text, UTF-8 text, with very long lines (57699)
Hash ceb6e950700d5ba398e0c143e9cc8b29
53a4fa02fcb448146d8be5382dab0e61c79238aa
6c8fffeed44ff5d98836ee028f84435855ea9a23a5b9bc6b63aad2abc98b7223
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /feeds/posts/default/-/%D8%A7%D9%84%D8%AD%D9%85%D8%A7%D9%8A%D8%A9?alt=json-in-script&max-results=9&callback=jQuery20308268949222744664_1695505175019&_=1695505175020 HTTP/1.1
Host: informatiqueth4.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"1cb8bb7b7ecba029182347f3b3e7eb4608400093823526996094d014a126c9ed"
date: Sat, 23 Sep 2023 21:39:37 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 23 Sep 2023 21:39:38 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 00:55:31 GMT
content-encoding: gzip
content-length: 8342
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-0mSAjk4DYng/U_285gBQnPI/AAAAAAAAA2A/zWfMgiRbySE/s150/PIC-643-1350403346.jpg
200 OK 12 kB URL GET HTTP/3 1.bp.blogspot.com/-0mSAjk4DYng/U_285gBQnPI/AAAAAAAAA2A/zWfMgiRbySE/s150/PIC-643-1350403346.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 106x150, components 3\012- data
Hash fdac9d9a8c198bc6b432ca9fb8dba86a
84cbe2a26fcce8c67ca904bc8902faee26393ce3
15e5c5b0d0c8f2bb7cd31cc58a5057ff9520cbf5ad542e2c6e34543aeb4b5eb4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-0mSAjk4DYng/U_285gBQnPI/AAAAAAAAA2A/zWfMgiRbySE/s150/PIC-643-1350403346.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v361"
expires: Sun, 24 Sep 2023 21:39:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PIC-643-1350403346.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:37 GMT
server: fife
content-length: 12336
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-t_ZhOrb6KWo/VBR6b8PaFtI/AAAAAAAABCY/m-UcSITJf-s/s150/deamon.png
200 OK 25 kB URL GET HTTP/3 1.bp.blogspot.com/-t_ZhOrb6KWo/VBR6b8PaFtI/AAAAAAAABCY/m-UcSITJf-s/s150/deamon.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 150 x 115, 8-bit/color RGBA, non-interlaced\012- data
Hash 77d850241d01331fee61b4dc1d3911fb
34120592310de611eeadd04e199f308adaab170a
9654e7127977c01da574986f2c0d4238018d85a268ff18760c265d253e520333
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-t_ZhOrb6KWo/VBR6b8PaFtI/AAAAAAAABCY/m-UcSITJf-s/s150/deamon.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v427"
expires: Sun, 24 Sep 2023 21:39:37 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="deamon.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:37 GMT
server: fife
content-length: 24857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
200 OK 3.3 kB URL GET HTTP/3 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Hash 2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 16:41:37 GMT
expires: Thu, 19 Sep 2024 16:41:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 277080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
200 OK 910 B URL GET HTTP/3 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 18:59:20 GMT
expires: Thu, 19 Sep 2024 18:59:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
age: 268817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/images/branding/product/2x/translate_24dp.png
200 OK 1.8 kB URL GET HTTP/3 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 14:17:19 GMT
expires: Tue, 17 Sep 2024 14:17:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 458538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/ping?e=1
204 No Content 0 B URL POST HTTP/3 pagead2.googlesyndication.com/pagead/ping?e=1
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pagead/ping?e=1 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://informatiqueth4.blogspot.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 225
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 21:39:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash d5e402e3131f78cf91f4e949805f84b0
916218d5ed57b959e8c975cce1772b99b89f51bb
8a7d154e062586e5af0d0ce8ced6aaeaae10e8d3be3656def732fa12976f6ffb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=informatiqueth4.blogspot.com&callback=_gfp_s_&client=ca-pub-4382567890622076
200 OK 252 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=informatiqueth4.blogspot.com&callback=_gfp_s_&client=ca-pub-4382567890622076
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
FingerprintEB:BF:81:86:29:44:29:54:16:A0:12:6C:6C:7F:D1:8D:ED:9E:97:1A
ValidityMon, 04 Sep 2023 08:21:47 GMT - Mon, 27 Nov 2023 08:21:46 GMT
File type ASCII text, with very long lines (391), with no line terminators
Hash 62bd1438c4f131ac786fa12927c098f0
1703bb5e078bc1a7056119326902fdd25a274c55
df8682a472514c8fbab0f74dc3bdabd99b781379b2fad85b3f4ffa30058d0abd
