Submitted URL: http://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Effective URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Submission: On May 12 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2a00:1450:4001:810::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.forensickb.com.
TLS certificate: Issued by GTS CA 1D4 on May 3rd 2024. Valid for: 3 months.
This is the only time www.forensickb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11861
bp1.blogger.com — Cisco Umbrella Rank: 886021
184 KB
8 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10405
lh3.googleusercontent.com — Cisco Umbrella Rank: 44
101 KB
6 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 22467
4 KB
5 forensickb.com
www.forensickb.com
302 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 654
17 KB
2 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 17489
1.bp.blogspot.com — Cisco Umbrella Rank: 14945
77 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 139
accounts.google.com — Cisco Umbrella Rank: 20 Failed
sites.google.com — Cisco Umbrella Rank: 2780 Failed
81 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
67 B
1 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 31453
34 KB
38 9
Domain Requested by
9 www.blogger.com www.forensickb.com
apis.google.com
www.blogger.com
6 resources.blogblog.com www.forensickb.com
www.blogger.com
5 www.forensickb.com www.forensickb.com
www.blogger.com
4 lh3.googleusercontent.com www.forensickb.com
4 blogger.googleusercontent.com www.forensickb.com
2 ssl.google-analytics.com www.forensickb.com
2 apis.google.com www.forensickb.com
apis.google.com
1 pagead2.googlesyndication.com www.forensickb.com
1 1.bp.blogspot.com www.forensickb.com
1 bp1.blogger.com 1 redirects
1 3.bp.blogspot.com www.forensickb.com
1 w.sharethis.com www.forensickb.com
0 sites.google.com Failed
0 accounts.google.com Failed
38 14
Subject Issuer Validity Valid
www.forensickb.com
GTS CA 1D4
2024-05-03 -
2024-08-01
3 months crt.sh
*.blogger.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-19 -
2025-05-17
a year crt.sh
*.apis.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Frame ID: B216C837D61D1D0F208EF89A553BDC39
Requests: 36 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/1746946614390371171?po=6006408472314982888&hl=en
Frame ID: 5562137969608A353602E506881984B3
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1746946614390371171&blogName=Computer+Forensics,+Malware+Analysis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=https://www.forensickb.com/search&blogLocale=en&v=2&homepageUrl=https://www.forensickb.com/&targetPostID=6006408472314982888&blogPostOrPageUrl=https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html&vt=-6818714177828112845&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Dsoa_Wdo28w.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg%2Fm%3D__features__
Frame ID: 1BD7C09F0B43E84487EE10260383FEBE
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Computer Forensics, Malware Analysis & Digital Investigations: Forensic review of Windows 7 - Part I

Page URL History Show full URLs

  1. http://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html HTTP 307
    https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/

Page Statistics

38
Requests

92 %
HTTPS

78 %
IPv6

9
Domains

14
Subdomains

9
IPs

3
Countries

799 kB
Transfer

2506 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html HTTP 307
    https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://bp1.blogger.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg HTTP 301
  • https://1.bp.blogspot.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg
Request Chain 34
  • https://sites.google.com/site/rotjeep/jeep/forensickb1.ico HTTP 302
  • https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Frotjeep%2Fjeep%2Fforensickb1.ico HTTP 302
  • https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/rotjeep/jeep/forensickb1.ico&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/rotjeep/jeep/forensickb1.ico HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/rotjeep/jeep/forensickb1.ico&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/rotjeep/jeep/forensickb1.ico&passive=1209600&service=jotspot&ifkv=AaSxoQy8Z6W6DJvWqN9aqOop01BAGulNyYF8s9PzaHgtQGe2AJ4RtTx1B4YGVXM3YuHVF6cRiJ9qfg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Frotjeep%2Fjeep%2Fforensickb1.ico&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Frotjeep%2Fjeep%2Fforensickb1.ico&ifkv=AaSxoQy__BF4h3OoeEf8vXDKgujMK0fTl5gX-EzKgYCTIlRkOY0E4UO1OZeSlcQkxWd1pTNrAIb0-g&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1946936866%3A1715499486727523&ddm=0

