urlquery - report: findthebestfreebies.blogspot.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	34.102.187.140
apis.google.com (1)	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381	21958	142.250.74.174
r3.o.lencr.org (6)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2028	5316	23.36.77.32
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
ocsp.pki.goog (9)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3087	6299	142.250.74.35
fonts.gstatic.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	491	24529	216.58.207.195
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	44.242.41.15
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3245	59107	34.120.237.76
ocsp.digicert.com (3)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1023	2165	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
www.blogger.com (1)	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426	1227	142.250.74.105
www.cpagrip.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439	56871	172.67.74.93
findthebestfreebies.blogspot.com (3)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1021	5478	142.250.74.161
ajax.googleapis.com (1)	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407	34945	142.250.74.170
gripverify.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395	12130	104.21.68.17
fonts.googleapis.com (1)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401	746	142.250.74.10

Scan Date	Severity	Indicator	Comment
2022-11-29	medium	findthebestfreebies.blogspot.com/	Phishing
2022-11-29	medium	findthebestfreebies.blogspot.com/js/cookienotice.js	Phishing
2022-11-29	medium	gripverify.com/script_include.php?id=1260002	Phishing

Date	UQ / IDS / BL	URL	IP
2023-05-31 06:40:53 UTC	0 - 0 - 0	tpc.googlesyndication.com/sodar/sodar2/225/ru (...)	142.250.74.161
2023-05-28 16:28:53 UTC	0 - 0 - 1	142.250.74.161	142.250.74.161
2023-05-26 11:28:22 UTC	3 - 3 - 1	il6cyc6vjpc6qny5yeynjht5mhk7calpynuvah23xamkk (...)	142.250.74.161
2023-05-25 12:38:59 UTC	8 - 3 - 1	q2n4m2pfpcysgrphorefh2x7rsrzda-ipfs-dweb-link (...)	142.250.74.161
2023-05-23 15:08:20 UTC	0 - 0 - 12	googleweblight.com/i?u=https://gateway.ipfs.i (...)	142.250.74.161

Date	UQ / IDS / BL	URL	IP
2023-06-02 01:56:48 UTC	3 - 0 - 0	sclgfnt.com.au/wam/new/sf_rand_string_lowerca (...)	35.213.184.175
2023-06-02 01:52:04 UTC	0 - 0 - 12	hangovertest1.blogspot.com/	172.217.21.161
2023-06-02 01:50:50 UTC	4 - 0 - 0	sclgfnt.com.au/wam/new/sf_rand_string_lowerca (...)	35.213.184.175
2023-06-02 01:37:14 UTC	0 - 31 - 0	simplifiedsolutions.biz/cgi-bin/update/check/ (...)	34.149.120.3
2023-06-02 01:30:09 UTC	0 - 0 - 10	facebooksecuritys.blogspot.co.ke/	142.250.74.1

Date	UQ / IDS / BL	URL	IP
2022-11-29 04:09:05 UTC	0 - 0 - 3	findthebestfreebies.blogspot.com/	142.250.74.161

JavaScript

Executed Scripts (19)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 24609) - SHA256: e25aadc03bf12f00c9c8fbb334feab904fbf08ff17c6f05c33367d2ad6aeda77

< script type = "text/javascript"
async = "true"
src = "https://gripverify.com/common/preload.php?a=1&t=1669694935&lkt=4&dat=6d6b716c716e414141416c6a7141696a6e686c6b69416b6c69416c6e416e6b6a6b6b69416f6f68411f41412632322e72676724272c2232262320233132243023232027233166202a2d25312e2d3266212d2b67416a6868" > < /script><script type="text/javascript
" src="
https: //ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
    < script type = "text/javascript"
src = "https://gripverify.com/common/general_functions.js" > < /script> < script language = "JavaScript" >
    if (typeof jQuery !== 'undefined' && typeof jQuery.browser === 'undefined') {
        jQuery.browser = {};
        (function() {
            jQuery.browser.msie = false;
            jQuery.browser.version = 0;
            if (navigator.userAgent.match(/MSIE ([0-9]+)\./)) {
                jQuery.browser.msie = true;
                jQuery.browser.version = RegExp.$1;
            }
        })();
    }
if (typeof jQuery !== 'undefined' && typeof jQuery.live === 'undefined') {
    jQuery.fn.extend({
        live: function(event, callback) {
            if (this.selector) {
                jQuery(document).on(event, this.selector, callback);
            }
            return this;
        }
    });
} < /script> < script language = "JavaScript" >
    var lck = true;
var js;
var html_doc = document.getElementsByTagName('head')[0];
var ref = document.referrer;



function call3() {
    js = document.createElement('script');
    js.setAttribute('type', 'text/javascript');
    js.setAttribute('src', "https://gripverify.com/common/js/jquery.tipsy.js");
    html_doc.appendChild(js);
    js.setAttribute("onload", "call5()");
    js.onreadystatechange = function() {
        if (js.readyState == 'loaded' || js.readyState == 'complete') {
            call5();
        }
    }
}

var helpshown = false;
var process_click = false;
var do_refire = false;
var dblchk = false;
var jquery_loaded = false;
var has_been_init;
var has_been_closed = false;

function call5() {
    jquery_loaded = true;
    jQuery.ajaxSetup({
        cache: false
    });
    call_locker();
}

var extra1;