GET /gampad/cookie.js?domain=informatiqueth4.blogspot.com&callback=_gfp_s_&client=ca-pub-4382567890622076 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 23 Sep 2023 21:39:37 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
1.4 kB URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
Hash a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 23 Sep 2023 21:39:37 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=jJg8iHuat_l4peyq8T-MJMoLiGwYsvtJgKmY0jhOyOwvPCsTpFJWJWHeiNQ5adftHR_66tXUFLsyB-alxCmtGD0wJpPbG4gonxaMPfqINlWYQoKSlRUKwDKJlsGQVaEoPcvrq4-zbJqWh_K8qPJHDsFrt3ke5-CVCPqrBuADVpA; expires=Sun, 24-Mar-2024 21:39:37 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+870; expires=Mon, 22-Sep-2025 21:39:37 GMT; path=/; domain=.googleapis.com; Secure
expires: Sat, 23 Sep 2023 21:39:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash d5e402e3131f78cf91f4e949805f84b0
916218d5ed57b959e8c975cce1772b99b89f51bb
8a7d154e062586e5af0d0ce8ced6aaeaae10e8d3be3656def732fa12976f6ffb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
informatiqueth4.blogspot.com/favicon.ico
200 OK 687 B URL GET HTTP/3 informatiqueth4.blogspot.com/favicon.ico
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1d5a10d63f2eafca65596b19ab5ecb30
6863dda33143bbdad23f534f20bf88605467ad45
b05622683762291e0aee23c5dbca2534cc71573197e6de320be7cb3005e67c8e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: informatiqueth4.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 23 Sep 2023 21:39:37 GMT
date: Sat, 23 Sep 2023 21:39:37 GMT
cache-control: private, max-age=86400
last-modified: Sun, 13 Aug 2023 00:55:31 GMT
etag: W/"61389a6e01c15cd23e155eeab212cf4543fb1f65ea9197e390fb0275ce86a107"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 687
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.google.com/gen204?sl=ar&nca=te_ap&client=te&logld=vTE_20230920
204 No Content 0 B URL GET HTTP/3 translate.google.com/gen204?sl=ar&nca=te_ap&client=te&logld=vTE_20230920
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=ar&nca=te_ap&client=te&logld=vTE_20230920 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 21:39:37 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-mmZ3UeRMwWMrXPfu6WA0Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=15.SE=E0FvchKQuAFTe5QQjJ5yxjWmsjT8P0_UqZv2xtaZmGP5lncSYkLrq0spmSZsy__vathaJCwBfaeG5UMRJqZ83VL63wOADnw167kcpHqa-u9nZVvezrTwPxBn7hllrNJJZRoSARfi9IAApwMWyOvvlIlUkcF6lMDGx8sSsuaUesA; expires=Wed, 23-Oct-2024 13:57:55 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 21:39:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-2mFEHRbAT5A/U__Ku-ZSyfI/AAAAAAAAA3o/6rFLOxg6Dzs/s1600/1371851306211.gif
200 OK 172 kB URL GET HTTP/2 1.bp.blogspot.com/-2mFEHRbAT5A/U__Ku-ZSyfI/AAAAAAAAA3o/6rFLOxg6Dzs/s1600/1371851306211.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 87a, 1600 x 684\012- data
Size 172 kB (171651 bytes)
Hash 933751798f704769b4e103eb50c10d1b
95ea71ad3e931c688914c5bb5efc09bb7a18a034
45094f635bc9cdbcd72ce15e46ff8afa972a6dbb2c25d50187d6d5b76d5556eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-2mFEHRbAT5A/U__Ku-ZSyfI/AAAAAAAAA3o/6rFLOxg6Dzs/s1600/1371851306211.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1371851306211.gif"
x-content-type-options: nosniff
server: fife
content-length: 171651
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v37a"
content-type: image/gif
vary: Origin
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
4.bp.blogspot.com/-XQAhdYRi_Tw/U_k3e0O6NxI/AAAAAAAAAys/LMIgmkHs1go/s1600/638680956.gif
200 OK 24 kB URL GET HTTP/3 4.bp.blogspot.com/-XQAhdYRi_Tw/U_k3e0O6NxI/AAAAAAAAAys/LMIgmkHs1go/s1600/638680956.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 125 x 70\012- data
Hash 913ae6e1470045086c454b4ee5d795b2
5c48969e2b207f83af02ab555f009d0faf6c882f
cf557330925ad655197e4ca67e3c28832e309a394b0ec9423f8228b4bcdca41a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-XQAhdYRi_Tw/U_k3e0O6NxI/AAAAAAAAAys/LMIgmkHs1go/s1600/638680956.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="638680956.gif"
x-content-type-options: nosniff
server: fife
content-length: 24442
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v32b"
content-type: image/gif
vary: Origin
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3.bp.blogspot.com/-cja0zZVaqWs/U_k3hbkc6HI/AAAAAAAAAy8/ZJ1GosukmEE/s1600/Sans%2Bdcopie.png
200 OK 19 kB URL GET HTTP/2 3.bp.blogspot.com/-cja0zZVaqWs/U_k3hbkc6HI/AAAAAAAAAy8/ZJ1GosukmEE/s1600/Sans%2Bdcopie.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 93, 8-bit/color RGB, non-interlaced\012- data
Hash 811ef3560511b84fe1119bae99b5a452
cfa60f5b0613b63a4facc7dd2c376a3031d9d653
b670675c13279de25ac8b3b47beb9feafa2bfa86fb0659a56c92b51b3aa246d3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-cja0zZVaqWs/U_k3hbkc6HI/AAAAAAAAAy8/ZJ1GosukmEE/s1600/Sans%2Bdcopie.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Sans dcopie.png"