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request forensic-review-of-windows-7-part-i.html
www.forensickb.com/2009/12/
Redirect Chain
  • http://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
  • https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
105 KB
20 KB
Document
General
Full URL
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
81df094842b29fb2fbadbe8b4dc9ddfd201f3c0983f8085996be6cbb9b466b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
19774
content-type
text/html; charset=UTF-8
date
Sun, 12 May 2024 07:38:05 GMT
etag
W/"b4c827340090d687b84b44086de6d91ee011ce8dba0a88a51b9ec26cfabad017"
expires
Sun, 12 May 2024 07:38:05 GMT
last-modified
Mon, 19 Feb 2024 16:23:30 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Non-Authoritative-Reason
HttpsUpgrades
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6620
x-xss-protection
0
last-modified
Mon, 06 May 2024 18:55:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 07 May 2025 08:14:15 GMT
sharethis.js
w.sharethis.com/button/
143 KB
34 KB
Script
General
Full URL
https://w.sharethis.com/button/sharethis.js
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0eb77a24617d9b71852d4e9b5e982001e963f35071d9ce146599bcdbfc1d4487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 07:50:53 GMT
content-encoding
gzip
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P12
age
258432
etag
W/"658496e7-23a9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
WWeRL7hl54oqlGUK8pqjgXTcRbQUYOfCayPEWr8iVqEDq3tAJXzwVg==
expires
Sun, 12 May 2024 07:50:53 GMT
platform.js
apis.google.com/js/
55 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 May 2024 07:38:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21302
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"791be0a0400d03a0"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 07:38:05 GMT
header.jpg
3.bp.blogspot.com/_rX7Jddr9KTM/SsY5iMRi0jI/AAAAAAAASUM/Q7yDwsjtJV4/S1600-R/
73 KB
73 KB
Image
General
Full URL
https://3.bp.blogspot.com/_rX7Jddr9KTM/SsY5iMRi0jI/AAAAAAAASUM/Q7yDwsjtJV4/S1600-R/header.jpg
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
35453c934168e9f31a8b1aa76a3197460977718a544fd37659080629ae3de54d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v2050a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="header.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74441
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:05 GMT
snap004.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvRod0u-d89u1Q9O0723bY6FUymlNnssvIj8Rj6CviNd03A3beNdrCmMr9EvsS_LBGvv-pVF94SGulDoVQx6BDHjUe5yzH5PuBBk8YW8HV6g6PV-uhHU2az1pcJE-xnWDwPguT2E3UXXuT/s400/
23 KB
24 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvRod0u-d89u1Q9O0723bY6FUymlNnssvIj8Rj6CviNd03A3beNdrCmMr9EvsS_LBGvv-pVF94SGulDoVQx6BDHjUe5yzH5PuBBk8YW8HV6g6PV-uhHU2az1pcJE-xnWDwPguT2E3UXXuT/s400/snap004.jpg
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
91ba7ea3320079d440a9bd966c8cfad730f5f88b02a8d785c8e40837d47c16cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v4a4b"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="snap004.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23959
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:06 GMT
snap001.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0qf-qauG2HyI2AwpCuiksmtJq0v_HiVH7g0Cg94yZ-hz2cJ5R_PV4i2Tau2uaVYFNOoN0BpKytTa3LqKWGKtgojLJ-9XDb3APRasXpkf8LeT54pY92gN8VlXfamv4P8O-R_uXXCthf4NS/s320/
18 KB
18 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0qf-qauG2HyI2AwpCuiksmtJq0v_HiVH7g0Cg94yZ-hz2cJ5R_PV4i2Tau2uaVYFNOoN0BpKytTa3LqKWGKtgojLJ-9XDb3APRasXpkf8LeT54pY92gN8VlXfamv4P8O-R_uXXCthf4NS/s320/snap001.jpg
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
27f53e7814514e1f400db997ade9fb92f2997d2cf9b888b23b9e4039b69f14e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v4a4d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="snap001.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18551
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:06 GMT
snap002.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitZkHA-QOTeGqXLASwlsnei8NHxEQLGDpGqcwPkM_QZbY97GX5W0S5ZIHI72AeqWHfFDoY9rZaN9CYI76z15XHCS-iVEH9pQ8bLNJ7IAu4ucotEgR10vkb6_c5DUjJhVWpq_ljOmgV9ieB/s400/
26 KB
26 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitZkHA-QOTeGqXLASwlsnei8NHxEQLGDpGqcwPkM_QZbY97GX5W0S5ZIHI72AeqWHfFDoY9rZaN9CYI76z15XHCS-iVEH9pQ8bLNJ7IAu4ucotEgR10vkb6_c5DUjJhVWpq_ljOmgV9ieB/s400/snap002.jpg
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
77fdf8e33233f62520acd57acadddfa164a64273503712269fdbdb5bdcf4fbb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v4a53"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="snap002.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26687