function call_locker() {
    extra1 = arguments[0];
    if (has_been_closed == true) {
        return;
    }
    jQuery(document).ready(function() {



        if (inline_html_init == false) {
            if (typeof preload_data !== "undefined") {
                update_inline_html(preload_data);
            }
        }


        jQuery('.img_over_link').tipsy({
            offset: -3,
            gravity: 'w',
            fade: false,
            html: true,
            opacity: 0.95
        });
        jQuery('.tip_over_link').tipsy({
            offset: -3,
            gravity: 'e',
            fade: false,
            html: true,
            opacity: 0.95
        });
    });
}

call3();

function credit_user() {
    alert('You have been credited for completing an offer.');
    clearTimeout(timed_function);
}

var timed_function;
var offer;

function grip_wall_forceclose() {
    has_been_closed = true;
    jQuery(document).unbind("contextmenu");
    jQuery("#grip_wall").remove();
    clearTimeout(timed_function);
}

function Start_Ajax(offer_id) {
    offer = offer_id;
    clearTimeout(timed_function);
    jQuery('#offerlst').hide();
    jQuery('#offerwait').show();
    timed_function = setTimeout("check_lead();", 20000);
}

function Back_Ajax() {
    jQuery('#offerwait').hide();
    jQuery('#offerlst').fadeIn('slow');
}

var m_ext = '';
var c_ext = '';
var t_val = '0';
var t_ext = '&t=' + t_val;
var l_val = false;

function check_lead() {
    t_ext = '&t=' + t_val;
    jQuery.ajax({
        type: "POST",
        crossDomain: true,
        data: "a=2&a_t=0&lkt=4&lid=1260002&lid2=grip_wall&p=631990" + m_ext + c_ext + t_ext,
        url: "https://gripverify.com/common/ajax_check_wall.php",
        success: function(msg) {
            eval(msg);
        }
    });
}

var dataCache = {};
var dref = 0;
var last_dref_id = null;
var lid2 = "grip_wall";

function update_inline_data() {

    var ts = Math.floor(Date.now() / 1000);
    var script = document.createElement("script");
    script.type = 'text/javascript';
    script.async = true;
    script.id = 'preld' + (++dref);

    script.src = "https:\/\/gripverify.com\/common\/preload.php?a=1&t=" + ts + '&r=' + (dref) + (l_val ? '&l_val=1' : '') + '&lkt=4&dat=' + encoded;

    var script_tags = document.getElementsByTagName("script");
    if (script_tags.length != 0) {
        var s = document.getElementsByTagName("script")[0];
        s.parentNode.insertBefore(script, s);
    } else {
        var head_tags = document.getElementsByTagName("head");
        if (head_tags.length != 0) {
            var h = document.getElementsByTagName("head")[0];
            h.parentNode.insertBefore(script, h);
        } else {
            var html_tags = document.getElementsByTagName("html");
            if (html_tags.length != 0) {
                var h = document.getElementsByTagName("html")[0];
                h.appendChild(script);
            }
        }
    }

    if (last_dref_id !== null) {
        jQuery("#" + last_dref_id).remove();
    }
    last_dref_id = script.id;
    safe_for_reload = true;
}

function completion_notice(msg) {
    alert(msg);
}

var deferInlineUpdate = false;
var deferredData = null;

var inline_html_init = false;

var noa_fcn = null;
var pca_fcn = null;
var cmp_fcn = null;

function update_inline_html(data) {
    if (has_been_closed) {
        return;
    }
    if (typeof data === 'undefined') {
        data = preload_data;
    }

    if (typeof jQuery === "undefined") {
        deferInlineUpdate = true;
        deferredData = data;
        return;
    }

    var mainDiv = jQuery("#offerlst");

    var tableTop = '<table width="100%" cellpadding="2" cellspacing="0">';
    var has_items = false;
    if (typeof data.items !== "undefined" && typeof data.items.length !== "undefined" && data.items.length > 0) {
        has_items = true;
    }
    if (typeof data.t_val !== "undefined") {
        t_val = data.t_val;
    }

    if (typeof data.partial_js !== 'undefined') {

        pca_fcn = function() {
            try {
                eval(data.partial_js);
            } catch (e) {
                console.log(e);
            }
        };

    } else if (typeof data.partial_message !== 'undefined') {
        pca_fcn = function() {
            try {
                completion_notice(data.partial_message);
            } catch (e) {
                console.log(e);
            }
        };
    }

    if (typeof data.complete_url !== 'undefined') {
        cmp_fcn = function() {
            try {
                if (top.location.href != data.complete_url) {
                    top.location.href = data.complete_url;
                } else {
                    if (safe_for_reload = true) {
                        top.location.href = data.complete_url;
                    }
                }
            } catch (e) {
                console.log(e);
            }
        };
    } else if (typeof data.complete_js !== 'undefined') {

        cmp_fcn = function() {
            try {
                eval(data.complete_js);
            } catch (e) {
                console.log(e);
            }
        };
    } else if (typeof data.complete_reload !== 'undefined') {
        cmp_fcn = function() {
            grip_wall_completed();
            try {
                if (safe_for_reload == true) {
                    top.location.href = top.location.href;
                }
            } catch (e) {
                console.log(e);
            }
        };
    } else if (typeof data.complete_message !== 'undefined') {
        cmp_fcn = function() {
            try {
                alert(data.complete_message);
            } catch (e) {
                console.log(e);
            }
        };
    }
    var rows = [];
    if (has_items) {
        for (var i = 0; i < data.items.length; i++) {

