urlscan.io logo urlscan.io
SecurityTrails logo

www.inversecos.com Open in urlscan Pro
2a00:1450:4001:810::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Submission: On September 15 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 51 HTTP transactions. The main IP is 2a00:1450:4001:810::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.inversecos.com.
TLS certificate: Issued by GTS CA 1D4 on September 12th 2023. Valid for: 3 months.
This is the only time www.inversecos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.inversecos.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
19    2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
www.blogblog.com
7    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
lh3.googleusercontent.com
3    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
16 blogger.com
www.blogger.com — Cisco Umbrella Rank: 10166
762 KB
15 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12851
lh3.googleusercontent.com — Cisco Umbrella Rank: 69
2 MB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
508 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
30 KB
3 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 19653
www.blogblog.com — Cisco Umbrella Rank: 42162
139 KB
2 inversecos.com
www.inversecos.com
29 KB
51 6
Domain Requested by
16 www.blogger.com www.inversecos.com
www.blogger.com
14 blogger.googleusercontent.com www.inversecos.com
7 fonts.gstatic.com www.inversecos.com
www.blogger.com
www.google.com
5 www.gstatic.com www.inversecos.com
www.google.com
www.gstatic.com
3 www.google.com www.blogger.com
www.gstatic.com
www.google.com
2 resources.blogblog.com www.inversecos.com
www.blogger.com
2 www.inversecos.com www.inversecos.com
1 www.blogblog.com www.inversecos.com
1 lh3.googleusercontent.com www.inversecos.com
51 9
Subject Issuer Validity Valid
www.inversecos.com
GTS CA 1D4		 2023-09-12 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Frame ID: 9C9CD094FD9CBAF10619C5990E3E8946
Requests: 30 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/4913778223018726354?po=2565013027501402689&hl=en-GB&skin=essential&blogspotRpcToken=8234839
Frame ID: C66A61D93777DC436E9B9AF019868DE5
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Frame ID: 16D7A02D32A58E112C7B3EE8D1B1CEA1
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: 87979B75DDC4388D74FE747D64A6ABF8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How to Detect Malicious OAuth Device Code Phishing

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

51
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

9
Subdomains

6
IPs

1
Countries

3409 kB
Transfer

4584 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request how-to-detect-malicious-oauth-device.html
www.inversecos.com/2022/12/ 		120 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
717e9fbfc2dfcf6bfd01a44f046a2e3594169552425d1af33805da58a501a7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
26753
content-type
text/html; charset=UTF-8
date
Fri, 15 Sep 2023 07:17:12 GMT
etag
W/"0be6c6aafa31440edb690e316a44c698e39e46fed3c94725085be1352243804c"
expires
Fri, 15 Sep 2023 07:17:12 GMT
last-modified
Thu, 14 Sep 2023 23:04:27 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3475
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 15 Sep 2023 07:17:12 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4913778223018726354&zx=2d1e2bab-550f-447e-a902-053eb94709be
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 15 Sep 2023 07:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Sep 2023 07:17:13 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inversecos.com/
Origin
https://www.inversecos.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options
nosniff
age
119336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 22:08:16 GMT
sprite_v1_6.css.svg
www.inversecos.com/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.inversecos.com/responsive/sprite_v1_6.css.svg
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Sep 2023 11:52:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2244
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 22 Sep 2023 07:17:12 GMT