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:06 GMT
snap003.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxoDK7ArrLrJKIzG4HBJeUo0TH4kUgRCBsHL9_wXBJ9TX1uB_pQMTy6drN1W0Op4xP2_zg9N2VtNK1pAQmZmEdat-CPeHhyphenhyphenwV3QUVtDRY_kuywJsF9LZ1kK1dEM9oROpX-dVTUGM...
31 KB
31 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxoDK7ArrLrJKIzG4HBJeUo0TH4kUgRCBsHL9_wXBJ9TX1uB_pQMTy6drN1W0Op4xP2_zg9N2VtNK1pAQmZmEdat-CPeHhyphenhyphenwV3QUVtDRY_kuywJsF9LZ1kK1dEM9oROpX-dVTUGM4UGx3W/s400/snap003.jpg
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
024ede5f26545b8d9159b6365bb7f1fa4364a98ca9f8c26f4e69e145853a5e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v4a55"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="snap003.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31250
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:06 GMT
AEn0k_tXtD6rG8sdiMPxXPSPE8F-Vib2esVq8tt5dmAdw5g2kUSYH4hm0ZIuP16Da102mCB03Z00-muTT5nHc9OT3Xq1kb8neCidb82O9mg=s0-d
lh3.googleusercontent.com/blogger_img_proxy/
586 B
648 B
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tXtD6rG8sdiMPxXPSPE8F-Vib2esVq8tt5dmAdw5g2kUSYH4hm0ZIuP16Da102mCB03Z00-muTT5nHc9OT3Xq1kb8neCidb82O9mg=s0-d
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
25fa77a2df6adfe3abfd29ff1c7d10558632a241c34eca0d73782e27fcad8360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:01 GMT
x-content-type-options
nosniff
server
fife
age
4
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
586
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:01 GMT
AEn0k_sEoMVytEslLFTeBQQ1PWrQ7s4tLFb8hm2Nw_biwepl0IBUxde1qWREmSIRN7Fg3_RPEruKsDY9U7OTIWcmaHGztJgkeLEESzlPnrXK08vCPw=s0-d
lh3.googleusercontent.com/blogger_img_proxy/
223 B
284 B
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sEoMVytEslLFTeBQQ1PWrQ7s4tLFb8hm2Nw_biwepl0IBUxde1qWREmSIRN7Fg3_RPEruKsDY9U7OTIWcmaHGztJgkeLEESzlPnrXK08vCPw=s0-d
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2092343f02140f378c9669772dd55cf1c9aa1e8b3384d19b424d105d3ddcec80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:01 GMT
x-content-type-options
nosniff
server
fife
age
4
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
223
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:01 GMT
AEn0k_vfzEmjfPe6bLihSHZw6MvLfypYjE9DJsC6U5xY7P0fXHoVb1HtmUUEGqhCfJxj0zO342azgd7oVBsFfwbZJAFt8REmz_1WlAnFoaAQjgDi=s0-d
lh3.googleusercontent.com/blogger_img_proxy/
379 B
672 B
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vfzEmjfPe6bLihSHZw6MvLfypYjE9DJsC6U5xY7P0fXHoVb1HtmUUEGqhCfJxj0zO342azgd7oVBsFfwbZJAFt8REmz_1WlAnFoaAQjgDi=s0-d
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
082dc2ea0f282b566528a1c0a4971e4e3cf019ad6b85c98eab6c41964e3eb6da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:01 GMT
x-content-type-options
nosniff
server
fife
age
4
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:01 GMT
AEn0k_s9SJNViJp6t3wpPMd36kRpqUiu_r__F80UItZp-MXikKOos2Qed8YzznvhXnOz2RfGK5Pqj5Vfuu4xoDoUOAyb5hkChY-OU0dV-mJv-fDHLZg=s0-d
lh3.googleusercontent.com/blogger_img_proxy/
619 B
681 B
Image
General
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_s9SJNViJp6t3wpPMd36kRpqUiu_r__F80UItZp-MXikKOos2Qed8YzznvhXnOz2RfGK5Pqj5Vfuu4xoDoUOAyb5hkChY-OU0dV-mJv-fDHLZg=s0-d
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c7f53aacd4ad05458f5012dcfc0e59cbfd5e87865cb64141c1885a1991ddff2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:01 GMT
x-content-type-options
nosniff
server
fife
age
4
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
619
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:01 GMT
icon18_edit_allbkg.gif
www.blogger.com/img/
162 B
300 B
Image
General
Full URL
https://www.blogger.com/img/icon18_edit_allbkg.gif
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:03:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 12:52:58 GMT
server
sffe
age
430473
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 08:03:32 GMT
rebel.jpg
1.bp.blogspot.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/
Redirect Chain
  • https://bp1.blogger.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg
  • https://1.bp.blogspot.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg
3 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
69b27ee622b308d51845fb544fbf9c3325e733affac55a39ac193c6be5a5bde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.forensickb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 12 May 2024 07:38:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v185"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="rebel.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3574
x-xss-protection
0
expires
Mon, 13 May 2024 07:38:05 GMT