            if (i >= 999) {
                break;
            }


            var item = data.items[i];
            var target_url = item.url;

            if (tracking_id != '') {
                target_url += '&tracking_id=' + tracking_id;
            }

            var row = '<tr class="offer_sep_holder">' +
                '<td colspan="3" align="center">' +
                '	<hr class="offer_sep">' +
                '</td></tr>';
            row += '<tr valign="top">';
            row += '<td class="grip_img_holder" align="center">';

            if (item.main_photo != undefined && item.main_photo != '') {
                row += '<a onclick="Start_Ajax(\'' + item.id + '\');" target="' + item.target + '" href="' + target_url + '">';
                row += '<img class="img_over_link grip_img" title="<div style=\'margin-top:5px;\'><img src=\'https://www.cpagrip.com/admin/media/offers/' + item.main_photo + '\'>" src="https://www.cpagrip.com/admin/media/offers/' + item.main_photo + '"></a>';

            }
            row += '</td>';

            row += '<td>';
            row += '<div class="grip_title">' +
                '	<a class="link_a" onclick="Start_Ajax(\'' + item.id + '\');" target="' + item.target + '" href="' + target_url + '">' + item.name + '</a>' +
                '</div>' +
                '<div class="grip_desc">' + item.desc + '</div>' +
                '</td>';



            row += '<td class="point_main" width="150">' +
                '<a onclick="Start_Ajax(' + item.id + ');" target="' + item.target + '" href="' + target_url + '" style="text-decoration:none;">' +
                '<div class="point_holder">' + item.points +
                '&nbsp;<span class="point_name_holder">Winners</span>' +
                '</div>' +
                '<div style="padding:3px;">' +
                '	<div title="Performance: &nbsp;' + item.percent + '%" class="tip_over_link contentProgress">' +
                '		<div class="barG" style="width:' + item.percent + '%;"></div>' +
                '	</div>' +
                '</div>' +
                '</a>' +
                '</td>';
            row += '</tr>';
            rows.push(row);
        }
        jQuery('#offerlst').html(tableTop + rows.join('') + '</table>');
        jQuery(document).ready(function() {
            //	jQuery('.img_over_link').tipsy({offset: -3,gravity: 'w',fade: false,html: true,opacity: 0.95});
            //	jQuery('.tip_over_link').tipsy({offset: -3,gravity: 'e',fade: false,html: true,opacity: 0.95});
        });
    } else {
        if (typeof data.no_offers_message !== 'undefined') {
            var row = '<p class="link_a" style="margin: 2px; text-align: center;">' + data.no_offers_message + '<br></p>';
            rows.push(row);
            jQuery('#offerlst').html(tableTop + rows.join('') + '</table>');
        }
    }
    if (typeof data.no_offers_url !== 'undefined') {

        if (typeof data.complete === 'undefined' || data.complete != true) {

            noa_fcn = function() {
                top.location.href = data.no_offers_url;
            };

        }
    } else if (typeof data.no_offers_js !== 'undefined') {

        noa_fcn = function() {
            try {
                eval(data.no_offers_js);
            } catch (e) {
                console.log(e);
            }
        };


    }

    jQuery('#offerwait').hide();
    jQuery('#offerload').hide();
    jQuery('#offerlst').show();

    inline_html_init = true;







    if (noa_fcn !== null) {
        noa_fcn();
    }
    if (pca_fcn !== null) {
        pca_fcn();
    }
    if (cmp_fcn !== null) {
        cmp_fcn();
    }
    if (typeof data.complete !== 'undefined' && data.complete) {
        grip_wall_forceclose();
    }



} < /script> < link href = 'https://fonts.googleapis.com/css?family=Lato'
rel = 'stylesheet'
type = 'text/css' >
    < style type = "text/css" >

    .nNote p {
        color: #565656;
		font-size: 11px;
		margin: 0;
		padding: 10px 25px 10px 54px;
	}
	.p{
		margin:0px;
	}
	# grip_wall {
            font - family: 'Lato', sans - serif;
            line - height: 1; - webkit - touch - callout: none; - webkit - user - select: none; - khtml - user - select: none; - moz - user - select: none; - ms - user - select: none;
            user - select: none;


        }
        # txtheader {
            text - align: center;
            padding: 5 px;
            color: black;
            cursor: default;
        }
        # smallTitle {
            text - align: center;
            padding: 5 px;
        }

        # offerlst {
            padding: 2 px 5 px 0 5 px;
            min - height: 80 px;
            font - size: 16 px;
        }
        # offerwait {
            display: none;
            color: black;
            padding: 50 px 0 100 px;
            font - size: 15 px;
            text - align: center;
        }
        .point_holder {
            text - align: center;
            font - weight: bold;
            padding: 5 px;
            color: white;
            background - color: #37447A;
		border-radius:5px;
		border:1px solid # 8695 D1;
        }

        .grip_title {
            color: black;
            padding: 1 px;
        }
        .grip_desc {
            padding: 1 px 0 0 3 px;
            color: black;
        }
        .link_a,
        .link_a: link {
                border - radius: 5 px;
                padding: 1 px;
                color: blue;
                font - weight: normal;
                text - decoration: none; - moz - transition: color 0.2 s ease - out 0 s; - moz - transition: border 0.2 s ease - out 0 s;
            }
            .link_a: hover {
                color: green!important;
                background - color: white;
            }