1%20copy.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWXDwWnp2iSPd0dF3OBkDNcpla-4t3NvBLvXkjhXkiAU0kfDPWlzX3qhjzizADGa8eg6b9v993WHymxzy40VrZZZ8sn9jwArvPWh_47RGHH_Bm0SS-ilL5-iii5doIaWdsX3oIogHD897r3C4w... 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWXDwWnp2iSPd0dF3OBkDNcpla-4t3NvBLvXkjhXkiAU0kfDPWlzX3qhjzizADGa8eg6b9v993WHymxzy40VrZZZ8sn9jwArvPWh_47RGHH_Bm0SS-ilL5-iii5doIaWdsX3oIogHD897r3C4wafyMbkBUtMiqyk5ou_PT2KngBRq-7dWk2wfKObjW3A/s16000/1%20copy.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab45f2bf27b5415b8b4a9e45e39a742586a46589eef9f4ae8f14c67e8c7e2ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4810"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1 copy.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110903
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inversecos.com/
Origin
https://www.inversecos.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:52:03 GMT
x-content-type-options
nosniff
age
127509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 19:52:03 GMT
1.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguen134j_Wudio61Af2y7HRmFtJnaD1EBJRtDr1W5AijZ7Lqwxqhj1f2ovh58dkWEOzJCWs-FexxkZp0Z7LPTC-z_7-RB1lX8oXP_LVTH4fVZ4zhCxE_QqsGozfPs7EQcq9FByRdS_SD4mrkSa... 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguen134j_Wudio61Af2y7HRmFtJnaD1EBJRtDr1W5AijZ7Lqwxqhj1f2ovh58dkWEOzJCWs-FexxkZp0Z7LPTC-z_7-RB1lX8oXP_LVTH4fVZ4zhCxE_QqsGozfPs7EQcq9FByRdS_SD4mrkSaEKfn86wo9qugRBXQnokEjpdkRCya-8vNX9FD9toCiQ/s16000/1.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b6f1d45e486cd013be09702cc3d5e6025ed7cf4e5bc42d0dc6500e180ff89a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4812"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115176
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
phishing.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYS1vcTixgwcc89Dn-PvDK4iAHlriBlbv1l013yWZpZ7lCri_ybjV5KIacfLStRBstnkc-epJ-NIaUxETrD_KdYDU3iB5eHYwWhnlXsyEg2LkH60koWhgq0VT7M6eGJpW80rk-nqMN0VdNP0_T... 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYS1vcTixgwcc89Dn-PvDK4iAHlriBlbv1l013yWZpZ7lCri_ybjV5KIacfLStRBstnkc-epJ-NIaUxETrD_KdYDU3iB5eHYwWhnlXsyEg2LkH60koWhgq0VT7M6eGJpW80rk-nqMN0VdNP0_T3LS6jpx4DQrsYe6nK8cjlQNTjAFsXgu29YNUAClReA/s16000/phishing.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d0e6f90af4d1c5bcc8d8053a5bbf99ae51a19bd9073d07ab19af75d1351ee7df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4816"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="phishing.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19924
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
3.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdYzw9Ryd6cGjDhNrdf1mSt8abO9Zie1baPRxSx7I9BVfuuQk_ClnOMBH01EjaaqicrlX7enQW1QNXmCGjifeOoX1kHsuBhjj6JUsZB46sB8Il85W3rEaheMTLNQx62oNm0tdADXVlmNk1z_No... 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdYzw9Ryd6cGjDhNrdf1mSt8abO9Zie1baPRxSx7I9BVfuuQk_ClnOMBH01EjaaqicrlX7enQW1QNXmCGjifeOoX1kHsuBhjj6JUsZB46sB8Il85W3rEaheMTLNQx62oNm0tdADXVlmNk1z_NohNi4d9o1s4VFWtL0G38PxQ83oJ4pwWuYqevetubZOA/s16000/3.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
80869f6619cdd15388af3f9ab74c26697def60a8da355cac0856ac84302fca89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4817"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26345
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
4.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcD22Cd_chsho9Mv9sxsgCbIoIoR4NWgdz15MvgesTUbJascu0Xicm5r1CqZSjikDKfb_rOFxBe-PINbnFgz_RIu4cCHxssKTdWqlbkPVFEn9Kv-tcfgdDz2zIsmWSycGaFEYPjItfdSndixgB... 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcD22Cd_chsho9Mv9sxsgCbIoIoR4NWgdz15MvgesTUbJascu0Xicm5r1CqZSjikDKfb_rOFxBe-PINbnFgz_RIu4cCHxssKTdWqlbkPVFEn9Kv-tcfgdDz2zIsmWSycGaFEYPjItfdSndixgBUcl9U-5OCis6PrviGeDZZl3Z9d2CN4Dwhsm-pcmgxw/s16000/4.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
754b6315949c0a8b2fde4ff3664e575dcf69bc9877af3582d534a02ffb2ecda9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v481c"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="4.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67169
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
5.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKZcefiL7zuwVAWIWDlQuC_rk6xsD7vY67NT5yMVk18ijokr9jwDpMH6SyJ3qD0CNV6pfdR2k5YuDaZnwKKC34z6NsSvnX1HMQ8Yfo6v3x6gVZnvIcjLJRqhZeNzR_gN6LJ3hd0a3EaPn-y8JO... 		663 KB