Redirect headers

date
Sun, 12 May 2024 07:37:59 GMT
x-content-type-options
nosniff
server
fife
age
6
vary
Origin
content-type
text/html; charset=UTF-8
location
https://1.bp.blogspot.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg
access-control-allow-origin
*
cache-control
public, max-age=2592000
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-xss-protection
0
expires
Tue, 11 Jun 2024 07:37:59 GMT
arrow_dropdown.gif
resources.blogblog.com/img/widgets/
141 B
254 B
Image
General
Full URL
https://resources.blogblog.com/img/widgets/arrow_dropdown.gif
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:14:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 14:57:51 GMT
server
sffe
age
429814
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 08:14:31 GMT
icon_feed12.png
resources.blogblog.com/img/
500 B
613 B
Image
General
Full URL
https://resources.blogblog.com/img/icon_feed12.png
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:52:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 16:55:19 GMT
server
sffe
age
431107
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
500
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 07:52:58 GMT
subscribe-netvibes.png
resources.blogblog.com/img/widgets/
1 KB
2 KB
Image
General
Full URL
https://resources.blogblog.com/img/widgets/subscribe-netvibes.png
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:06:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 20:56:22 GMT
server
sffe
age
430302
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1445
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 08:06:23 GMT
subscribe-yahoo.png
resources.blogblog.com/img/widgets/
580 B
673 B
Image
General
Full URL
https://resources.blogblog.com/img/widgets/subscribe-yahoo.png
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:54:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 14:57:51 GMT
server
sffe
age
430992
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
580
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 07:54:53 GMT
default
www.forensickb.com/feeds/posts/
1 MB
279 KB
Script
General
Full URL
https://www.forensickb.com/feeds/posts/default?alt=json-in-script&start-index=1&max-results=1000&callback=randomposts
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
34301b2b455b04bdee225fcf5b2b2d3b90918707c2a0b7e2033d0ca945954fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 16:23:30 GMT
server
blogger-renderd
etag
W/"5728eda9f7e40b17a3dde019cedb5663b3ada56acc8aa793c8fba327c4bad0bd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
284747
x-xss-protection
0
expires
Sun, 12 May 2024 07:38:06 GMT
cookienotice.js
www.forensickb.com/js/
6 KB
2 KB
Script
General
Full URL
https://www.forensickb.com/js/cookienotice.js
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 12 May 2024 06:51:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 19 May 2024 07:38:05 GMT
4290687098-widgets.js
www.blogger.com/static/v1/widgets/
141 KB
50 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/4290687098-widgets.js
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51402
x-xss-protection
0
last-modified
Wed, 08 May 2024 07:54:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 09 May 2025 10:54:40 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
684 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1746946614390371171&zx=de3ff843-4267-455c-8396-a1d8e8df5623
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sun, 12 May 2024 07:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 12 May 2024 07:38:05 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/
180 KB
60 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d206d37f46b471524cc264a53d14f39844f9357480cb0100cd9a5c1df7a92482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61034
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:15:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 May 2025 07:49:06 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 May 2024 07:51:19 GMT
1746946614390371171
www.blogger.com/comment/frame/ Frame 5562
0
0
Document
General
Full URL
https://www.blogger.com/comment/frame/1746946614390371171?po=6006408472314982888&hl=en
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D8TsDEth7s7M1jLMha3ubQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.forensickb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-D8TsDEth7s7M1jLMha3ubQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sun, 12 May 2024 07:38:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/BloggerCommentUi/web-reports?context=eJzjKtHikmJw0pBiqHXfyVR6ZSfTHY1dTK-AOLJ0F1M6EDu9uskk03uL6fGUW0zP258xfQNiTZMXTH-TXzJp7nnJJPH1JZMGCIdOZ3VKn8EaBMQ-9TNYY4C49eY51qlAnPTvPGsRELd_vsA6HYiFeDjuPm7cxCawo-fQPyYlpaT8wviknPz09NSi0szi1KKy1KJ4IwMjEwNTA3M9A9P4AgMAHldFow"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
s_top.png
resources.blogblog.com/img/widgets/
335 B
358 B
Image
General
Full URL
https://resources.blogblog.com/img/widgets/s_top.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f9.1e100.net
Software
sffe /
Resource Hash
cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.blogger.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:48:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 16:55:19 GMT