            .contentProgress {
                border - radius: 6 px 6 px 6 px 6 px;
                background: none repeat scroll 0 0 # DEDEDE;
                border: 1 px solid # CACACA;
                height: 6 px;
            }
            .barG {
                border - radius: 6 px 6 px 6 px 6 px;
                background: url("https://gripverify.com/assets/images/greenMediumBar.png") repeat - x scroll 0 0 transparent;
                border: 1 px solid # A1B965;
                height: 6 px;
                margin: -1 px 0 0 - 1 px;
                width: 0;
            }
            .offer_sep {
                border: 0;
                height: 1 px;
                color: # B9B9B9;
                background - color: # B9B9B9;
            }
            .grip_img_holder {
                width: 100 px;
            }
            .grip_img {
                border: 0;
                max - height: 75 px;
                max - width: 100 px;
                border - radius: 5 px;
            }

            .tipsy {
                padding: 4 px;font - size: 13 px;position: absolute;z - index: 100000;
                font - family: 'Lato',
                sans - serif;
                line - height: 1.5;
            }
            .tipsy - inner {
                padding: 5 px 7 px 5 px 8 px;background - color: black;color: white;max - width: 300 px;text - align: center;
            }
            .tipsy - inner {
                border - radius: 3 px; - moz - border - radius: 3 px; - webkit - border - radius: 3 px;
            }
            .tipsy - arrow {
                position: absolute;background: url('https://gripverify.com/common/tipsy.gif') no - repeat top left;width: 9 px;height: 5 px;
            }
            .tipsy - w {
                margin - left: 5 px;
            }
            .tipsy - w.tipsy - arrow {
                top: 50 % ;margin - top: -4 px;left: 0;width: 5 px;height: 9 px;
            }




            < /style>


            < div id = "grip_wall"
        style = "text-align:left;" >
        < div id = "txtheader" > < div style = "font-family: Arial, Helvetica, sans-serif; text-align: center;" > < span style = "color: rgb(255, 0, 0); font-size: 20px; font-weight: 700;" > < � & nbsp; < /span><span style="font-size: 20px; font-weight: bold; color: rgb(255, 0, 0);">Congratulations&nbsp;</span > < span style = "color: rgb(255, 0, 0); font-size: 20px; font-weight: 700;" > < � < /span></div > < div style = "text-align: center;" > < font face = "Arial, Helvetica, sans-serif" > < span style = "font-size: 20px;" > < b > You 've Got a Chance to WIN unclaimed Prizes&nbsp;</b></span></font><b style="color: rgb(255, 0, 0); font-family: Arial, Helvetica, sans-serif; font-size: 20px;"><�</b></div><div style="text-align: center;"><span style="font-family: Arial, Helvetica, sans-serif; font-size: 20px; font-weight: 700;">Sign up for our Giveaway Below</span><font face="Arial, Helvetica, sans-serif"><span style="font-size: 20px;"><b>=G</b></span></font><span style="font-family: Arial, Helvetica, sans-serif; font-size: 20px; font-weight: 700;">&nbsp;to WIN Prizes</span><font color="#ff0000" face="Arial, Helvetica, sans-serif" style="font-family: Arial, Helvetica, sans-serif;"><span style="font-size: 20px;"><b><�</b></span></font></div></div> < div id = "smallTitle" > After completing the registration,
        this Prize will be displayed and unlocked. < /div>

        < div id = "offerlst"
        style = "display: none;" >
        < /div> < div id = "offerwait"
        style = "display: none;" >
        < p style = "margin: 2px; " >
        < span onclick = "Back_Ajax();"
        style = "cursor:pointer;" >
        < img style = "vertical-align: middle;"
        src = "https://gripverify.com/common/back.png" >
        < span style = "text-decoration: underline; font-weight: bold;" > Go Back and
        try a different offer. < /span> < /span><br/ >
        < img style = "vertical-align: middle;"
        src = "https://gripverify.com/common/loader.gif" > Waiting
        for offer completion.. < /p> < /div> < div id = "offerload"
        style = "font-size: 15px; text-align: center;" >
        < p class = "txt_goback"
        style = "margin: 2px; " >
        < span class = "txt_wait" > < img style = "vertical-align: middle;"
        src = "https://gripverify.com/assets/images/spinner.gif" > Loading... < /span> < /p> < /div>

        < /div>

        < script type = "text/javascript" >

        var exit_ready = false;

        function load_slidepage() {
            if (exit_ready == false) {
                exit_ready = true;
                jQuery('#the_box').html('');
                jQuery('#the_box').animate({
                    height: '0px'
                }, 500, function() {
                    jQuery('#main_div').hide();
                    jQuery('#main_back').hide();

