urlscan.io logo urlscan.io
SecurityTrails logo

georgez604wgq1.gynoblog.com Open in urlscan Pro
142.147.105.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://georgez604wgq1.gynoblog.com/profile
Submission: On May 31 via manual from US — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 19 HTTP transactions. The main IP is 142.147.105.19, located in Chicago, United States and belongs to AS-SPRIO, US. The main domain is georgez604wgq1.gynoblog.com.
TLS certificate: Issued by R3 on April 30th 2022. Valid for: 3 months.
This is the only time georgez604wgq1.gynoblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 142.147.105.19 64267 (AS-SPRIO)
6 142.250.185.170 15169 (GOOGLE)
7 142.250.186.35 15169 (GOOGLE)
19 3
Apex Domain
Subdomains		 Transfer
7 gstatic.com
fonts.gstatic.com
105 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
3 KB
6 gynoblog.com
georgez604wgq1.gynoblog.com
cloud.gynoblog.com
gynoblog.com
648 KB
19 3
Domain Requested by
7 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com cloud.gynoblog.com
4 cloud.gynoblog.com georgez604wgq1.gynoblog.com
cloud.gynoblog.com
1 gynoblog.com cloud.gynoblog.com
1 georgez604wgq1.gynoblog.com
19 5

This site contains links to these domains. Also see Links.

Domain
gynoblog.com
-39639.rimmablog.com
Subject Issuer Validity Valid
gynoblog.com
R3		 2022-04-30 -
2022-07-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://georgez604wgq1.gynoblog.com/profile
Frame ID: A3E5F251F14CE378D2AF57180008E26C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New blog georgez604wgq1.gynoblog.com - profile

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

1
Countries

756 kB
Transfer

757 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request profile
georgez604wgq1.gynoblog.com/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://georgez604wgq1.gynoblog.com/profile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.147.105.19 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
vm-0430.idam.sprious.com
Software
nginx / PHP/7.0.33
Resource Hash
ecb4dd1118dcd8b9dea7d897fc476a07b0eb13749d775a5e51220e9eb8fdcff2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 May 2022 00:15:44 GMT
Expires
Mon, 27 Jul 2011 07:08:02 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.0.33
style.css
cloud.gynoblog.com/blog/cdn/ 		417 KB
417 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.gynoblog.com/blog/cdn/style.css
Requested by
Host: georgez604wgq1.gynoblog.com
URL: https://georgez604wgq1.gynoblog.com/profile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.147.105.19 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
vm-0430.idam.sprious.com
Software
nginx /
Resource Hash
40c38b3428b7a8f6af7fefd98806425fef0011769cbbd4160f768e603eca2f74

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://georgez604wgq1.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 May 2022 00:15:45 GMT
Last-Modified
Thu, 26 Nov 2020 15:30:57 GMT
Server
nginx
ETag
"5fbfca31-6846f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
427119
css2
fonts.googleapis.com/ 		1 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Shrikhand&display=swap
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
25bc9997cadffd1004859c8e17ea8d6e50c7125d1283367a37bed3ef29ff3e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 May 2022 00:13:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 00:13:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 May 2022 00:13:58 GMT
css2
fonts.googleapis.com/ 		1 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=El+Messiri:wght@600&display=swap
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
969650878e66f8ed86241276b1e2ef815556443ac5c51df9fb6b23c63331b5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 May 2022 00:13:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 00:13:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 May 2022 00:13:58 GMT
css2
fonts.googleapis.com/ 		811 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Zilla+Slab+Highlight&display=swap
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8d534c9af51e951d51da41d75a1dde26dc64b06a0ebd8878e4fd74df8d61e480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 May 2022 00:13:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 00:13:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 May 2022 00:13:58 GMT
css2
fonts.googleapis.com/ 		1 KB
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bellota+Text:wght@700&display=swap
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
6bab487b551a0154da8dd19d04c7faf39dda9a51648af0facda0f1587d7ba104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 May 2022 00:13:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 00:13:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 May 2022 00:13:58 GMT
css2
fonts.googleapis.com/ 		1 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Assistant:wght@600&display=swap
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
b3154da449b6a56fa457a5450eba0405e94e41bcb2a75462edaac6c25eae7e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 May 2022 00:13:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 00:13:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 May 2022 00:13:58 GMT
css2
fonts.googleapis.com/ 		750 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Reem+Kufi&display=swap
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
9ce4f8f46c8b7417cd702fa2c692b990e631030859b5c9d84123e7f594e3cc2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 31 May 2022 00:13:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 00:13:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 May 2022 00:13:58 GMT
img09.jpg
cloud.gynoblog.com/blog/images/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.gynoblog.com/blog/images/img09.jpg
Requested by
Host: georgez604wgq1.gynoblog.com
URL: https://georgez604wgq1.gynoblog.com/profile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.147.105.19 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
vm-0430.idam.sprious.com
Software
nginx /
Resource Hash
0aac213803d0c346827ee545002ec1f5c9e49effc3c8548858166705bebf3934