x-content-type-options: nosniff
server: fife
content-length: 18577
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v32f"
content-type: image/png
vary: Origin
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-2o0oXA5niXc/U_k3it7VuSI/AAAAAAAAAzI/o8Nv2m2-FQo/s1600/Sans%2Btits1%2Bcopie.png
200 OK 20 kB URL GET HTTP/3 1.bp.blogspot.com/-2o0oXA5niXc/U_k3it7VuSI/AAAAAAAAAzI/o8Nv2m2-FQo/s1600/Sans%2Btits1%2Bcopie.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 93, 8-bit/color RGB, non-interlaced\012- data
Hash 38f6fa064b7f3081f957706641c37ae1
be237027a1994a603b67936ee4ac2adc8cecc9a6
66e3c9b0fa27e5d4d4a32cd366c3f6eeabc1ec35818a6105b5d90dacb8b566e7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-2o0oXA5niXc/U_k3it7VuSI/AAAAAAAAAzI/o8Nv2m2-FQo/s1600/Sans%2Btits1%2Bcopie.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Sans tits1 copie.png"
x-content-type-options: nosniff
server: fife
content-length: 20536
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v332"
content-type: image/png
vary: Origin
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-45hu-mEX5iY/U_4aGutm5PI/AAAAAAAAA2Y/oekq-ioEOyM/s1600/8vm25190%2Bc%C3%B3pia.png
200 OK 23 kB URL GET HTTP/3 1.bp.blogspot.com/-45hu-mEX5iY/U_4aGutm5PI/AAAAAAAAA2Y/oekq-ioEOyM/s1600/8vm25190%2Bc%C3%B3pia.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 209 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash dbea4df854ccf58f48cb0a8757e020a7
25b3e3a454512e59c0955e4fb404117e92d17242
288e07afffa98dd62f37af751f17783e595bd496a6bf57c8d8a00154864a41c6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-45hu-mEX5iY/U_4aGutm5PI/AAAAAAAAA2Y/oekq-ioEOyM/s1600/8vm25190%2Bc%C3%B3pia.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="8vm25190 c_pia.png";filename*=UTF-8''8vm25190%20c%C3%B3pia.png
x-content-type-options: nosniff
server: fife
content-length: 23168
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v366"
content-type: image/png
vary: Origin
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-P4aCo4KBJGo/U_k3g5KPWHI/AAAAAAAAAy0/JMwflaVMdKo/s1600/1345686098795.gif
200 OK 190 kB URL GET HTTP/3 1.bp.blogspot.com/-P4aCo4KBJGo/U_k3g5KPWHI/AAAAAAAAAy0/JMwflaVMdKo/s1600/1345686098795.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 489 x 97\012- data
Size 190 kB (189737 bytes)
Hash eb527123eff77a6ad7c9cf1f7578e188
2b4546ed8aa55f467cfc7fcad27deaa11728ec6e
b6fdaed5fc23d5734f262a905b3c6270ded0a9f8f12284133e9030d7966ba356
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-P4aCo4KBJGo/U_k3g5KPWHI/AAAAAAAAAy0/JMwflaVMdKo/s1600/1345686098795.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1345686098795.gif"
x-content-type-options: nosniff
server: fife
content-length: 189737
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v32d"
content-type: image/gif
vary: Origin
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-Vntv57wfhuc/U_k3ih_zl5I/AAAAAAAAAzM/Ba8ndE9yKyM/s1600/20130228095502X.gif
200 OK 272 kB URL GET HTTP/2 1.bp.blogspot.com/-Vntv57wfhuc/U_k3ih_zl5I/AAAAAAAAAzM/Ba8ndE9yKyM/s1600/20130228095502X.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 240 x 180\012- data
Size 272 kB (271981 bytes)
Hash be69078664f698312fc5bab17321d9c6
f0271c7b6060d75e05fa07c077550c5906f93d65
c1db47c24637fbf1acd3feb1bd0af2146b9e854f191c11ccd4051d6f0021896a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Vntv57wfhuc/U_k3ih_zl5I/AAAAAAAAAzM/Ba8ndE9yKyM/s1600/20130228095502X.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20130228095502X.gif"
x-content-type-options: nosniff
server: fife
content-length: 271981
x-xss-protection: 0
date: Sat, 23 Sep 2023 21:39:34 GMT
expires: Sun, 24 Sep 2023 21:39:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v333"
content-type: image/gif
vary: Origin
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-O1FM9N63Gnk/V2hHFqzpMJI/AAAAAAAAAFg/UItcOhrsJBw6snutfBgJ_I6Qyzox8GrdwCLcB/s640/image-20150622-17729-yeu95y.jpg
200 OK 34 kB URL GET HTTP/3 1.bp.blogspot.com/-O1FM9N63Gnk/V2hHFqzpMJI/AAAAAAAAAFg/UItcOhrsJBw6snutfBgJ_I6Qyzox8GrdwCLcB/s640/image-20150622-17729-yeu95y.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x315, components 3\012- data
Hash 7da2ec42c5fb32056166fb68230c970a
6103b642816b838c7924442eb831d48e4d599a03
a44dd9777c297bda0646826e00d38dc1d8b00c42e70390274ff13f4c29c08232