                });
            }
        }

        setTimeout('informUpdate()', 1000);

        function informUpdate() {
            if (jquery_loaded) {

                var inlineboxmessage = 'Click Stay on this Page';
                var inlineboxpage = 'https://gripverify.com/welcome/?pub=631990';

                jQuery(document).ready(function() {

                    function addLoadEvent(func) {
                        var oldonload = window.onload;
                        if (typeof window.onload != 'function') {
                            window.onload = func;
                        } else {
                            window.onload = function() {
                                if (oldonload) {
                                    oldonload();
                                }
                                func();
                            }
                        }
                    }

                    function addClickEvent(a, i, func) {
                        if (typeof a[i].onclick != 'function') {
                            a[i].onclick = func;
                        }
                    }


                    var the_html = '<div id="main_div" style="display:block; width:100%; height:100%; position:absolute; z-index:2;">';
                    if (jQuery.browser.mozilla) {
                        the_html += '<table height="100%"><tr valign="middle"><td style="vertical-align:middle;"><div id="the_box" style="background-color:white; height: 125px; margin-top:-105px; width:610px; border:1px solid white; border-radius:5px; -webkit-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);-moz-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75); box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);"><div style="text-align:center; padding:50px; font-weight:bold; font-size:18px; color:lightgrey;">Loading...</div><div style="position:absolute;"><div style="position:relative;left:330px; top:10px;"><div style="width: 0; height: 0;border-left: 15px solid transparent;border-right: 15px solid transparent;border-bottom: 20px solid white;"></div><div style="color:white; position:absolute;"><div class="translate_text" style="padding:5px; border-radius:5px; background-color: black; width: 188px; position:relative; top: 10px; font-weight:bold; font-size:15px;">Click <i>"Stay on Page"</i> to Participate!</div></div></div></div></td></tr></table>';
                    } else if (jQuery.browser.chrome) {
                        the_html += '<table height="100%"><tr valign="middle"><td style="vertical-align:middle;"><div id="the_box" style="background-color:white; height: 238px; margin-top:-95px; width:362px; border:1px solid white; border-radius:5px; -webkit-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);-moz-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75); box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);"><div style="text-align:center; padding:108px; font-weight:bold; font-size:18px; color:lightgrey;">Loading...</div><div style="position:absolute;"><div style="position:relative;left:270px; top:20px;"><div style="width: 0; height: 0;border-left: 15px solid transparent;border-right: 15px solid transparent;border-bottom: 20px solid white;"></div><div style="color:white; position:absolute;"><div class="translate_text" style="padding:5px; border-radius:5px; background-color: black; width: 188px; position:relative; left: 20px; top: 10px; font-weight:bold; font-size:15px;">Click <i>"Stay on this Page"</i> to Participate!</div></div></div></div></td></tr></table>';
                    } else if (jQuery.browser.msie) {
                        the_html += '<table height="100%"><tr valign="middle"><td style="vertical-align:middle;"><div id="the_box" style="background-color:white; height: 275px; margin-top:-165px; margin-left:15px; width:388px; border:1px solid white; border-radius:5px; -webkit-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);-moz-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75); box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);"><div style="text-align:center; padding:127px; font-weight:bold; font-size:18px; color:lightgrey;">Loading...</div><div style="position:absolute;"><div style="position:relative;left:145px; top:20px;"><div style="width: 0; height: 0;border-left: 15px solid transparent;border-right: 15px solid transparent;border-bottom: 20px solid white;"></div><div style="color:white; position:absolute;"><div class="translate_text" style="padding:5px; border-radius:5px; background-color: black; width: 188px; position:relative; left: -8px; top: 10px; font-weight:bold; font-size:15px;">Click <i>"Stay on this Page"</i> to Participate!</div></div></div></div></td></tr></table>';
                    } else if (jQuery.browser.safari && !jQuery.browser.chrome) {
                        the_html += '<table height="100%"><tr valign="middle"><td style="vertical-align:middle;"><div id="the_box" style="background-color:white; height: 275px; margin-top:-165px; margin-left:15px; width:388px; border:1px solid white; border-radius:5px; -webkit-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);-moz-box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75); box-shadow: 0px 0px 120px 5px rgba(255, 255, 255, .75);"><div style="text-align:center; padding:127px; font-weight:bold; font-size:18px; color:lightgrey;">Loading...</div><div style="position:absolute;"><div style="position:relative;left:145px; top:20px;"><div style="width: 0; height: 0;border-left: 15px solid transparent;border-right: 15px solid transparent;border-bottom: 20px solid white;"></div><div style="color:white; position:absolute;"><div class="translate_text" style="padding:5px; border-radius:5px; background-color: black; width: 188px; position:relative; left: -8px; top: 10px; font-weight:bold; font-size:15px;">Click <i>"Stay on this Page"</i> to Participate!</div></div></div></div></td></tr></table>';
                        inlineboxmessage = 'Click Stay on Page.';
                    }
                    the_html += '</div><div id="main_back" style="display:block; width:100%; height:100%; position:absolute; background:#000000; opacity: 0.5;"></div>';

                    var theDiv = '<div onmouseover="load_slidepage();" id="InlineBoxDiv" style="display:block; width:100%; height:100%; position:absolute; margin-top:0px; margin-left:0px;" align="center">';
                    theDiv = theDiv + the_html;
                    theDiv = theDiv + '<iframe src="' + inlineboxpage + '" width="100%" height="100%" align="middle" frameborder="0"></iframe>';
                    theDiv = theDiv + '</div>';
                    theBody = document.body;
                    if (!theBody) {
                        theBody = document.getElementById("body");
                        if (!theBody) {
                            theBody = document.getElementsByTagName("body")[0];
                        }
                    }
                    var PreventInlineBox = false;

                    function DisableInlineBox() {
                        PreventInlineBox = true;
                    }

                    function EnableInlineBox() {
                        PreventInlineBox = false;
                    }

                    function DisplayInlineBox() {
                        if (PreventInlineBox == false) {

