androidtricks4all.blogspot.com Open in urlscan Pro
142.250.186.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Submission: On September 27 via api (September 27th 2021, 5:22:41 am UTC) from GB — Scanned from DE

Summary HTTP 88 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 18 domains to perform 88 HTTP transactions. The main IP is 142.250.186.97, located in United States and belongs to GOOGLE, US. The main domain is androidtricks4all.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on August 30th 2021. Valid for: 3 months.

This is the only time androidtricks4all.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
1 14	142.250.181.233 142.250.181.233	15169 (GOOGLE) (GOOGLE)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
3	216.58.207.195 216.58.207.195	15169 (GOOGLE) (GOOGLE)
1	13.224.193.25 13.224.193.25	16509 (AMAZON-02) (AMAZON-02)
16	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
2	54.177.15.8 54.177.15.8	16509 (AMAZON-02) (AMAZON-02)
2	13.224.185.14 13.224.185.14	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	13.224.193.72 13.224.193.72	16509 (AMAZON-02) (AMAZON-02)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
1	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 1	142.250.74.205 142.250.74.205	15169 (GOOGLE) (GOOGLE)
1	13.225.78.86 13.225.78.86	16509 (AMAZON-02) (AMAZON-02)
5	13.225.78.32 13.225.78.32	16509 (AMAZON-02) (AMAZON-02)
9	172.67.39.79 172.67.39.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
88	26

5 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

androidtricks4all.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
indzign.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.233 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.207.195 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn11s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-25.fra2.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.177.15.8 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-15-8.us-west-1.compute.amazonaws.com

my.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.185.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-185-14.fra2.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-72.fra2.r.cloudfront.net

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.205 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-32.fra2.r.cloudfront.net

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.39.79 (United States)

ASN13335 (CLOUDFLARENET, US)

static1.makeuseofimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	blogspot.com androidtricks4all.blogspot.com indzign.blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com	343 KB
12	blogger.com 1 redirects www.blogger.com	365 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	177 KB
9	makeuseofimages.com static1.makeuseofimages.com	824 KB
9	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com	48 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	11 KB
4	google.com 1 redirects adservice.google.com accounts.google.com www.google.com	16 KB
3	gstatic.com fonts.gstatic.com	54 KB
2	blogblog.com resources.blogblog.com	2 KB
2	amazon-adsystem.com z-na.amazon-adsystem.com	17 KB
2	bidvertiser.com my.bidvertiser.com	16 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googleapis.com ajax.googleapis.com	59 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	659 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	76 KB
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
88	18

	Domain	Requested by
12	www.blogger.com	1 redirects androidtricks4all.blogspot.com www.blogger.com
11	2.bp.blogspot.com	androidtricks4all.blogspot.com ajax.googleapis.com
9	static1.makeuseofimages.com	androidtricks4all.blogspot.com
8	pagead2.googlesyndication.com	androidtricks4all.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	platform-cdn.sharethis.com	androidtricks4all.blogspot.com
3	fonts.gstatic.com	androidtricks4all.blogspot.com www.blogger.com
3	androidtricks4all.blogspot.com	ajax.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	www.blogger.com tpc.googlesyndication.com
2	resources.blogblog.com	www.blogger.com
2	4.bp.blogspot.com	androidtricks4all.blogspot.com ajax.googleapis.com
2	z-na.amazon-adsystem.com	androidtricks4all.blogspot.com
2	my.bidvertiser.com	androidtricks4all.blogspot.com ajax.googleapis.com
2	1.bp.blogspot.com	androidtricks4all.blogspot.com ajax.googleapis.com
2	indzign.blogspot.com	cdn.jsdelivr.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ajax.googleapis.com	androidtricks4all.blogspot.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	3.bp.blogspot.com	androidtricks4all.blogspot.com
1	accounts.google.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maxcdn.bootstrapcdn.com	androidtricks4all.blogspot.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	androidtricks4all.blogspot.com
1	cdn.jsdelivr.net	androidtricks4all.blogspot.com
1	www.googletagmanager.com	androidtricks4all.blogspot.com
88	31