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-O1FM9N63Gnk/V2hHFqzpMJI/AAAAAAAAAFg/UItcOhrsJBw6snutfBgJ_I6Qyzox8GrdwCLcB/s640/image-20150622-17729-yeu95y.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image-20150622-17729-yeu95y.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 34404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/api/stats/qoe?cpn=A2-i_FXoBwjaEC1B&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153839%2C17%2C6210%2C47460%2C23070%2C60171%2C5668%2C18898%2C19570%2C5817%2C9841%2C1090%2C5949%2C322%2C3200%2C26436294%2C171%2C136%2C3211%2C536%2C1253%2C677%2C612%2C243%2C9414&cl=566147822&seq=1&event=streamingstats&docid=g71HVyqMyg4&qclc=ChBBMi1pX0ZYb0J3amFFQzFCEAE&embargoed=0&cbr=Firefox&cbrver=111.0&c=WEB_EMBEDDED_PLAYER&cver=1.20230917.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0&vis=0.001:0&bh=0.001:0.000
204 No Content 0 B URL POST HTTP/3 www.youtube.com/api/stats/qoe?cpn=A2-i_FXoBwjaEC1B&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153839%2C17%2C6210%2C47460%2C23070%2C60171%2C5668%2C18898%2C19570%2C5817%2C9841%2C1090%2C5949%2C322%2C3200%2C26436294%2C171%2C136%2C3211%2C536%2C1253%2C677%2C612%2C243%2C9414&cl=566147822&seq=1&event=streamingstats&docid=g71HVyqMyg4&qclc=ChBBMi1pX0ZYb0J3amFFQzFCEAE&embargoed=0&cbr=Firefox&cbrver=111.0&c=WEB_EMBEDDED_PLAYER&cver=1.20230917.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0&vis=0.001:0&bh=0.001:0.000
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?cpn=A2-i_FXoBwjaEC1B&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153839%2C17%2C6210%2C47460%2C23070%2C60171%2C5668%2C18898%2C19570%2C5817%2C9841%2C1090%2C5949%2C322%2C3200%2C26436294%2C171%2C136%2C3211%2C536%2C1253%2C677%2C612%2C243%2C9414&cl=566147822&seq=1&event=streamingstats&docid=g71HVyqMyg4&qclc=ChBBMi1pX0ZYb0J3amFFQzFCEAE&embargoed=0&cbr=Firefox&cbrver=111.0&c=WEB_EMBEDDED_PLAYER&cver=1.20230917.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtkQmtGeS1vQ0t0MCiYtr2oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695505178007&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C300&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Sat, 23 Sep 2023 21:39:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
4.bp.blogspot.com/-T_EJBoOJL7w/V2sFBFuzbnI/AAAAAAAAAFw/OfSCiVnWJ7o9OanidcZ5qpgghtvnZp61QCLcB/s400/Android-hacked.jpg
200 OK 24 kB URL GET HTTP/3 4.bp.blogspot.com/-T_EJBoOJL7w/V2sFBFuzbnI/AAAAAAAAAFw/OfSCiVnWJ7o9OanidcZ5qpgghtvnZp61QCLcB/s400/Android-hacked.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x307, components 3\012- data
Hash ee37e56fc1e52e80cee9f08f7ee8ceb3
f57966df0d5fcb00c93dcf52b28cd57e2db8f911
51fe276f92469ac986dbe13ab174f6cf10e3fc26211232e734f3f79e0968c3f7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-T_EJBoOJL7w/V2sFBFuzbnI/AAAAAAAAAFw/OfSCiVnWJ7o9OanidcZ5qpgghtvnZp61QCLcB/s400/Android-hacked.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5e"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Android-hacked.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 23618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
4.bp.blogspot.com/-nQO6vraI-qo/V2xLEaCXAjI/AAAAAAAAAGA/ZNsJ6i_oUMwvIFRVkvaQ15KOq7IIsE9xwCLcB/s640/FB-hacked.jpg
200 OK 23 kB URL GET HTTP/3 4.bp.blogspot.com/-nQO6vraI-qo/V2xLEaCXAjI/AAAAAAAAAGA/ZNsJ6i_oUMwvIFRVkvaQ15KOq7IIsE9xwCLcB/s640/FB-hacked.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 440x247, components 3\012- data
Hash 96e99e0d49e12469243bd74b65f32080
ba8a1633a6c54c06217d0e6b27c4cc505efeacca
b27a7dcaf6d2edd80995352b1cf06368ed2bdf4d9af70442dd9fc89f53b324cb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-nQO6vraI-qo/V2xLEaCXAjI/AAAAAAAAAGA/ZNsJ6i_oUMwvIFRVkvaQ15KOq7IIsE9xwCLcB/s640/FB-hacked.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v62"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB-hacked.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 22963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2.bp.blogspot.com/-tKLvgWOquyM/V2YG-mNh5SI/AAAAAAAAAFQ/RRIFRPj75YUqBoa1pqYAhkMRL5WmyrqZQCLcB/s640/ip-address.jpg
200 OK 36 kB URL GET HTTP/3 2.bp.blogspot.com/-tKLvgWOquyM/V2YG-mNh5SI/AAAAAAAAAFQ/RRIFRPj75YUqBoa1pqYAhkMRL5WmyrqZQCLcB/s640/ip-address.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x349, components 3\012- data
Hash ace1e68993e26b0b500fc89363d85b45
739910285a95a023c16abb6336fa3f739c0bf982
5b5d1f5468475df170f31fab60c27a1a028c6e652c8247fcdfcde2f5d81f951e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-tKLvgWOquyM/V2YG-mNh5SI/AAAAAAAAAFQ/RRIFRPj75YUqBoa1pqYAhkMRL5WmyrqZQCLcB/s640/ip-address.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v56"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ip-address.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 36495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2.bp.blogspot.com/-VPQ3mPisIT4/V29HGCl5ZBI/AAAAAAAAAGw/3NiQotrKoIclIZG4dqXK3vrE9gVUK1AdwCLcB/s640/monique-pornstarslick-muffia-pic-12.jpg