                            $("*[style]").attr("style", "");

                            window.scrollTo(0, 0);
                            PreventInlineBox = true;
                            divtag = document.createElement("div");
                            divtag.setAttribute("id", "InlineBoxMainOuterLayer");
                            divtag.style.position = "absolute";
                            divtag.style.width = "100%";
                            divtag.style.height = "100%";
                            divtag.style.zIndex = "99";
                            divtag.style.left = "0px";
                            divtag.style.top = "0px";
                            divtag.innerHTML = theDiv;
                            theBody.innerHTML = "";
                            theBody.topMargin = "0px";
                            theBody.rightMargin = "0px";
                            theBody.bottomMargin = "0px";
                            theBody.leftMargin = "0px";
                            theBody.style.overflow = "hidden";
                            theBody.appendChild(divtag);
                            return inlineboxmessage;
                        } else {
                            PreventInlineBox = false;
                        }
                    }

                    var a = document.getElementsByTagName('A');
                    for (var i = 0; i < a.length; i++) {
                        if (a[i].target !== '_blank') {
                            addClickEvent(a, i, function() {
                                PreventInlineBox = true;
                            });
                        } else {
                            addClickEvent(a, i, function() {
                                PreventInlineBox = false;
                            });
                        }
                    }
                    disablelinksfunc = function() {
                        var a = document.getElementsByTagName('A');
                        for (var i = 0; i < a.length; i++) {
                            if (a[i].target !== '_blank') {
                                addClickEvent(a, i, function() {
                                    PreventInlineBox = true;
                                });
                            } else {
                                addClickEvent(a, i, function() {
                                    PreventInlineBox = false;
                                });
                            }
                        }
                    };

                    addLoadEvent(disablelinksfunc);
                    window.onbeforeunload = DisplayInlineBox;


                });

            } else {
                setTimeout('informUpdate()', 1000);
            }
        }

        var exit_ready = false;

        function load_slidepage() {
            if (exit_ready == false) {
                exit_ready = true;
                jQuery('#the_box').html('');
                jQuery('#the_box').animate({
                    height: '0px'
                }, 500, function() {
                    jQuery('#main_div').hide();
                    jQuery('#main_back').hide();