663 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKZcefiL7zuwVAWIWDlQuC_rk6xsD7vY67NT5yMVk18ijokr9jwDpMH6SyJ3qD0CNV6pfdR2k5YuDaZnwKKC34z6NsSvnX1HMQ8Yfo6v3x6gVZnvIcjLJRqhZeNzR_gN6LJ3hd0a3EaPn-y8JOB51JVEpWbY3X-3_xTxZ2qBf-Ttggk4tPHB7CyIKvcw/s16000/5.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6ca98c43c5b5b39600ef70552882dbd649408f6f7af66fd4c88972e73d57558b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v481c"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="5.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
678416
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
6.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifW86B6zyOspxdAgdB5ORenOyfvhxjLwWJFbnfQSY-rzs1EFXuvhgSsXWHSBqMZq_Lpe4ZAo7QbAZpkny-XgL4KYar3HseSjPXHkF0a8DNZTCiqYT5HSY4s8-7lcGWuAB8jM199pFE1dLLgNEQ... 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifW86B6zyOspxdAgdB5ORenOyfvhxjLwWJFbnfQSY-rzs1EFXuvhgSsXWHSBqMZq_Lpe4ZAo7QbAZpkny-XgL4KYar3HseSjPXHkF0a8DNZTCiqYT5HSY4s8-7lcGWuAB8jM199pFE1dLLgNEQN_NPuVDE3yEo6DYBwW9sQoX0z88YZtl7UDMEKLLTXg/s16000/6.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c2cdabe0ae1f6f21603ae877e6a3a10ced3494b4e4dbe27cb17626769b586b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v481f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="6.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315731
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
7.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4jIzJsammma3pq8X_5afC-frimH6TON6jxhaVE_WzitH_bEYGLEGA7940QtXQ0WU0hTeu2bv9J9ZQt0zoIabiJ-2rEhfBPomFwht_8QK2-kscCO15oW-Ie2jkFhLOJEEqy2agFdzSp71YeRTA... 		436 KB
436 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4jIzJsammma3pq8X_5afC-frimH6TON6jxhaVE_WzitH_bEYGLEGA7940QtXQ0WU0hTeu2bv9J9ZQt0zoIabiJ-2rEhfBPomFwht_8QK2-kscCO15oW-Ie2jkFhLOJEEqy2agFdzSp71YeRTAZ9_i2HOx0bj03XZVEc-tztEpGB9y-UEs-ghskqAFKQ/s16000/7.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
71ce8dd1b7b75879ffab729dc0749f3037389c822dbde8d729dd85b9b926adf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4820"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="7.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446288
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
8.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqaJU7CBHDnjVVzrUVfNbOBawJB8VWfb1j_AoyvvYv3m-loXp2ZQJIbsPWDxjeYRyL8_pBYpy9pvMxzjb_a5O_XmGdPK23eQ5zYOQmAR12buTUD4616xd5JjXZSHymbEM6lTuE486T79fJKZta... 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqaJU7CBHDnjVVzrUVfNbOBawJB8VWfb1j_AoyvvYv3m-loXp2ZQJIbsPWDxjeYRyL8_pBYpy9pvMxzjb_a5O_XmGdPK23eQ5zYOQmAR12buTUD4616xd5JjXZSHymbEM6lTuE486T79fJKZta2bZQC-opigr4Aoz7h51KB77bmG2wz2VDmxpgPIaALA/s16000/8.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
417938ae2df9d083dfd5727415c56f00c5009eab91f6bc84a011265336bd2d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4821"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="8.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63512
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
10.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSvyJvPCmw4eInOWtw_Ut3BemiOidTHRbpOGmbl1Rmd0ODe-UfiGOltl27wNjqlQeWllpLs4DvtrJLJwIrjPaSW2NsLuQ4QP5trQMWemOkPXwUYb5r7i0NproRJMCC8n5X4VP9sGvM1HllakzD... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSvyJvPCmw4eInOWtw_Ut3BemiOidTHRbpOGmbl1Rmd0ODe-UfiGOltl27wNjqlQeWllpLs4DvtrJLJwIrjPaSW2NsLuQ4QP5trQMWemOkPXwUYb5r7i0NproRJMCC8n5X4VP9sGvM1HllakzDqz25ZIUcUMTPHboWp_uwsraIAfApbctgPTL0a6INFw/s16000/10.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02a7429c93fed83c1cb2db67be55165ce758934152791b8a73fcee596f61d3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4826"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="10.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11430
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
9.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigd7d05jxcwkU_blKYRPGAbykSeTouH4ss-B3uhLJZpyAHRbYtDkZ0ar3iu4pXJPYVAtzwMvUw-_BLKa9vPYGojSFp_JsN59PPo_qYt74FX40YtLIw8bj-Mc7QMcRGG9zyFoQ5VicnlZkN_erV... 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigd7d05jxcwkU_blKYRPGAbykSeTouH4ss-B3uhLJZpyAHRbYtDkZ0ar3iu4pXJPYVAtzwMvUw-_BLKa9vPYGojSFp_JsN59PPo_qYt74FX40YtLIw8bj-Mc7QMcRGG9zyFoQ5VicnlZkN_erVyDVqdcYHKJX0T0DJdto1ztJtQMIgD6nwSvPuBsxHtw/s16000/9.PNG
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
66eb803bf01ee51e5082a28633a47a5368054ff404d3194920f71033e9524d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4826"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="9.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26700
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