200 OK 19 kB URL GET HTTP/3 2.bp.blogspot.com/-VPQ3mPisIT4/V29HGCl5ZBI/AAAAAAAAAGw/3NiQotrKoIclIZG4dqXK3vrE9gVUK1AdwCLcB/s640/monique-pornstarslick-muffia-pic-12.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x250, components 3\012- data
Hash 1358a11a4c61a4faf1a4efc5f708cf50
cd41c6ba845a07d87a12ea734178ab342ecb1736
d63b5477349c9da98e745bb4f08ca65b25a462f4761145888b5c33431916b6ca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-VPQ3mPisIT4/V29HGCl5ZBI/AAAAAAAAAGw/3NiQotrKoIclIZG4dqXK3vrE9gVUK1AdwCLcB/s640/monique-pornstarslick-muffia-pic-12.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6e"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="monique-pornstarslick-muffia-pic-12.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 19157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-TNuJtvP8tVo/U_uNyYfj7YI/AAAAAAAAA08/lfUtMOX6L-s/s1600/%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A.gif
200 OK 238 kB URL GET HTTP/3 1.bp.blogspot.com/-TNuJtvP8tVo/U_uNyYfj7YI/AAAAAAAAA08/lfUtMOX6L-s/s1600/%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A.gif
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type GIF image data, version 89a, 250 x 81\012- data
Size 238 kB (237686 bytes)
Hash 614315794015fb40fde3ba001db4de42
309eda00d6ad2217758d62ad33121b6d55076df3
c4bd226ce5af70ea8920e2a8a5e5749681e0ca5f171d085a7b5b2f2f19e1d4cc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-TNuJtvP8tVo/U_uNyYfj7YI/AAAAAAAAA08/lfUtMOX6L-s/s1600/%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v34f"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="_________________________________________________.gif";filename*=UTF-8''%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A%D9%8A.gif
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 237686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2.bp.blogspot.com/-GZFaVrILGSE/V3B5_AGHtqI/AAAAAAAAAHQ/LUrpROb11isQs9LEvx9s9oRU9Wou_qShACLcB/s640/logo.png
200 OK 59 kB URL GET HTTP/3 2.bp.blogspot.com/-GZFaVrILGSE/V3B5_AGHtqI/AAAAAAAAAHQ/LUrpROb11isQs9LEvx9s9oRU9Wou_qShACLcB/s640/logo.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 640 x 341, 8-bit/color RGBA, non-interlaced\012- data
Hash 006f8b8bedb808d1d3f2755804f766e5
23990b5c1355020665aea8531ae434583168aa87
f227fa3361866697fa91242125300d5879ec15cd5a11dfb5b7b8efb63a789939
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-GZFaVrILGSE/V3B5_AGHtqI/AAAAAAAAAHQ/LUrpROb11isQs9LEvx9s9oRU9Wou_qShACLcB/s640/logo.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v76"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 59239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-uYg2dk30OL0/V201HgyQS5I/AAAAAAAAAGQ/HANroxzv1KsbwBXf1w1HMBF5TooyEA7gQCLcB/s640/kali.png
200 OK 86 kB URL GET HTTP/3 1.bp.blogspot.com/-uYg2dk30OL0/V201HgyQS5I/AAAAAAAAAGQ/HANroxzv1KsbwBXf1w1HMBF5TooyEA7gQCLcB/s640/kali.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 640 x 360, 8-bit/color RGB, non-interlaced\012- data
Hash 38279869c176ddab7c1849a1cf918a98
047627bc56e67426fbf19042c264c854ae2ca860
b45d1eb84ef779aa5553cbe6b1a0023cdaef5103d8a7b07216e865706d60796c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-uYg2dk30OL0/V201HgyQS5I/AAAAAAAAAGQ/HANroxzv1KsbwBXf1w1HMBF5TooyEA7gQCLcB/s640/kali.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v66"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kali.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 86464
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
3.bp.blogspot.com/-stXUMzoYn0o/V2S2kJKpUBI/AAAAAAAAADw/MG7OZxpE50c4kgWBDIBBQ1E5gP9QHHSOgCLcB/s400/unnamed.png
200 OK 155 kB URL GET HTTP/3 3.bp.blogspot.com/-stXUMzoYn0o/V2S2kJKpUBI/AAAAAAAAADw/MG7OZxpE50c4kgWBDIBBQ1E5gP9QHHSOgCLcB/s400/unnamed.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 155 kB (154608 bytes)
Hash e13328f3172cc87b7c24778c6a88558d
8174fa546e48143fcbddf8e8278d9f20ed7f0f3d
baa347b3bb4ff42355ea52c7ef4a8bcf1ed41451b2994f5f0ba847d6c6ee9636
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-stXUMzoYn0o/V2S2kJKpUBI/AAAAAAAAADw/MG7OZxpE50c4kgWBDIBBQ1E5gP9QHHSOgCLcB/s400/unnamed.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3e"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 154608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 23 Sep 2023 21:39:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-x5GzjpJviXM/U_k9QOdkcFI/AAAAAAAAAzc/lz4_5LWvQKI/s1600/db79ca1839754b8e0a48a80cc462418c.png
200 OK 22 kB URL GET HTTP/3 3.bp.blogspot.com/-x5GzjpJviXM/U_k9QOdkcFI/AAAAAAAAAzc/lz4_5LWvQKI/s1600/db79ca1839754b8e0a48a80cc462418c.png
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 320 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash be07c71a431613879b1dfaa4d28de245
bf83373be9a3b615b0ba086e434aeadf54980d88
145b67ab15a8195dab5fca4f28571a3759e3e3f2cc4dccf40bdeb46f39c91b02