server
sffe
age
431347
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 07:48:58 GMT
s_bottom.png
resources.blogblog.com/img/widgets/
172 B
195 B
Image
General
Full URL
https://resources.blogblog.com/img/widgets/s_bottom.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f9.1e100.net
Software
sffe /
Resource Hash
91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.blogger.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:04:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 20:56:22 GMT
server
sffe
age
430415
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
172
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 14 May 2024 08:04:30 GMT
navbar.g
www.blogger.com/ Frame 1BD7
0
0
Document
General
Full URL
https://www.blogger.com/navbar.g?targetBlogID=1746946614390371171&blogName=Computer+Forensics,+Malware+Analysis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLACK&layoutType=LAYOUTS&searchRoot=https://www.forensickb.com/search&blogLocale=en&v=2&homepageUrl=https://www.forensickb.com/&targetPostID=6006408472314982888&blogPostOrPageUrl=https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html&vt=-6818714177828112845&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Dsoa_Wdo28w.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.forensickb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2662
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Sun, 12 May 2024 07:38:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1746946614390371171&zx=de3ff843-4267-455c-8396-a1d8e8df5623
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sun, 12 May 2024 07:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 12 May 2024 07:38:05 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 May 2024 05:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6189
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 12 May 2024 07:54:57 GMT
__utm.gif
ssl.google-analytics.com/r/
35 B
197 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1447500009&utmhn=www.forensickb.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Computer%20Forensics%2C%20Malware%20Analysis%20%26%20Digital%20Investigations%3A%20Forensic%20review%20of%20Windows%207%20-%20Part%20I&utmhid=1503434319&utmr=-&utmp=%2F2009%2F12%2Fforensic-review-of-windows-7-part-i.html&utmht=1715499486228&utmac=UA-2314520-1&utmcc=__utma%3D17118382.564660743.1715499486.1715499486.1715499486.1%3B%2B__utmz%3D17118382.1715499486.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2070911744&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.forensickb.com
URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 12 May 2024 07:38:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
forensic-review-of-windows-7-part-i.html
www.forensickb.com/2009/12/
1 KB
718 B
XHR
General
Full URL
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html?action=getFeed&widgetId=Feed1&widgetType=Feed&responseType=js&xssi_token=AOuZoY6T5x_HUbnDNzXU6OvnO9cKnv2zCA%3A1715499485364
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/4290687098-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8d5fc0fbe922e192ac93bab4be6a50aed75eb539995a6f543def2747dfd9ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Feb 2024 16:23:30 GMT
server
GSE
etag
"de3ff843-4267-455c-8396-a1d8e8df5623"
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=0
content-length
622
x-xss-protection
1; mode=block
expires
Sun, 12 May 2024 07:38:06 GMT
13464135-lightbox_bundle.css
www.blogger.com/static/v1/v-css/
35 KB
6 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/v-css/13464135-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/4290687098-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f9.1e100.net
Software
sffe /
Resource Hash
dbcb4b8e7dbaa9d09b7dbee23f9317eba8ae7933be22e798bc054c0c3b16f163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 10:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6525
x-xss-protection
0
last-modified
Wed, 08 May 2024 09:56:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 09 May 2025 10:44:14 GMT
2309908549-lbx.js
www.blogger.com/static/v1/jsbin/
372 KB
119 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/2309908549-lbx.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/4290687098-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f9.1e100.net
Software
sffe /
Resource Hash
c6dae2f03768f1eb936441ab1965a6fe4c157b3abbb400fdd6244b7d52e48874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121716
x-xss-protection
0
last-modified
Wed, 08 May 2024 01:56:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 08 May 2025 02:45:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://sites.google.com/site/rotjeep/jeep/forensickb1.ico
  • https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Frotjeep%2Fjeep%2Fforensickb1.ico
  • https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/rotjeep/jeep/forensickb1.ico&followup=ht...
  • https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/rotjeep/jeep/forensickb1.ico&followup=https://sites.google.com/site/...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Frotjeep%2Fjeep%2Fforensickb1.ico&followup=ht...
0
0