4235886812-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 02:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6760
x-xss-protection
0
last-modified
Sun, 10 Sep 2023 23:49:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 10 Sep 2024 02:11:10 GMT
Screen%2BShot%2B2021-02-11%2Bat%2B11.53.45%2Bam.png
lh3.googleusercontent.com/-0d69NkZ3LH8/YCSCZbXqnbI/AAAAAAAAB7Y/TiELQO71_R8N0oDPg4m7w2_DcZpK_1dOACLcBGAsYHQ/w72-h72-p-k-no-nu/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-0d69NkZ3LH8/YCSCZbXqnbI/AAAAAAAAB7Y/TiELQO71_R8N0oDPg4m7w2_DcZpK_1dOACLcBGAsYHQ/w72-h72-p-k-no-nu/Screen%2BShot%2B2021-02-11%2Bat%2B11.53.45%2Bam.png
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
39436a0d3088a566b93f105ff4a6806b6e34e72d1cada08f2ae5e6d993c65602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b7"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screen Shot 2021-02-11 at 11.53.45 am.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10666
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:12 GMT
mac12.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCvd7hlTQEINMUYmwIe3wPXmZOjZpRHApA7A7bTzuFnUtfWkVr8rwF7Wm34KfcwShmDNILjbq4Qx27YsFB39wbP9Vx5Cl2ffVs2dnYRxmsH2MK7SQ_77FjJ2rnDl97geikVxKWeDqwfYdN4X0T... 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCvd7hlTQEINMUYmwIe3wPXmZOjZpRHApA7A7bTzuFnUtfWkVr8rwF7Wm34KfcwShmDNILjbq4Qx27YsFB39wbP9Vx5Cl2ffVs2dnYRxmsH2MK7SQ_77FjJ2rnDl97geikVxKWeDqwfYdN4X0TKYRcBmVITVVBzk0OJIpHefOI0vcnTQMmw5kmI_dfow/w72-h72-p-k-no-nu/mac12.png
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ddbaf8006c39444e4155c30031b9044caae7a346710dc7d38d9a13d88f3f4b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v392c"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="mac12.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9528
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:12 GMT
cover.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFK8u2rp5ITC0WRKPlPvf_sXGKQuwTJ5dSrkbi4Blry0dTxyeM9_Lq1AJZVr3GzOLl7U800hO2ZVWx16UN7Vx4DSMEyMRIMIRGu0rNZr-mGgmWtqOvI1lAqvRkNVtUszCPSkkZzbNam0G6eXOi... 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFK8u2rp5ITC0WRKPlPvf_sXGKQuwTJ5dSrkbi4Blry0dTxyeM9_Lq1AJZVr3GzOLl7U800hO2ZVWx16UN7Vx4DSMEyMRIMIRGu0rNZr-mGgmWtqOvI1lAqvRkNVtUszCPSkkZzbNam0G6eXOiPE8cI5bJ0TbKgKocQA47rklmPJJtRz5mC-dJKSd4JA/w72-h72-p-k-no-nu/cover.png
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d60b1420a0a6a3b88018d67334c079b10ca8968b97d0cea87d16b5df38aef0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v45f8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="cover.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8810
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
Screen+Shot+2022-11-24+at+12.11.09+pm.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAoPDAo3AiK4eDBB6_H4rXce1AQXHLp13sYm0oWcnKWgtQg-6uV-USpA-4co-DbzeG-y9rmBYp20x0P_cDJIzbf3gm4k1IQejvSOFlSdnBiwqbseCATbIPO4ZoWNNndVw/s220/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAoPDAo3AiK4eDBB6_H4rXce1AQXHLp13sYm0oWcnKWgtQg-6uV-USpA-4co-DbzeG-y9rmBYp20x0P_cDJIzbf3gm4k1IQejvSOFlSdnBiwqbseCATbIPO4ZoWNNndVw/s220/Screen+Shot+2022-11-24+at+12.11.09+pm.png
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7d5c13ed5563d18accafaa40f8019e5bb97269cde36548b3b4a48053fcaa99e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v471f"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screen Shot 2022-11-24 at 12.11.09 pm.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74829
x-xss-protection
0
expires
Sat, 16 Sep 2023 07:17:13 GMT
1433729463-strm_compiled.js
resources.blogblog.com/blogblog/data/res/ 		136 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/1433729463-strm_compiled.js
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c75741a22925603a53038848d773657712697bfe6bceb9182e1658550e620d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 08:19:46 GMT
x-content-type-options
nosniff
age
255446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138757
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:56:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 19 Sep 2023 08:19:46 GMT
1465578468-widgets.js
www.blogger.com/static/v1/widgets/ 		157 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1465578468-widgets.js
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d49c1e3a643794375db57ab0f237a97a189577f3e822d8512ed383f95941dde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 02:07:13 GMT