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-x5GzjpJviXM/U_k9QOdkcFI/AAAAAAAAAzc/lz4_5LWvQKI/s1600/db79ca1839754b8e0a48a80cc462418c.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v337"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="db79ca1839754b8e0a48a80cc462418c.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 22039
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 32 kB URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ca3190768d25519116125d63b8809583
a1b2dee7b583bc03631694b230bd3065767e55cf
3c1bb9519b4cdefd5bd14bda31499c0f63449363798b2d8251576b0507e33e9d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 23 Sep 2023 21:39:38 GMT
server: ESF
cache-control: private
content-length: 32334
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-p7vIHykI6dU/VLuPVTsVocI/AAAAAAAAABU/fawB3eOzzLk/s1600/1897961_642895425831745_3286957777815254306_n.jpg
200 OK 96 kB URL GET HTTP/3 1.bp.blogspot.com/-p7vIHykI6dU/VLuPVTsVocI/AAAAAAAAABU/fawB3eOzzLk/s1600/1897961_642895425831745_3286957777815254306_n.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 960x546, components 3\012- data
Hash ab1a61fe238e9a4810018555cf34706b
108a4eafa03333ac8bfc4b6da45c0a3e7caecce4
b7a177e808648db342cb3c1f4a6935a7804038cfa584a41c9526f35deba54df3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-p7vIHykI6dU/VLuPVTsVocI/AAAAAAAAABU/fawB3eOzzLk/s1600/1897961_642895425831745_3286957777815254306_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v16"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1897961_642895425831745_3286957777815254306_n.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 96291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-p7vIHykI6dU/VLuPVTsVocI/AAAAAAAAABU/fawB3eOzzLk/s600/1897961_642895425831745_3286957777815254306_n.jpg
200 OK 88 kB URL GET HTTP/3 1.bp.blogspot.com/-p7vIHykI6dU/VLuPVTsVocI/AAAAAAAAABU/fawB3eOzzLk/s600/1897961_642895425831745_3286957777815254306_n.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 600x341, components 3\012- data
Hash a16e6f2e722b8aee582b17b1e039c0fd
6be763a6cac6fe14fe2a713cd4968061043326ab
edebe08da5cbc9d9a500a38c5a4563d6523a130cd211cf535d24ac37ee76a005
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-p7vIHykI6dU/VLuPVTsVocI/AAAAAAAAABU/fawB3eOzzLk/s600/1897961_642895425831745_3286957777815254306_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v16"
expires: Sun, 24 Sep 2023 21:39:38 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1897961_642895425831745_3286957777815254306_n.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:38 GMT
server: fife
content-length: 87611
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
200 OK 12 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type JSON data\012- , ASCII text, with very long lines (15850), with no line terminators
Hash a02695fdfae0c7dc9d6c450328a999b2
a7213f24955f49da82b2c4d02203339e9a72d9ba
09e2de5257b44945b4bf7670a27a37f4df48855fa532195040a9ad6a09412db8
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 23 Sep 2023 21:39:38 GMT
server: cafe
content-length: 11962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL OPTIONS HTTP/3 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 23 Sep 2023 21:39:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL OPTIONS HTTP/3 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751f415811f09ffac4284dead2ed015
02e93df5b387bc61220a097fa65560d842c890a9
14d3e69ce695d19a8314c0a7d726705af0e3c247d8f39cb75a3a21c5faec8f9c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1038
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 23 Sep 2023 21:39:38 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash 4175833418b34d5bd53f0e221ea411d1
d239762a94f14da2b9800e4e8be7941eb1981979
06e578aba9d814b07af9e5b3714493c4df8a8efc801d06630bd3f5b2ea35e634
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
Fingerprint51:2A:C5:84:C9:49:F8:BA:3F:D9:82:0E:BA:01:C7:D5:36:C2:BA:64
ValidityMon, 04 Sep 2023 08:22:41 GMT - Mon, 27 Nov 2023 08:22:40 GMT
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 23 Sep 2023 21:39:38 GMT
expires: Sat, 23 Sep 2023 21:39:38 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash 1d3d22df067f5219073f9c0fabb74fdd
d5c226022639323d93946df3571404116041e588
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 10:32:29 GMT
expires: Sun, 22 Sep 2024 10:32:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 40029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash c17d1900febb134482f5f3fdc9fd4b69
18d8f12fa6991f23477832a6c6a356fadd6e8508
19d15be13fbb8add8926f12e5c810a16851ee487bb211efa193d1ea199ecf0ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 21:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