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
bit.ly
www.makeuseof.com
www.cloudmark.com
www.blogger.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.bidvertiser.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-25` - `2021-11-30`	2 years	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Frame ID: 456102FEFBEB714B935D7FFC4371077F
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 31E541BD58D23D4628CB6A00154CA27D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&adk=1812271804&adf=3025194257&lmt=1632692836&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720155978&bpp=3&bdt=207&idt=125&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1660959628521&frm=20&pv=2&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
Frame ID: F1A454C2B9EF8CACAE78D59A8A690F55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=138&slotname=5683980132&adk=3670000422&adf=1436912046&pi=t.ma~as.5683980132&w=549&fwrn=4&lmt=1632692836&rafmt=11&psa=0&format=549x138&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156041&bpp=15&bdt=270&idt=86&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=468&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jVKevjOM4v&p=https%3A//androidtricks4all.blogspot.com&dtd=96
Frame ID: 8EE70BDB0BD95CE0A000E5B8CA15548B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=800&slotname=6655755806&adk=2477690523&adf=2134959341&pi=t.ma~as.6655755806&w=600&lmt=1632692836&psa=0&format=600x800&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156151&bpp=1&bdt=380&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=442&ady=1955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bVu9UQzoA6&p=https%3A//androidtricks4all.blogspot.com&dtd=3
Frame ID: 828507B398651DCDD206C0E0B92B42D5
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
Frame ID: E4427F1CA25ED869D92DC69D9F699141
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=600&slotname=7141319010&adk=1087678089&adf=235022077&pi=t.ma~as.7141319010&w=287&fwrn=4&fwrnh=100&lmt=1632692836&rafmt=1&psa=0&format=287x600&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156176&bpp=2&bdt=405&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138%2C600x800&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AEr22BpN2T&p=https%3A//androidtricks4all.blogspot.com&dtd=5
Frame ID: 264793FEC5EA8A0FB303A8458102F052
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=987&slotname=9256386496&adk=4145790868&adf=923858445&pi=t.ma~as.9256386496&w=287&cr_col=1&cr_row=13&fwrn=2&lmt=1632692836&rafmt=9&psa=0&format=287x987&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156185&bpp=1&bdt=413&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138%2C600x800%2C287x600&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=4sIgCnuMRX&p=https%3A//androidtricks4all.blogspot.com&dtd=4
Frame ID: 24A80202483B81DDC3643DB26A4158EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 50EC4494CC8CDA19BFCCB33721B33F12
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67733BB2ACA4F018EB4EA9C211FCB8DF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TangleBot: New Malware Uses COVID-19 Misinformation to Target Android UsersTangleBot: New Malware Uses COVID-19 Misinformation to Target Android Users - Android Tricks 4 All

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

88
Requests

100 %
HTTPS

0 %
IPv6

18
Domains

31
Subdomains

26
IPs

3
Countries

2097 kB
Transfer

3944 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/android.Tips4all/
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/hadadjus

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/

Search URL Search Domain Scan URL

URL: https://bit.ly/39xtI8T

Search URL Search Domain Scan URL

URL: https://www.makeuseof.com/what-is-flubot-malware/
Title: Similar to Flubot

Search URL Search Domain Scan URL

URL: https://www.cloudmark.com/en/blog/mobile/tanglebot-new-advanced-sms-malware-targets-mobile-users-across-us-and-canada-covid-19
Title: Cloudmark

Search URL Search Domain Scan URL

URL: https://www.makeuseof.com/avoid-covid-19-vaccine-scams/
Title: How to Avoid Falling Victim to COVID-19 Vaccine Scams

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762 HTTP 302
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D4065937703720099783%26postID%3D6481448296089493134%26skin%3Dcontempo%26blogspotRpcToken%3D8321762%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D4065937703720099783%26postID%3D6481448296089493134%26skin%3Dcontempo%26blogspotRpcToken%3D8321762%26bpli%3D1&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tanglebot-new-malware-uses-covid-19.html Show response
androidtricks4all.blogspot.com/2021/09/ 207 KB
48 KB 542ms
472ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