x-content-type-options
nosniff
age
191399
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160377
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 01:52:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 12 Sep 2024 02:07:13 GMT
4913778223018726354
www.blogger.com/comment/frame/ Frame C66A 		85 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/comment/frame/4913778223018726354?po=2565013027501402689&hl=en-GB&skin=essential&blogspotRpcToken=8234839
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc5a8d37f154fced67672167f1fab5d6fecc8a130927685d129faf051fff9327
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uXjvjFB6e2VJCsd_vyaunw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inversecos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uXjvjFB6e2VJCsd_vyaunw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Fri, 15 Sep 2023 07:17:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.inversecos.com/
Origin
https://www.inversecos.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:05:38 GMT
x-content-type-options
nosniff
age
522694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17508
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 06:05:38 GMT
m=_b,_tp
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47... Frame C66A 		178 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47SrA/m=_b,_tp
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/4913778223018726354?po=2565013027501402689&hl=en-GB&skin=essential&blogspotRpcToken=8234839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad42eadf47dc609a4c8367c027c3920b3332b966fd65fd5bda70486b5d17224a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63790
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 09:14:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:16:45 GMT
cspreport
www.blogger.com/_/BloggerCommentUi/ Frame C66A 		0
26 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/BloggerCommentUi/cspreport
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-15AWEtLpmXY7_cCIgyIOjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 15 Sep 2023 07:17:12 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-15AWEtLpmXY7_cCIgyIOjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C66A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/4913778223018726354?po=2565013027501402689&hl=en-GB&skin=essential&blogspotRpcToken=8234839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
Origin
https://www.blogger.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
533949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 02:58:03 GMT
mspin_black_large.svg
www.blogblog.com/indie/ 		6 KB
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogblog.com/indie/mspin_black_large.svg
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 22:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
870
x-xss-protection
0
last-modified
Sun, 10 Sep 2023 21:52:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 17 Sep 2023 22:59:00 GMT
blogger_logo_round_35.png
www.blogger.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:32:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Sep 2023 13:57:45 GMT
server
sffe
age
308698
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2531
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 18 Sep 2023 17:32:14 GMT
anon36.png
resources.blogblog.com/img/ Frame C66A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/anon36.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/4913778223018726354?po=2565013027501402689&hl=en-GB&skin=essential&blogspotRpcToken=8234839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 05:14:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Sep 2023 11:53:55 GMT
server
sffe
age
266574
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1654
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 19 Sep 2023 05:14:18 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ Frame C66A 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/4913778223018726354?po=2565013027501402689&hl=en-GB&skin=essential&blogspotRpcToken=8234839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
Origin
https://www.blogger.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 16:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20776
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 16:10:35 GMT
m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz...