15 kB URL pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (37385)
Hash a325f5c00749f9340329610f4d80371b
41126a232c6859b49eab99a0a269fcb56a3f01ef
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
GET /bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 10:32:34 GMT
expires: Sun, 22 Sep 2024 10:32:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 40025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2474400414093920&rc=
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2474400414093920&rc=
IP
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2474400414093920&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tpc.googlesyndication.com/generate_204?cecgKg
0 B URL tpc.googlesyndication.com/generate_204?cecgKg
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
Fingerprint51:2A:C5:84:C9:49:F8:BA:3F:D9:82:0E:BA:01:C7:D5:36:C2:BA:64
ValidityMon, 04 Sep 2023 08:22:41 GMT - Mon, 27 Nov 2023 08:22:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?cecgKg HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 21:39:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2474400414093920&bg=!2dql2pXNAAYrDsWMCw47ADQBe5WfOH5w31T3ltV9vFDyy7BJCLZpRwxndSENyC10TOzhYPzA7CihNu0bltxR0bbAglymAgAAARpSAAAAHGgBBwoAd5yOG6SsLWuNsAkAtMczqr97E36w5onviBt0W-4dQnpJjMiNJiV7-BmnDabX-5DVv02BKLdu-WjH3yFUx3AqnXt6zC84hHkjKNY1s_KKb8w9nNzOmJt-grFf95bnL2-8E_09ZjLn9lpO2_H74p9bPZX2Sye1LCyjmQKItKO7odxidc8uxMdvkvcXiqk7zngzVtl7KXv_lZ00AILRBF-L6k7q_ajEUCZU6UcW8R2nQXwk02GC6KckxYstY0kqoSwPGjnaY1r0Ww2i0PHxpAORknxQw6nV3Xner122KRd32mbDAYHhS50qE80MtxouR9pRxCB5dFhvWBJIZRKQJ2Pg014AcUpjs_bBrozQFkeN4QIRLlJ0b6g8fuv3hptyzmhcdKFcim1ClV9byMATmhoOUXwcm8oocnBTLESB-qvTGa5SSbho9se_0pRZaHfiswdYjhNJZRV4bOC-RPiqLEnY7aC8ULTXCY5JMMK_VurSF5PXIWifWY5PMm_oJFVQOKXmhxdDuSDjAuF1hEj9-G27nVe1ymRjh3n1mi_5wWGwBYp_IT4p8JKhql04utTgybiOlj6389t-oxbn8kaOz2jE8LBx5rYcNzXTZCabKN0-a2kmLSdjqOLElbxcF-XH9i2igCRS-YE71x5yIaFo1hwDwIvkWxmYwVsTNUaL_w5QZUjbuuaIcSHPrKF7EBFdtxuWLnWuhuswmmsy0SXIa5aXoV8SwFNeyrqHiFVORhzu7fawylUTTx5bUSaX2qSwOdagQ4EmzO-bZbKH7XaO2e6tA7VeN6OsJLRsFh2Uz5I_ezOm0ei1SDuvXhMnVANXjYulncNcyVj3aziv_xyZ8jiFIC92IOAiNMJNH9WcYSOaz_73mzuKxeg5pweaqgk6ClrizMWW8jogxNojshB1bJIsR1JYrkKvURGe8I3OlgN7McnO88JjAKmU-P48_n8wBhH8cYpDQOj5RtOWEV9kQWFT19JHpRu9HqynK48KUKgOkbp60QRnuSGG0W7cs0E6xQ8q78En
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2474400414093920&bg=!2dql2pXNAAYrDsWMCw47ADQBe5WfOH5w31T3ltV9vFDyy7BJCLZpRwxndSENyC10TOzhYPzA7CihNu0bltxR0bbAglymAgAAARpSAAAAHGgBBwoAd5yOG6SsLWuNsAkAtMczqr97E36w5onviBt0W-4dQnpJjMiNJiV7-BmnDabX-5DVv02BKLdu-WjH3yFUx3AqnXt6zC84hHkjKNY1s_KKb8w9nNzOmJt-grFf95bnL2-8E_09ZjLn9lpO2_H74p9bPZX2Sye1LCyjmQKItKO7odxidc8uxMdvkvcXiqk7zngzVtl7KXv_lZ00AILRBF-L6k7q_ajEUCZU6UcW8R2nQXwk02GC6KckxYstY0kqoSwPGjnaY1r0Ww2i0PHxpAORknxQw6nV3Xner122KRd32mbDAYHhS50qE80MtxouR9pRxCB5dFhvWBJIZRKQJ2Pg014AcUpjs_bBrozQFkeN4QIRLlJ0b6g8fuv3hptyzmhcdKFcim1ClV9byMATmhoOUXwcm8oocnBTLESB-qvTGa5SSbho9se_0pRZaHfiswdYjhNJZRV4bOC-RPiqLEnY7aC8ULTXCY5JMMK_VurSF5PXIWifWY5PMm_oJFVQOKXmhxdDuSDjAuF1hEj9-G27nVe1ymRjh3n1mi_5wWGwBYp_IT4p8JKhql04utTgybiOlj6389t-oxbn8kaOz2jE8LBx5rYcNzXTZCabKN0-a2kmLSdjqOLElbxcF-XH9i2igCRS-YE71x5yIaFo1hwDwIvkWxmYwVsTNUaL_w5QZUjbuuaIcSHPrKF7EBFdtxuWLnWuhuswmmsy0SXIa5aXoV8SwFNeyrqHiFVORhzu7fawylUTTx5bUSaX2qSwOdagQ4EmzO-bZbKH7XaO2e6tA7VeN6OsJLRsFh2Uz5I_ezOm0ei1SDuvXhMnVANXjYulncNcyVj3aziv_xyZ8jiFIC92IOAiNMJNH9WcYSOaz_73mzuKxeg5pweaqgk6ClrizMWW8jogxNojshB1bJIsR1JYrkKvURGe8I3OlgN7McnO88JjAKmU-P48_n8wBhH8cYpDQOj5RtOWEV9kQWFT19JHpRu9HqynK48KUKgOkbp60QRnuSGG0W7cs0E6xQ8q78En
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2474400414093920&bg=!2dql2pXNAAYrDsWMCw47ADQBe5WfOH5w31T3ltV9vFDyy7BJCLZpRwxndSENyC10TOzhYPzA7CihNu0bltxR0bbAglymAgAAARpSAAAAHGgBBwoAd5yOG6SsLWuNsAkAtMczqr97E36w5onviBt0W-4dQnpJjMiNJiV7-BmnDabX-5DVv02BKLdu-WjH3yFUx3AqnXt6zC84hHkjKNY1s_KKb8w9nNzOmJt-grFf95bnL2-8E_09ZjLn9lpO2_H74p9bPZX2Sye1LCyjmQKItKO7odxidc8uxMdvkvcXiqk7zngzVtl7KXv_lZ00AILRBF-L6k7q_ajEUCZU6UcW8R2nQXwk02GC6KckxYstY0kqoSwPGjnaY1r0Ww2i0PHxpAORknxQw6nV3Xner122KRd32mbDAYHhS50qE80MtxouR9pRxCB5dFhvWBJIZRKQJ2Pg014AcUpjs_bBrozQFkeN4QIRLlJ0b6g8fuv3hptyzmhcdKFcim1ClV9byMATmhoOUXwcm8oocnBTLESB-qvTGa5SSbho9se_0pRZaHfiswdYjhNJZRV4bOC-RPiqLEnY7aC8ULTXCY5JMMK_VurSF5PXIWifWY5PMm_oJFVQOKXmhxdDuSDjAuF1hEj9-G27nVe1ymRjh3n1mi_5wWGwBYp_IT4p8JKhql04utTgybiOlj6389t-oxbn8kaOz2jE8LBx5rYcNzXTZCabKN0-a2kmLSdjqOLElbxcF-XH9i2igCRS-YE71x5yIaFo1hwDwIvkWxmYwVsTNUaL_w5QZUjbuuaIcSHPrKF7EBFdtxuWLnWuhuswmmsy0SXIa5aXoV8SwFNeyrqHiFVORhzu7fawylUTTx5bUSaX2qSwOdagQ4EmzO-bZbKH7XaO2e6tA7VeN6OsJLRsFh2Uz5I_ezOm0ei1SDuvXhMnVANXjYulncNcyVj3aziv_xyZ8jiFIC92IOAiNMJNH9WcYSOaz_73mzuKxeg5pweaqgk6ClrizMWW8jogxNojshB1bJIsR1JYrkKvURGe8I3OlgN7McnO88JjAKmU-P48_n8wBhH8cYpDQOj5RtOWEV9kQWFT19JHpRu9HqynK48KUKgOkbp60QRnuSGG0W7cs0E6xQ8q78En HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695505180522