GSE /

Resource Hash

8457874379d39e5c1a9f82635e2765b932032a6ae36c63b713ece3562ca7d2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: androidtricks4all.blogspot.com
:scheme: https
:path: /2021/09/tanglebot-new-malware-uses-covid-19.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Mon, 27 Sep 2021 05:22:35 GMT
date: Mon, 27 Sep 2021 05:22:35 GMT
cache-control: private, max-age=0
last-modified: Sun, 26 Sep 2021 21:47:16 GMT
etag: W/"996fd8b1847352a91967f68dd1daa54cd0015bb70cb75e0c65f5470b0db8474e"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 48581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1667664774-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 72ms
7ms Stylesheet
text/css 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 12:19:36 GMT
x-content-type-options: nosniff
age: 234179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36164
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 02:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 24 Sep 2022 12:19:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 63ms
29ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-12000041-8

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6f0946839f505413c52070c52689c6fe423ee5c5665fe715c0a36aa417d91e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39239
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Sep 2021 05:22:35 GMT

GET
H2 200 3455314004-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 31 KB
31 KB 77ms
14ms Stylesheet
text/css 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3455314004-widget_css_bundle.css

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

25f654e30834688f9a468bfa5b0a90b6c54066dfce4c81a7975fedef029f5e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 15:12:04 GMT
x-content-type-options: nosniff
age: 223831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31611
x-xss-protection: 0
last-modified: Tue, 21 Jul 2020 06:25:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 24 Sep 2022 15:12:04 GMT

GET
H2 200 daftarisikeren.js Show response
cdn.jsdelivr.net/gh/Indzign/InSEO@master/ 4 KB
2 KB 21ms
6ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Indzign/InSEO@master/daftarisikeren.js

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f4a51fb7b48586c8a09868084547a8710bec3134411801a6fa880a384def7b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 28649
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1769
etag: W/"e18-nrRkN6+1g46S5HZKbnT8d9dvTtg"
x-served-by: cache-fra19173-FRA
x-jsd-version-type: branch
date: Mon, 27 Sep 2021 05:22:35 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 29ms
7ms Script
text/javascript 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 12:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 25 Sep 2022 12:59:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 62ms
41ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

be617931e04d8c1d694f9948132890a21828b55fb640aab2c147cd1591ec688c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49937
x-xss-protection: 0
server: cafe
etag: 15921556807777438798
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 05:22:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 50ms
13ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12000041-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1835
date: Mon, 27 Sep 2021 04:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 27 Sep 2021 06:52:00 GMT

GET
H2 200 summary Show response
indzign.blogspot.com/feeds/posts/ 333 KB
41 KB 225ms
199ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://indzign.blogspot.com/feeds/posts/summary?alt=json-in-script&max-results=99999&orderby=published&callback=showTabs_1632720155882

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/Indzign/InSEO@master/daftarisikeren.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

blogger-renderd /

Resource Hash

7342e46482b326de7931726ec7c04a26c9d3ac84339ad73a774e6a9472cd2a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 30 May 2021 07:32:20 GMT
server: blogger-renderd
etag: W/"06c8d677bffc64f79daf9ecbae140291acfefed4004984e9ba2b37f1a6bf3da5"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 41277
x-xss-protection: 0
expires: Mon, 27 Sep 2021 05:22:37 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v5/ 19 KB
19 KB 119ms
36ms Font
font/woff2 216.58.207.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v5/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s04-in-f3.1e100.net

Software

sffe /

Resource Hash

00001d3b9b00d5daf5cfc4e0e9e72db60a51f6928568ec99a635033468083937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidtricks4all.blogspot.com/
Origin: https://androidtricks4all.blogspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 01:58:13 GMT
x-content-type-options: nosniff
age: 271463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19432
x-xss-protection: 0
last-modified: Wed, 24 Jan 2018 02:51:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Sep 2022 01:58:13 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 183 KB
41 KB 51ms
7ms Script
text/javascript 13.224.193.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-25.fra2.r.cloudfront.net
Software: /
Resource Hash: 0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:17:42 GMT
content-encoding: gzip
age: 293
etag: W/"2dcf1-WwF+elP/xnuwOSlGKk64bx4O0JA"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript; charset=utf-8
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2paZgm0Ompa47DF_uOhX49PXq9AlFL6BiPuduUGTaYlsm3Mze3zdog==