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=_b,_tp/excm=_b,_tp,commentformifra... Frame C66A 		275 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0btmS5Qxhi_UHHa4RhbTp0zv2eyQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47SrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a3e85ea3632f800df1e7ca9119b72647e7ad5f870bf49c5f6fa4486a038bd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100171
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 21:31:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:16:45 GMT
m=VXdfxd,fgib1c,YwHGTd,pxq3x
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,... Frame C66A 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0btmS5Qxhi_UHHa4RhbTp0zv2eyQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47SrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52dc7f0b256b532e87276f6dc0b8cdb33749fd9667c47c8df77da287dfc01ebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26101
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 21:31:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:19:21 GMT
m=RqjULd
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,... Frame C66A 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0btmS5Qxhi_UHHa4RhbTp0zv2eyQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47SrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49d92a8f5ca6ca26840293da723b7178e542673794fbfccd04b71b7a9d8f7081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6270
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 21:31:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:19:21 GMT
m=bm51tf
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,... Frame C66A 		1 KB
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0btmS5Qxhi_UHHa4RhbTp0zv2eyQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47SrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c029bdf7d8e766de06cb0bcd8f101f854ab174f7b04060f7dfdc69873c70c36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
686
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 21:31:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:19:21 GMT
api.js
www.google.com/recaptcha/ Frame C66A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0btmS5Qxhi_UHHa4RhbTp0zv2eyQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9c07036bee3756d06c72db3d043f06f03fd59793ba6822092d9f2cdd95453b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
951
x-xss-protection
1; mode=block
expires
Fri, 15 Sep 2023 07:17:13 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4913778223018726354&zx=2d1e2bab-550f-447e-a902-053eb94709be
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Fri, 15 Sep 2023 07:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Sep 2023 07:17:13 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame C66A 		453 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
Origin
https://www.blogger.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 05:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185696
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 05:54:58 GMT
anchor
www.google.com/recaptcha/api2/ Frame 16D7 		51 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f806217a1e606038cec3f9beac508417689ace1aab1192b036add812417fcbe0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gjjSAmirjFb_z-GAnyba1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.blogger.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28655
content-security-policy
script-src 'report-sample' 'nonce-gjjSAmirjFb_z-GAnyba1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 07:17:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 16D7 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 18:51:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 16D7 		453 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 05:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185696
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 05:54:58 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 16D7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
522865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 16 Sep 2023 06:02:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 16D7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
533950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 16D7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
523551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 05:51:22 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 16D7 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=uEf7E1417z6GNSkRx7AyL8K8
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e5cc584ab2125a34a5dfabff1e040a321d4b5171989bcd3dd0bb1275fc355c25
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=uEf7E1417z6GNSkRx7AyL8K8&size=invisible&cb=pwxw293io37f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 07:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 15 Sep 2023 07:17:13 GMT
cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 8797 		0
26 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/BloggerCommentUi/cspreport