                });
            }
        }

        < /script>

HTTP Transactions (39)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6232 Expires: Tue, 29 Nov 2022 05:52:47 GMT Date: Tue, 29 Nov 2022 04:08:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2d2e7649ce9e9ba6fc8b68aa89352e3c Sha1: 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
GET / HTTP/1.1 Host: findthebestfreebies.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	142.250.74.161 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Expires: Tue, 29 Nov 2022 04:08:55 GMT Date: Tue, 29 Nov 2022 04:08:55 GMT Cache-Control: private, max-age=0 Last-Modified: Mon, 28 Nov 2022 23:47:01 GMT ETag: W/"3a10dcfc8701b6586923ef0609c118cb4cfeb228fb6f342c3a868cbee98b7774" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 1577 Server: GSE --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (385) Size: 1577 Md5: 62d8a386f0bab6b6db6dcb491a42ca83 Sha1: 1b786a2a7d39eeabae2c825a596a1f9d1f6c1b9f Sha256: c60dea22a2e8aa6dee2134a03c8da517382af32b9fc24f16813514d237b69832 Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5259 Cache-Control: max-age=114605 Date: Tue, 29 Nov 2022 04:08:55 GMT Etag: "63848df9-1d7" Expires: Wed, 30 Nov 2022 11:59:00 GMT Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 29 Nov 2022 03:19:35 GMT cache-control: public,max-age=3600 age: 2960 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3855 Expires: Tue, 29 Nov 2022 05:13:10 GMT Date: Tue, 29 Nov 2022 04:08:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: jkrqTxpkz4nChcHIRFxtjngabOlYF14AxN/UQUNJA3ke0ZOXL3vrD0ji6YMYjV5FFdzpCDJ2ZsE= x-amz-request-id: XZE1SG39HEJXZTJM content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 29 Nov 2022 03:42:21 GMT age: 1594 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /js/cookienotice.js HTTP/1.1 Host: findthebestfreebies.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/	142.250.74.161 HTTP/1.1 200 OK Content-Type: text/javascript Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech" Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Length: 2026 Date: Tue, 29 Nov 2022 04:08:55 GMT Expires: Tue, 06 Dec 2022 04:08:55 GMT Cache-Control: public, max-age=604800 Last-Modified: Mon, 28 Nov 2022 23:54:53 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 --- Additional Info --- Magic: ASCII text Size: 2026 Md5: c4e1ed83d89245089b8a1203be20a377 Sha1: f3940e1215b89300ef97d57a25993f25243b8688 Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2 Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 29 Nov 2022 04:08:55 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: e16bd266c88eb80e84b5e036b8ee3cbb Sha1: 3d8b0e5c7a6dc0631a6f8760582643b6e5bdcfba Sha256: cf791532099e27f14dd5c928a8a3b8c319578d671fb67fa51b3a360140e9b918
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 13c870f9d0256a3e5dd72fc47aea94e9 Sha1: 55b39d22353b9f020626c9ad5067adbb4e0a4761 Sha256: a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
GET /static/v1/v-css/navbar/3334278262-classic.css HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.105 HTTP/2 200 OK content-type: text/css accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 404 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 00:15:35 GMT expires: Thu, 23 Nov 2023 00:15:35 GMT cache-control: public, max-age=31536000 last-modified: Tue, 22 Nov 2022 17:53:03 GMT age: 532400 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 404 Md5: 5a3f242d3fa62e372231602f92227b31 Sha1: cd49a3d4a1251994867b54bbc478923e952b8fa5 Sha256: 1c6d36a1ab1fe33318951bf6c555139a107e04b4c3252aae0afd230d344a6a94
GET /js/platform.js HTTP/1.1 Host: apis.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.174 HTTP/2 200 OK content-type: text/javascript accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="gapi-team" report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} timing-allow-origin: * content-length: 20984 date: Tue, 29 Nov 2022 04:08:55 GMT expires: Tue, 29 Nov 2022 04:08:55 GMT cache-control: private, max-age=1800, stale-while-revalidate=1800 etag: "7446758f13887885" x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1279) Size: 20984 Md5: 7ac44ef24e267df17ff72f195b252806 Sha1: 62db12d9ce11a576ccd7fa3544d851c5fd42f3b7 Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0ce182bf4da446af91c7e5562006de39 Sha1: 04a3bffa405645fb06932346c6d61b3a20b9c491 Sha256: 2e9d7f33041a8c0eb78a717173b26eca2c92136d2d8fe7f20087bd40d6c13f04
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 7207a5076b63fb5f39b9436ced9fb18f Sha1: cdd84ecfe85882601e81f11783d9f63b30084de3 Sha256: 6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 29 Nov 2022 03:11:13 GMT cache-control: public,max-age=3600 age: 3463 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.170 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 33845 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 21:54:50 GMT expires: Sat, 25 Nov 2023 21:54:50 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT age: 281646 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769) Size: 33845 Md5: d989f35706c62ce4a5c561586c55566e Sha1: d32e7958e5765609bf08dcdefd0b2c2a8714ce34 Sha256: 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 07b8296613be09905e34b09dce4a203f Sha1: c97c67e8c4b1247423d089c028c31e05734f124e Sha256: c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4805 Cache-Control: max-age=109084 Date: Tue, 29 Nov 2022 04:08:56 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:27:00 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
GET /script_include.php?id=1260002 HTTP/1.1 Host: gripverify.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	104.21.68.17 HTTP/2 200 OK content-type: text/javascript;charset=UTF-8 date: Tue, 29 Nov 2022 04:08:55 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2yNoaPC83uvUwUzqTbFKU8EKLrYUPT6mCGprjd0yrptz%2F%2FAiimqXv3hH59%2BLN7jJJvqLI3b%2FJqVJbDQlFHGWQNtQD2xgH%2BFg2eRmZovZQtje7FgJwG6MUuA6I17RndE7g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 77187c22e8a3fab4-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (28513), with CRLF, LF line terminators Size: 11498 Md5: 97d7fd7e02c53961f8497bc871c9cdb7 Sha1: fd7f89bdcd3f3c147bdb569d0dbf73fb655b5e0c Sha256: f072cc7d1acabec7eb7fd214396cad454d478e835bfe124f8947c3a978c0efa4 Blocklists: - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: cd0a5be4865b85e858cfcaafa90f8dca Sha1: 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b Sha256: 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://findthebestfreebies.blogspot.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 22 Nov 2022 17:10:21 GMT expires: Wed, 22 Nov 2023 17:10:21 GMT cache-control: public, max-age=31536000 age: 557915 last-modified: Tue, 26 Apr 2022 15:48:56 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Size: 23580 Md5: e1b3b5908c9cf23dfb2b9c52b9a023ab Sha1: fcd4136085f2a03481d9958cc6793a5ed98e714c Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 29 Nov 2022 04:08:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: cd0a5be4865b85e858cfcaafa90f8dca Sha1: 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b Sha256: 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=109359 Date: Tue, 29 Nov 2022 04:08:56 GMT Etag: "63848e07-117" Expires: Wed, 30 Nov 2022 10:31:35 GMT Last-Modified: Mon, 28 Nov 2022 10:31:35 GMT Server: nginx Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 682f3a3bb65c651945d0c762be56333a Sha1: 31f034e1f185477b97879241885590ff910d032a Sha256: 7bd9940d9c53986acb912784ce10252db0f633b5df8154ba77578cd478ccce53