GET
H2 200 rsz_278638655_2415813832068445_3188235978523279360_n.png
2.bp.blogspot.com/-rBJNnROtsB0/XwbOq1AaoRI/AAAAAAAACIs/ZD6PHc35sAo2FZAyGpNA1da71Ct31NXMgCK4BGAYYCw/s1600/ 18 KB
19 KB 85ms
21ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-rBJNnROtsB0/XwbOq1AaoRI/AAAAAAAACIs/ZD6PHc35sAo2FZAyGpNA1da71Ct31NXMgCK4BGAYYCw/s1600/rsz_278638655_2415813832068445_3188235978523279360_n.png

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

e4038c622138d4e8fca9f188753fc99795ae501b74cb2dd03d668471960619e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v88c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="rsz_278638655_2415813832068445_3188235978523279360_n.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18917
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:35 GMT

GET
H2 200 blank-profile-picture.png
1.bp.blogspot.com/-uVSLa957jy4/XrBwK6Jr2dI/AAAAAAAADcM/qPB_-WoQiUoCmKTpGWjA7-kYSWNoHjycwCLcBGAsYHQ/s320/ 7 KB
8 KB 69ms
19ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uVSLa957jy4/XrBwK6Jr2dI/AAAAAAAADcM/qPB_-WoQiUoCmKTpGWjA7-kYSWNoHjycwCLcBGAsYHQ/s320/blank-profile-picture.png

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

791108cf4d35e8cce89e79adb955b7d73b7234478e01868e41364e74e11403d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="blank-profile-picture.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7392
x-xss-protection: 0
server: fife
etag: "vdc4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 14:36:43 GMT

GET
H/1.1 200
OK ref_125x125_black_pbl.gif
my.bidvertiser.com/BidVertiser/Images/Referral/p/ 8 KB
8 KB 532ms
180ms Image
image/gif 54.177.15.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.bidvertiser.com/BidVertiser/Images/Referral/p/ref_125x125_black_pbl.gif
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.177.15.8 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-15-8.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 63b8e25df72b8ca1aabadd5690e1923a753ca36f53b678163ce2df3b52a27831

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 05:22:36 GMT
Last-Modified: Sun, 23 Dec 2018 11:49:43 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "f6ff9098b59ad41:0"
Content-Length: 7908
Content-Type: image/gif

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 25 KB
8 KB 72ms
8ms Script
application/javascript 13.224.185.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=c37350ad-7b43-484a-a4c9-8791f50ebb0e
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.185.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-185-14.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 62c21495520a90a672b21d404e65c7cd8a62ad74ed0fcfd96f0da9b19c67a9dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: Public
date: Mon, 27 Sep 2021 05:18:51 GMT
content-encoding: gzip
server: Server
age: 224
x-edge-origin-shield-skipped: 0
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aLQ0snqA_keWjrNg-X3lWEGiaVHwLCFGZad8ezHffsiHODKwOk01gg==
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
expires: Mon, 27 Sep 2021 05:23:51 GMT

GET
H2 200 1579998755791.jpg
4.bp.blogspot.com/-Ut1gqxyLb1k/XwO-G2Yjj9I/AAAAAAAACG8/o6G61FiuGe8CAERvsSw5kR5LQZ9imghEgCK4BGAYYCw/s220/ 17 KB
17 KB 261ms
199ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Ut1gqxyLb1k/XwO-G2Yjj9I/AAAAAAAACG8/o6G61FiuGe8CAERvsSw5kR5LQZ9imghEgCK4BGAYYCw/s220/1579998755791.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

e515138269bbeb7d9ccae9d8aa51489a654361c470f53bff960ec1f1749e37b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v876"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1579998755791.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17297
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:36 GMT