Requested by
Host: www.inversecos.com
URL: https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LvokXyvQUW__QfcJdDMWNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 15 Sep 2023 07:17:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-LvokXyvQUW__QfcJdDMWNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
3268905543-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1465578468-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 11:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6501
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 13:52:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 09 Sep 2024 11:54:48 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,... Frame C66A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/ck=boq-blogger.BloggerCommentUi.zEgcDaBqj7Y.L.B1.O/am=AEDTAQg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0btmS5Qxhi_UHHa4RhbTp0zv2eyQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en_GB.8OFQ7AN6Dg8.es5.O/am=AEDTAQg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Wqvln8FE8qe7of20zRkzPW47SrA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd4a6a03a38f9fd1d667e32bb3d9ed04f19bbece8b8d126510949b4f05e271e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1671
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 21:31:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 03:19:23 GMT
3230275857-lbx__en_gb.js
www.blogger.com/static/v1/jsbin/ 		374 KB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/3230275857-lbx__en_gb.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1465578468-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff5eb8199ee22d423dde9aa2c839f27f73e29cc5e40d4233a94f91351a066bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.inversecos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 02:12:22 GMT
x-content-type-options
nosniff
age
191092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
382621
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 01:52:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 12 Sep 2024 02:12:22 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| BLOG_CMT_createIframe function| ClipboardJS function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_283428 object| closure_lm_422234

0 Cookies

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
fonts.gstatic.com
lh3.googleusercontent.com
resources.blogblog.com
www.blogblog.com
www.blogger.com
www.google.com
www.gstatic.com
www.inversecos.com
2a00:1450:4001:810::2013
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2009
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02a7429c93fed83c1cb2db67be55165ce758934152791b8a73fcee596f61d3bf
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
39436a0d3088a566b93f105ff4a6806b6e34e72d1cada08f2ae5e6d993c65602
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ff5eb8199ee22d423dde9aa2c839f27f73e29cc5e40d4233a94f91351a066bd
417938ae2df9d083dfd5727415c56f00c5009eab91f6bc84a011265336bd2d29
49d92a8f5ca6ca26840293da723b7178e542673794fbfccd04b71b7a9d8f7081
52dc7f0b256b532e87276f6dc0b8cdb33749fd9667c47c8df77da287dfc01ebe
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
66eb803bf01ee51e5082a28633a47a5368054ff404d3194920f71033e9524d17
6a3e85ea3632f800df1e7ca9119b72647e7ad5f870bf49c5f6fa4486a038bd83
6ca98c43c5b5b39600ef70552882dbd649408f6f7af66fd4c88972e73d57558b
717e9fbfc2dfcf6bfd01a44f046a2e3594169552425d1af33805da58a501a7a7
71ce8dd1b7b75879ffab729dc0749f3037389c822dbde8d729dd85b9b926adf2
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
754b6315949c0a8b2fde4ff3664e575dcf69bc9877af3582d534a02ffb2ecda9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d5c13ed5563d18accafaa40f8019e5bb97269cde36548b3b4a48053fcaa99e2
80869f6619cdd15388af3f9ab74c26697def60a8da355cac0856ac84302fca89
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
ab45f2bf27b5415b8b4a9e45e39a742586a46589eef9f4ae8f14c67e8c7e2ffe
ad42eadf47dc609a4c8367c027c3920b3332b966fd65fd5bda70486b5d17224a
b6f1d45e486cd013be09702cc3d5e6025ed7cf4e5bc42d0dc6500e180ff89a88
b9c07036bee3756d06c72db3d043f06f03fd59793ba6822092d9f2cdd95453b8
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
c029bdf7d8e766de06cb0bcd8f101f854ab174f7b04060f7dfdc69873c70c36c
c2cdabe0ae1f6f21603ae877e6a3a10ced3494b4e4dbe27cb17626769b586b01
c75741a22925603a53038848d773657712697bfe6bceb9182e1658550e620d9c
d0e6f90af4d1c5bcc8d8053a5bbf99ae51a19bd9073d07ab19af75d1351ee7df
d49c1e3a643794375db57ab0f237a97a189577f3e822d8512ed383f95941dde8
d60b1420a0a6a3b88018d67334c079b10ca8968b97d0cea87d16b5df38aef0c5
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
dc5a8d37f154fced67672167f1fab5d6fecc8a130927685d129faf051fff9327
ddbaf8006c39444e4155c30031b9044caae7a346710dc7d38d9a13d88f3f4b78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cc584ab2125a34a5dfabff1e040a321d4b5171989bcd3dd0bb1275fc355c25
efd4a6a03a38f9fd1d667e32bb3d9ed04f19bbece8b8d126510949b4f05e271e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f806217a1e606038cec3f9beac508417689ace1aab1192b036add812417fcbe0