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Ip53dmn3hwnTgaGIZIefSg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	44.242.41.15 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: nCxkScTtvfeYqlNJKJlITxx/UCs= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /admin/media/offers/p1gc0h74hkvr64ni15r0v321u7q3.png HTTP/1.1 Host: www.cpagrip.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.67.74.93 HTTP/2 200 OK content-type: image/png date: Tue, 29 Nov 2022 04:08:56 GMT content-length: 56186 last-modified: Sat, 03 Sep 2022 02:00:08 GMT etag: "db7a-5e7bc34c6cc72" cache-control: max-age=691200 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpuu1uqIkzcr13cNdZXOgXDKaWgxhhSxMYIjwkdR1%2BiM7jt8dQpqnIfAP5%2FbgM%2B%2FRzOTzpMxWq%2F3%2FwBmyVKYQ869m%2BNMeULS4dKlxrdthVnwiZjuRQsL402GqVUMbavHvA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 77187c290ee20b3d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 600 x 274, 8-bit/color RGBA, non-interlaced\012- data Size: 56186 Md5: 389f3c62cf1b4380f71630d02a7dbc99 Sha1: 39f55bd0f8024c5dae741674e40f192d499ef925 Sha256: 162c1b394ef22d96a2d72d8037745032c55567b768e898e29d28464534e4fccd
GET /favicon.ico HTTP/1.1 Host: findthebestfreebies.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/	142.250.74.161 HTTP/1.1 200 OK Content-Type: image/x-icon; charset=UTF-8 Expires: Tue, 29 Nov 2022 04:08:56 GMT Date: Tue, 29 Nov 2022 04:08:56 GMT Cache-Control: private, max-age=86400 Last-Modified: Mon, 28 Nov 2022 23:47:01 GMT ETag: W/"3a10dcfc8701b6586923ef0609c118cb4cfeb228fb6f342c3a868cbee98b7774" Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 412 Server: GSE --- Additional Info --- Magic: MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data Size: 412 Md5: 501c61a70f5c41181aa050d9110909ca Sha1: 5b985d5671a7caf686fdfb1df13488c4407f6c9f Sha256: c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4438 Expires: Tue, 29 Nov 2022 05:22:55 GMT Date: Tue, 29 Nov 2022 04:08:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4438 Expires: Tue, 29 Nov 2022 05:22:55 GMT Date: Tue, 29 Nov 2022 04:08:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4438 Expires: Tue, 29 Nov 2022 05:22:55 GMT Date: Tue, 29 Nov 2022 04:08:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4438 Expires: Tue, 29 Nov 2022 05:22:55 GMT Date: Tue, 29 Nov 2022 04:08:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ac3edd07bb0a4ebdaae6ec26e91d2079 Sha1: b6efe3811dfa37cdcde1e9d411c171732ac7e12a Sha256: c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9376 x-amzn-requestid: 265257bd-0177-4e63-879b-e9f99d0d16c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cTZANFW2oAMFlyw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63846ecd-6767ccde3361eb593108603d;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 08:18:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ntQPVFK12XqhVCMlaq0oIDx7k6e2xQdp1Y67W1nG6ayhG1XFekz5CQ== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 09:53:30 GMT etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5" age: 65727 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9376 Md5: cce27a1fe8c0222811a5ce0e7f89e1cb Sha1: 28c165bac8cf68cd1b0763c311aece00672cb3a5 Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4916 x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYcrELFoAMFaeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 04:16:47 GMT age: 85930 etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4916 Md5: 83c1fedec73299637cc7dc47c48af758 Sha1: 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5049b423-1bbd-4caa-891e-b46234fc1a6a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14856 x-amzn-requestid: 22ec3d7a-91f5-4b67-9621-a93b1e5d09e3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYejFKxoAMFe0A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d45c-34ffa40356825a715a7eb5cc;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:09 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: GBeOUYK49uZurdS8v-Fmimf_GDcBqDR6hlZ7eRaMeGjs0iEeIvhIWg== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Tue, 29 Nov 2022 03:34:57 GMT age: 2040 etag: "e0617845684a8f7586b37e8be8976bbe6a93563e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14856 Md5: df665be3ae1347cb9bb1443a6a1a33e6 Sha1: e0617845684a8f7586b37e8be8976bbe6a93563e Sha256: 15155df8643daa0408633922e15691a3b00b393ee433e1162cf031024e84d0a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10176 x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cMo3oHpSoAMF5Qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 07:38:02 GMT age: 73855 etag: "772d86ad983042a728ee3490630a9cf1134ad0dd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10176 Md5: 03014221d7f49b50ffc2d1b0a0e75457 Sha1: 772d86ad983042a728ee3490630a9cf1134ad0dd Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3004 x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cPYcrFRXoAMFUJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 04:45:02 GMT age: 84235 etag: "035a1b4a2a7889787532ec2637d5c21e06daf672" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3004 Md5: 22e7d3e11e78242383e452adb9299016 Sha1: 035a1b4a2a7889787532ec2637d5c21e06daf672 Sha256: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10445 x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvuDGHaIAMFn_w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 14:31:14 GMT age: 49063 etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10445 Md5: c76e3c4cc159bda9b9e887fcd449ba51 Sha1: 12d90c36bd455b3b859fdb761b6ed49ea9f98f80 Sha256: fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
GET /css?family=Lato HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://findthebestfreebies.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 29 Nov 2022 04:08:56 GMT date: Tue, 29 Nov 2022 04:08:56 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

URL	findthebestfreebies.blogspot.com/
IP	142.250.74.161 (United States)
ASN	#15169 GOOGLE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-11-29 04:09:05 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	3
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (16)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161

Last 5 reports on ASN: GOOGLE

Last 1 reports on domain: findthebestfreebies.blogspot.com

No other reports with similar screenshot

JavaScript

Executed Scripts (19)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 24609) - SHA256: e25aadc03bf12f00c9c8fbb334feab904fbf08ff17c6f05c33367d2ad6aeda77

HTTP Transactions (39)

Overview

Domain Summary (16)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161

Last 5 reports on ASN: GOOGLE

Last 1 reports on domain: findthebestfreebies.blogspot.com

No other reports with similar screenshot

JavaScript

Executed Scripts (19)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 24609) - SHA256: e25aadc03bf12f00c9c8fbb334feab904fbf08ff17c6f05c33367d2ad6aeda77

HTTP Transactions (39)

Network Intrusion Detection Systems