GET
H2 200 186635561-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
17 KB 8ms
6ms Script
text/javascript 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/186635561-comment_from_post_iframe.js

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

77bbf7198131f779d4b0f1a60286ec9fe66e113a03be25e97b3ddac6b0480a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 10:24:26 GMT
x-content-type-options: nosniff
age: 154689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17305
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 23:51:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 25 Sep 2022 10:24:26 GMT

GET
H2 200 adfly-review-2019.jpg
2.bp.blogspot.com/-W5lfATQfiXE/XDY93uj3OzI/AAAAAAAAIdM/FmMrrV8hobsL2A14BWphUwS1aqkszL3nQCLcBGAs/s72-c/ 3 KB
3 KB 81ms
19ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-W5lfATQfiXE/XDY93uj3OzI/AAAAAAAAIdM/FmMrrV8hobsL2A14BWphUwS1aqkszL3nQCLcBGAs/s72-c/adfly-review-2019.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

2d6a15b3aeabff28eaf1f8aa61aad6b65a406013ae27270fb8a0e2297d35456c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v21d4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="adfly-review-2019.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3101
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:35 GMT

GET
H2 200 r-sim-9-unlock.jpg
2.bp.blogspot.com/-yXuwUvvyH40/Unp5b3ym9bI/AAAAAAAAAZ0/UOXk_-FCbYk/s72-c/ 2 KB
3 KB 87ms
26ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-yXuwUvvyH40/Unp5b3ym9bI/AAAAAAAAAZ0/UOXk_-FCbYk/s72-c/r-sim-9-unlock.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

4cd285a1ff0c13d4d941554ffbd52c26fcc1b08eefccc0ed286e3b75c480ea8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="r-sim-9-unlock.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2516
x-xss-protection: 0
server: fife
etag: "ve6a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Sep 2021 01:32:22 GMT

GET
H2 200 Find+My+iPhone+Activation+Lock.jpg
2.bp.blogspot.com/-ahJHZDMFv9E/Unv36leUjnI/AAAAAAAAAbk/yTYnUnwi_Qg/s72-c/ 2 KB
2 KB 52ms
20ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ahJHZDMFv9E/Unv36leUjnI/AAAAAAAAAbk/yTYnUnwi_Qg/s72-c/Find+My+iPhone+Activation+Lock.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

c3e8d8d35b1ac855cb1fcbbcc530bc15d89698fcfec2ae87c39bc71b106fc58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Find My iPhone Activation Lock.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1986
x-xss-protection: 0
server: fife
etag: "v1ba"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Sep 2021 08:43:04 GMT

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 25 KB
9 KB 421ms
388ms Script
application/javascript 13.224.185.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=95d8e5c6-24c4-4300-b047-2b596f595eb9
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.185.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-185-14.fra2.r.cloudfront.net
Software: Server /
Resource Hash: b5391a29ecdefba33625ce734d97f4f829756b05605bb92d7e9f906b062507fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: Public
date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
server: Server
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: p1S1fKRqd-TWaFSGQy_sPGBOVZ7VIpT7S_k558KpEBMmcARAEwMB2Q==
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
expires: Mon, 27 Sep 2021 05:27:36 GMT

GET
H2 200 1527282520-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 6ms
6ms Script
text/javascript 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1527282520-widgets.js

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

6c4d2e8538bfa555fcb535f64b906ec960a8afd3ae590e967dbc05f9ce785067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 01:56:13 GMT
x-content-type-options: nosniff
age: 357982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157290
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:54:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 23 Sep 2022 01:56:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 40ms
20ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2044913241&t=pageview&_s=1&dl=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&ul=en-us&de=UTF-8&dt=TangleBot%3A%20New%20Malware%20Uses%20COVID-19%20Misinformation%20to%20Target%20Android%20Users&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1084258951&gjid=2096306058&cid=543842934.1632720156&tid=UA-12000041-8&_gid=1955638692.1632720156&_r=1&gtm=2ou9m0&z=1089756964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidtricks4all.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidtricks4all.blogspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/ 255 KB
94 KB 45ms
31ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