Content-Type: application/json
X-Goog-Visitor-Id: CgtkQmtGeS1vQ0t0MCiYtr2oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695505177409&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C300&vis=1&wgl=true&ca_type=image
Content-Length: 14811
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 23 Sep 2023 21:39:40 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+735; expires=Mon, 22-Sep-2025 21:39:40 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 21:39:40 GMT
cache-control: private
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL POST HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: https://informatiqueth4.blogspot.com/
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://informatiqueth4.blogspot.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Sat, 23 Sep 2023 21:39:47 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+842; expires=Mon, 22-Sep-2025 21:39:47 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 21:39:47 GMT
cache-control: private
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL POST HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 322
Origin: https://informatiqueth4.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://informatiqueth4.blogspot.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 23 Sep 2023 21:39:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+504; expires=Mon, 22-Sep-2025 21:39:47 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 21:39:47 GMT
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695505195457
Content-Type: application/json
X-Goog-Visitor-Id: CgtkQmtGeS1vQ0t0MCiYtr2oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695505177409&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C300&vis=1&wgl=true&ca_type=image
Content-Length: 744
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 23 Sep 2023 21:39:55 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+492; expires=Mon, 22-Sep-2025 21:39:55 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 21:39:55 GMT
cache-control: private
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 87 kB URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2450)
Hash 431a7c59a70dbb2dfade4bf2b40ad237
cd4d0bd855247e04e18c3f3785dd53051688cc18
6c364c566dcc03adae5f4da00cdca03fcf89db59b7a6f02501371d30b211c410
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 21:39:34 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+808; expires=Mon, 22-Sep-2025 21:39:34 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
200 OK 829 B URL GET HTTP/2 www.google.com/recaptcha/api2/aframe
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (853), with no line terminators
Hash 726a6aa6084331fca01f6feacadc2b9f
449f51521fd987904b8ef22753692818ca9ca7dd
515f7af84fe787df88391e4b7c71f75dc4500a6c09d6290306cf876afe1c39eb
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Sep 2023 21:39:39 GMT
date: Sat, 23 Sep 2023 21:39:39 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-wRp_DKRb7sZG0zPwAnGc5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/base.js
200 OK 2.6 MB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/g71HVyqMyg4
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Size 2.6 MB (2562277 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/player/9cbb6b90/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/g71HVyqMyg4
Cookie: YSC=DeguQNTFyIo; VISITOR_INFO1_LIVE=dBkFy-oCKt0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 800489
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 07:39:35 GMT
expires: Tue, 17 Sep 2024 07:39:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 482401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-FLw-FEA83L4/VAxu3VDLOPI/AAAAAAAABAQ/rJK3nV-voZE/s1600/5.jpg
200 OK 53 kB URL GET HTTP/2 1.bp.blogspot.com/-FLw-FEA83L4/VAxu3VDLOPI/AAAAAAAABAQ/rJK3nV-voZE/s1600/5.jpg
IP
Requested by https://informatiqueth4.blogspot.com/search/label/%D8%A3%D9%84%D8%B9%D8%A7%D8%A8
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 696x524, components 3\012- data
Hash 67bc936a212169b947e51592618e92f6
457922b4e2e8dfa92ce69840315e0bab7ed8bedc
f425fbf35bf522989ea0f6e1677a2925694f8171db6ec5e545e9662fd66d3c91
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-FLw-FEA83L4/VAxu3VDLOPI/AAAAAAAABAQ/rJK3nV-voZE/s1600/5.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://informatiqueth4.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v405"
expires: Sun, 24 Sep 2023 21:39:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 21:39:35 GMT
server: fife
content-length: 53160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
172.217.21.161
104.18.10.207
0.0.0.0