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://georgez604wgq1.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 May 2022 00:15:47 GMT
Last-Modified
Tue, 24 Nov 2020 20:28:37 GMT
Server
nginx
ETag
"5fbd6cf5-1a545"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107845
white_arw.png
gynoblog.com/blog/images/ 		311 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gynoblog.com/blog/images/white_arw.png
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.147.105.19 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
vm-0430.idam.sprious.com
Software
nginx /
Resource Hash
8e32b8a71f654ddc281ee5bf2f66ffac7c9a31a5492dec1cf8b3552922db3c99

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://cloud.gynoblog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 May 2022 00:15:47 GMT
Last-Modified
Tue, 24 Nov 2020 19:41:12 GMT
Server
nginx
ETag
"5fbd61d8-137"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
311
2sDPZGJLip7W2J7v7wQZZE1I0yCmYzzQtuZnIGaV3w.woff2
fonts.gstatic.com/s/reemkufi/v17/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/reemkufi/v17/2sDPZGJLip7W2J7v7wQZZE1I0yCmYzzQtuZnIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Reem+Kufi&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e970b5769366628c4c965694a2497c5bedba42c5d77c16bd6c7d1d044c346240
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 May 2022 23:44:16 GMT
x-content-type-options
nosniff
age
433782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10304
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 23:44:16 GMT
2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2
fonts.gstatic.com/s/assistant/v16/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v16/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Assistant:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
689c20af02bab2d973d5be1ec59c0db23a441f464605573114e0c700cef694ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 May 2022 07:52:31 GMT
x-content-type-options
nosniff
age
490887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11240
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:45:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 07:52:31 GMT
a8IbNovtLWfR7T7bMJwrA4KR.woff2
fonts.gstatic.com/s/shrikhand/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/shrikhand/v11/a8IbNovtLWfR7T7bMJwrA4KR.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Shrikhand&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c034f81e88012cd2d57c0026da42bbf704decdcafc48d221f9f78d189c68f90e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 May 2022 23:37:36 GMT
x-content-type-options
nosniff
age
434182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15968
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:17:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 23:37:36 GMT
K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuUufJ5njDw.woff2
fonts.gstatic.com/s/elmessiri/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/elmessiri/v15/K2FhfZBRmr9vQ1pHEey6GIGo8_pv3myYjuUufJ5njDw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
0328a8a8249210e04b5e484ae65c6c7ad874612941cd812157b8bf3de98c1287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 May 2022 01:41:45 GMT
x-content-type-options
nosniff
age
340333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13984
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:05:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 May 2023 01:41:45 GMT
gNMbW2BrTpK8-inLtBJgMMfbm6uNVDvRxitPaWE.woff2
fonts.gstatic.com/s/zillaslabhighlight/v17/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/zillaslabhighlight/v17/gNMbW2BrTpK8-inLtBJgMMfbm6uNVDvRxitPaWE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Zilla+Slab+Highlight&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7fa0c382d0c4a9b446f7ef4afd04377aa99bc82bdefe451e38969ed44b65a153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:17:27 GMT
x-content-type-options
nosniff
age
431791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25804
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:16:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 00:17:27 GMT
0FlMVP2VnlWS4f3-UE9hHXM5Rfwafg_xcy4.woff2
fonts.gstatic.com/s/bellotatext/v16/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bellotatext/v16/0FlMVP2VnlWS4f3-UE9hHXM5Rfwafg_xcy4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bellota+Text:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
352c22a5cab76e90ae761c84380e9c24d3d45c09b774de5aab3ce8f5eb1a98bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 May 2022 21:27:42 GMT
x-content-type-options
nosniff
age
441976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9736
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 20:07:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 21:27:42 GMT
0FlMVP2VnlWS4f3-UE9hHXM5Rfwaeg_x.woff2
fonts.gstatic.com/s/bellotatext/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bellotatext/v16/0FlMVP2VnlWS4f3-UE9hHXM5Rfwaeg_x.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bellota+Text:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
703ee3b908c123462cd2b40f475a176bb6034f502989e743db123448e1ef45e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:48:31 GMT
x-content-type-options
nosniff
age
447927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19604
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 20:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:48:31 GMT
1fj11w.woff2
cloud.gynoblog.com/blog/cdn/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cloud.gynoblog.com/blog/cdn/1fj11w.woff2
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.147.105.19 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
vm-0430.idam.sprious.com
Software
nginx /
Resource Hash
18badd302023c3a0e11fd12ab2c436725ad1f2f539bfd6e0a1005ad9a724edda