701de3c4051aa7c7097b5209359dfa919f7bd67cb2a6d54d53706f96163fe894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96563
x-xss-protection: 0
server: cafe
etag: 7060619430629612648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 05:22:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 31E5 10 KB
5 KB 49ms
13ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 26 Sep 2021 05:23:04 GMT
expires: Sun, 10 Oct 2021 05:23:04 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 86372
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5c80289bcbb218001761d95c.js Show response
buttons-config.sharethis.com/js/ 688 B
1 KB 152ms
111ms Script
text/javascript 13.224.193.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c80289bcbb218001761d95c.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-72.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9aaaa2c319468bc3dcfd55a81c7e83e9761b11b8240d6d7866fdf50ab55ea04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 27 Sep 2021 05:22:37 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2019 20:23:24 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "14dede44b14344bae63e7903d5c054e0"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 688
x-amz-cf-id: iGXDILUFlEqU6jdJHinsXozJ2aGDjmuc6hTSU1K80cCMT5AAzQlmQw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
352 B 51ms
8ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=androidtricks4all.blogspot.com&location=%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&product=inline-share-buttons-wp&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=TangleBot%3A%20New%20Malware%20Uses%20COVID-19%20Misinformation%20to%20Target%20Android%20Users&cms=unknown&publisher=5c80289bcbb218001761d95c&sop=true&version=st_sop.js&lang=en&description=Tips%2CTricks%20and%20Secrets%20that%20you%20can%20use%20on%20Android%20iOS%20iPhone%20help%20you%20better%20customise%20your%20phone%2CSecret%20codes%20that%20unlock%20hidden%20iPhone%20features
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 05:22:36 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://androidtricks4all.blogspot.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 119ms
118ms Stylesheet
text/css 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4065937703720099783&zx=5c4d5477-8dee-4f73-b5f6-ebc6d14ffbdf

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Sep 2021 05:22:36 GMT
server: GSE
date: Mon, 27 Sep 2021 05:22:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
470 B 42ms
14ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12000041-8&cid=543842934.1632720156&jid=1084258951&gjid=2096306058&_gid=1955638692.1632720156&_u=YEBAAUAAAAAAAC~&z=1407281375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidtricks4all.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Sep 2021 05:22:36 GMT
content-type: text/plain
access-control-allow-origin: https://androidtricks4all.blogspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e6521ffb923d4b5f98967e3afaf074a82d2564610b559a1e52ee69215115aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 32ms
15ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidtricks4all.blogspot.com/
Origin: https://androidtricks4all.blogspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 718
age: 6376390
cdn-cachedat: 2021-06-22 07:36:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: adf0c78dc07da2ec305dede82d583c8e
accept-ranges: bytes
cf-ray: 69524b8f3d6d4eaa-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v5/ 19 KB
19 KB 82ms
37ms Font
font/woff2 216.58.207.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v5/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ce1b0ccd9e4b99c469fb6f13068242bcc56c71da7bae294bc47eb5ba100b807d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidtricks4all.blogspot.com/
Origin: https://androidtricks4all.blogspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:02:22 GMT
x-content-type-options: nosniff
age: 220814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19664
x-xss-protection: 0
last-modified: Wed, 24 Jan 2018 02:51:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Sep 2022 16:02:22 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 37ms
15ms Script
text/javascript 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidtricks4all.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 23 Sep 2021 13:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 23 Sep 2022 13:30:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
659 B 38ms
15ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=androidtricks4all.blogspot.com&callback=_gfp_s_&client=ca-pub-1680968735134464

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1bb6b28835d25f6dbff85b9b18c629929da5de256cfad0fdbc23224c2e344cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 57ms
22ms Script
application/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=androidtricks4all.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1A4 15 KB
5 KB 275ms
261ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&adk=1812271804&adf=3025194257&lmt=1632692836&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720155978&bpp=3&bdt=207&idt=125&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1660959628521&frm=20&pv=2&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