forensickb1.ico
sites.google.com/site/rotjeep/jeep/
0
0

favicon.ico
www.forensickb.com/
4 KB
542 B
Other
General
Full URL
https://www.forensickb.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 19 Feb 2024 16:23:30 GMT
server
GSE
etag
W/"b4c827340090d687b84b44086de6d91ee011ce8dba0a88a51b9ec26cfabad017"
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
private, max-age=86400
content-length
412
x-xss-protection
1; mode=block
expires
Sun, 12 May 2024 07:38:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Frotjeep%2Fjeep%2Fforensickb1.ico&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Frotjeep%2Fjeep%2Fforensickb1.ico&ifkv=AaSxoQy__BF4h3OoeEf8vXDKgujMK0fTl5gX-EzKgYCTIlRkOY0E4UO1OZeSlcQkxWd1pTNrAIb0-g&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1946936866%3A1715499486727523&ddm=0
Domain
sites.google.com
URL
http://sites.google.com/site/rotjeep/jeep/forensickb1.ico

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl undefined| shared_object number| cloudMin number| maxFontSize object| maxColor number| minFontSize object| minColor boolean| lcShowCount function| s object| c object| labelCount object| ts string| theName number| ta string| t number| fs number| tz object| lc2 object| ul object| li object| a object| abnk object| randarray number| flag number| numofpost function| randomposts object| _F_toggles object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included string| j string| n number| k string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_540768 object| cookieChoices