Request headers

Referer
https://cloud.gynoblog.com/blog/cdn/style.css
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 May 2022 00:15:47 GMT
Last-Modified
Thu, 15 Oct 2020 20:51:49 GMT
Server
nginx
ETag
"5f88b665-e4a0"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58528
42om2k.woff2
cloud.gynoblog.com/blog/cdn/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cloud.gynoblog.com/blog/cdn/42om2k.woff2
Requested by
Host: cloud.gynoblog.com
URL: https://cloud.gynoblog.com/blog/cdn/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.147.105.19 Chicago, United States, ASN64267 (AS-SPRIO, US),
Reverse DNS
vm-0430.idam.sprious.com
Software
nginx /
Resource Hash
41363378e9fe2ebbc2f7460af182cbbd0531b969ca5fc66dfc23afc57a36ec70

Request headers

Referer
https://cloud.gynoblog.com/blog/cdn/style.css
Origin
https://georgez604wgq1.gynoblog.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 May 2022 00:15:47 GMT
Last-Modified
Thu, 15 Oct 2020 20:51:49 GMT
Server
nginx
ETag
"5f88b665-f138"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61752

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.gynoblog.com
fonts.googleapis.com
fonts.gstatic.com
georgez604wgq1.gynoblog.com
gynoblog.com
142.147.105.19
142.250.185.170
142.250.186.35
0328a8a8249210e04b5e484ae65c6c7ad874612941cd812157b8bf3de98c1287
0aac213803d0c346827ee545002ec1f5c9e49effc3c8548858166705bebf3934
18badd302023c3a0e11fd12ab2c436725ad1f2f539bfd6e0a1005ad9a724edda
25bc9997cadffd1004859c8e17ea8d6e50c7125d1283367a37bed3ef29ff3e0d
352c22a5cab76e90ae761c84380e9c24d3d45c09b774de5aab3ce8f5eb1a98bc
40c38b3428b7a8f6af7fefd98806425fef0011769cbbd4160f768e603eca2f74
41363378e9fe2ebbc2f7460af182cbbd0531b969ca5fc66dfc23afc57a36ec70
689c20af02bab2d973d5be1ec59c0db23a441f464605573114e0c700cef694ce
6bab487b551a0154da8dd19d04c7faf39dda9a51648af0facda0f1587d7ba104
703ee3b908c123462cd2b40f475a176bb6034f502989e743db123448e1ef45e3
7fa0c382d0c4a9b446f7ef4afd04377aa99bc82bdefe451e38969ed44b65a153
8d534c9af51e951d51da41d75a1dde26dc64b06a0ebd8878e4fd74df8d61e480
8e32b8a71f654ddc281ee5bf2f66ffac7c9a31a5492dec1cf8b3552922db3c99
969650878e66f8ed86241276b1e2ef815556443ac5c51df9fb6b23c63331b5ec
9ce4f8f46c8b7417cd702fa2c692b990e631030859b5c9d84123e7f594e3cc2b
b3154da449b6a56fa457a5450eba0405e94e41bcb2a75462edaac6c25eae7e95
c034f81e88012cd2d57c0026da42bbf704decdcafc48d221f9f78d189c68f90e
e970b5769366628c4c965694a2497c5bedba42c5d77c16bd6c7d1d044c346240
ecb4dd1118dcd8b9dea7d897fc476a07b0eb13749d775a5e51220e9eb8fdcff2