62715bd63baf82b6d828c253a31ddc8df07efa938ad0238f73806be24699d5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1680968735134464&output=html&adk=1812271804&adf=3025194257&lmt=1632692836&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720155978&bpp=3&bdt=207&idt=125&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1660959628521&frm=20&pv=2&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 05:22:36 GMT
server: cafe
content-length: 5145
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 05:37:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 05:22:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 85ms
24ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 05:22:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8EE7 436 B
235 B 429ms
429ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=138&slotname=5683980132&adk=3670000422&adf=1436912046&pi=t.ma~as.5683980132&w=549&fwrn=4&lmt=1632692836&rafmt=11&psa=0&format=549x138&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156041&bpp=15&bdt=270&idt=86&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=468&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jVKevjOM4v&p=https%3A//androidtricks4all.blogspot.com&dtd=96

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bec27cdcadfb173f8ffeeab7d8f7f36f93baa632af5d286257c512e770b28c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1680968735134464&output=html&h=138&slotname=5683980132&adk=3670000422&adf=1436912046&pi=t.ma~as.5683980132&w=549&fwrn=4&lmt=1632692836&rafmt=11&psa=0&format=549x138&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156041&bpp=15&bdt=270&idt=86&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=468&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jVKevjOM4v&p=https%3A//androidtricks4all.blogspot.com&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 05:22:36 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 05:37:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 05:22:36 GMT
cache-control: private

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 471ms
470ms Stylesheet
text/css 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4065937703720099783&zx=5c4d5477-8dee-4f73-b5f6-ebc6d14ffbdf

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Sep 2021 05:22:36 GMT
server: GSE
date: Mon, 27 Sep 2021 05:22:36 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8285 436 B
235 B 410ms
409ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=800&slotname=6655755806&adk=2477690523&adf=2134959341&pi=t.ma~as.6655755806&w=600&lmt=1632692836&psa=0&format=600x800&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156151&bpp=1&bdt=380&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=442&ady=1955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bVu9UQzoA6&p=https%3A//androidtricks4all.blogspot.com&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b3c2c73b1ecad9015f1f1bc0fb397439860f77b83c0bb277022d857a241bc02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1680968735134464&output=html&h=800&slotname=6655755806&adk=2477690523&adf=2134959341&pi=t.ma~as.6655755806&w=600&lmt=1632692836&psa=0&format=600x800&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156151&bpp=1&bdt=380&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=442&ady=1955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bVu9UQzoA6&p=https%3A//androidtricks4all.blogspot.com&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 05:22:36 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 05:37:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 05:22:36 GMT
cache-control: private

GET
H3

200

comment-iframe.g Show response
www.blogger.com/ Frame E442
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D4065937703720099783%26postID%3D6481448296089493134%26skin%3Dcontempo%26blogspotRpcTo...
https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

17 KB
5 KB

205ms
205ms

Document
text/html

142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/186635561-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