5 Cookies

Domain/Path Name / Value
.forensickb.com/ Name: __utma
Value: 17118382.564660743.1715499486.1715499486.1715499486.1
.forensickb.com/ Name: __utmc
Value: 17118382
.forensickb.com/ Name: __utmz
Value: 17118382.1715499486.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.forensickb.com/ Name: __utmt
Value: 1
.forensickb.com/ Name: __utmb
Value: 17118382.1.10.1715499486

7 Console Messages

Source Level URL
Text
security warning URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Message:
Mixed Content: The page at 'https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html' was loaded over HTTPS, but requested an insecure element 'http://bp1.blogger.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html(Line 3424)
Message:
Mixed Content: The page at 'https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://feedburner.google.com/fb/a/mailverify'. This endpoint should be made available over a secure connection.
security warning URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html(Line 3460)
Message:
Mixed Content: The page at 'https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html' was loaded over HTTPS, but requested an insecure element 'http://bp1.blogger.com/_rX7Jddr9KTM/R78yimCyL9I/AAAAAAAAAYU/O6AROQ-LMG4/s0-d/rebel.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html(Line 1115)
Message:
Mixed Content: The page at 'https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html' was loaded over HTTPS, but requested an insecure frame 'http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FForensicKBcom%2F175457315805561&layout=standard&show_faces=true&width=450&action=like&colorscheme=light&height=80'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html(Line 3491)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html(Line 3491)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html
Message:
Mixed Content: The page at 'https://www.forensickb.com/2009/12/forensic-review-of-windows-7-part-i.html' was loaded over HTTPS, but requested an insecure favicon 'http://sites.google.com/site/rotjeep/jeep/forensickb1.ico'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
accounts.google.com
apis.google.com
blogger.googleusercontent.com
bp1.blogger.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
resources.blogblog.com
sites.google.com
ssl.google-analytics.com
w.sharethis.com
www.blogger.com
www.forensickb.com
accounts.google.com
sites.google.com
142.250.185.105
142.250.186.66
2600:9000:2724:3200:3:c04e:c780:93a1
2a00:1450:4001:80f::2009
2a00:1450:4001:810::2013
2a00:1450:4001:811::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:829::200e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
024ede5f26545b8d9159b6365bb7f1fa4364a98ca9f8c26f4e69e145853a5e7c
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
082dc2ea0f282b566528a1c0a4971e4e3cf019ad6b85c98eab6c41964e3eb6da
0eb77a24617d9b71852d4e9b5e982001e963f35071d9ce146599bcdbfc1d4487
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
2092343f02140f378c9669772dd55cf1c9aa1e8b3384d19b424d105d3ddcec80
25fa77a2df6adfe3abfd29ff1c7d10558632a241c34eca0d73782e27fcad8360
27f53e7814514e1f400db997ade9fb92f2997d2cf9b888b23b9e4039b69f14e5
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
34301b2b455b04bdee225fcf5b2b2d3b90918707c2a0b7e2033d0ca945954fee
35453c934168e9f31a8b1aa76a3197460977718a544fd37659080629ae3de54d
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
69b27ee622b308d51845fb544fbf9c3325e733affac55a39ac193c6be5a5bde8
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
77fdf8e33233f62520acd57acadddfa164a64273503712269fdbdb5bdcf4fbb4
81df094842b29fb2fbadbe8b4dc9ddfd201f3c0983f8085996be6cbb9b466b33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91ba7ea3320079d440a9bd966c8cfad730f5f88b02a8d785c8e40837d47c16cd
91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
a8d5fc0fbe922e192ac93bab4be6a50aed75eb539995a6f543def2747dfd9ec1
b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
c6dae2f03768f1eb936441ab1965a6fe4c157b3abbb400fdd6244b7d52e48874
c7f53aacd4ad05458f5012dcfc0e59cbfd5e87865cb64141c1885a1991ddff2e
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
d206d37f46b471524cc264a53d14f39844f9357480cb0100cd9a5c1df7a92482
dbcb4b8e7dbaa9d09b7dbee23f9317eba8ae7933be22e798bc054c0c3b16f163