GSE /

Resource Hash

8532e34cb3bf4986502aa5593ca75bff7bb3957c2483acf4053da0b954d37960

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4801
server: GSE
set-cookie: S=blogger=vygITvcPfPS6D-SBa734DCx-Ow1FKyAFptIBkR9FHUA; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Sep 2021 05:22:36 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-HeYKK4Dhd9W2nxzX90U1Ng' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 269
server: GSE
set-cookie: __Host-GAPS=1:IMDbKn0Acu9Vk-pgb0DcxBV-_tj9og:55K7H-qv37C9BPKE;Path=/;Expires=Wed, 27-Sep-2023 05:22:36 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2647 436 B
234 B 410ms
410ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=600&slotname=7141319010&adk=1087678089&adf=235022077&pi=t.ma~as.7141319010&w=287&fwrn=4&fwrnh=100&lmt=1632692836&rafmt=1&psa=0&format=287x600&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156176&bpp=2&bdt=405&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138%2C600x800&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AEr22BpN2T&p=https%3A//androidtricks4all.blogspot.com&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5951c794322740ced6fa0ef26059ecc773f87ec6d38f3e27cd603f526fbc7e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1680968735134464&output=html&h=600&slotname=7141319010&adk=1087678089&adf=235022077&pi=t.ma~as.7141319010&w=287&fwrn=4&fwrnh=100&lmt=1632692836&rafmt=1&psa=0&format=287x600&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156176&bpp=2&bdt=405&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138%2C600x800&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=AEr22BpN2T&p=https%3A//androidtricks4all.blogspot.com&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 05:22:36 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 05:37:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 05:22:36 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24A8 436 B
236 B 428ms
428ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1680968735134464&output=html&h=987&slotname=9256386496&adk=4145790868&adf=923858445&pi=t.ma~as.9256386496&w=287&cr_col=1&cr_row=13&fwrn=2&lmt=1632692836&rafmt=9&psa=0&format=287x987&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156185&bpp=1&bdt=413&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138%2C600x800%2C287x600&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=4sIgCnuMRX&p=https%3A//androidtricks4all.blogspot.com&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a3df088ad295b0e4964ab86041ccb04e26befde8a3b8e34d51135c8bd8f37e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1680968735134464&output=html&h=987&slotname=9256386496&adk=4145790868&adf=923858445&pi=t.ma~as.9256386496&w=287&cr_col=1&cr_row=13&fwrn=2&lmt=1632692836&rafmt=9&psa=0&format=287x987&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html&flash=0&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632720156185&bpp=1&bdt=413&idt=1&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C549x138%2C600x800%2C287x600&nras=1&correlator=1660959628521&frm=20&pv=1&ga_vid=543842934.1632720156&ga_sid=1632720156&ga_hid=2044913241&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=1017&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750575%2C44747621%2C44748553%2C31062311&oid=3&pvsid=3631216206091119&pem=701&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=4sIgCnuMRX&p=https%3A//androidtricks4all.blogspot.com&dtd=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 05:22:36 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 05:37:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 05:22:36 GMT
cache-control: private

GET
H3 200 adfly-review-2019.jpg
2.bp.blogspot.com/-W5lfATQfiXE/XDY93uj3OzI/AAAAAAAAIdM/FmMrrV8hobsL2A14BWphUwS1aqkszL3nQCLcBGAs/w100-h80-c/ 5 KB
5 KB 35ms
20ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-W5lfATQfiXE/XDY93uj3OzI/AAAAAAAAIdM/FmMrrV8hobsL2A14BWphUwS1aqkszL3nQCLcBGAs/w100-h80-c/adfly-review-2019.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

1ef3ebf100017903a1efe5d5b45db7e77f0267aded8b25af51963fe75bf3c1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v21d4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="adfly-review-2019.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5120
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:36 GMT

GET
H3 200 r-sim-9-unlock.jpg
2.bp.blogspot.com/-yXuwUvvyH40/Unp5b3ym9bI/AAAAAAAAAZ0/UOXk_-FCbYk/w100-h80-c/ 3 KB
3 KB 34ms
19ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-yXuwUvvyH40/Unp5b3ym9bI/AAAAAAAAAZ0/UOXk_-FCbYk/w100-h80-c/r-sim-9-unlock.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

6eb00b83cd70d85a81d7b4d2d5351c0ac0095536076c5345196713b39d165c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
server: fife
etag: "ve6a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="r-sim-9-unlock.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3368
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:36 GMT

GET
H3 200 Find+My+iPhone+Activation+Lock.jpg
2.bp.blogspot.com/-ahJHZDMFv9E/Unv36leUjnI/AAAAAAAAAbk/yTYnUnwi_Qg/w100-h80-c/ 3 KB
3 KB 35ms
21ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ahJHZDMFv9E/Unv36leUjnI/AAAAAAAAAbk/yTYnUnwi_Qg/w100-h80-c/Find+My+iPhone+Activation+Lock.jpg

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

3e93dd374078f16da6f6edeb813f6d1d54c8a175ddef71122f8ce2cc740d37dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ba"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Find My iPhone Activation Lock.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3046
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:36 GMT

GET
H2 200 mdclose.png
3.bp.blogspot.com/-ku_TRSeCPD8/WYsWU06DseI/AAAAAAAAG4E/VykKXnkItQEO9GGCOBZjSCDXMVpgsg1mwCLcBGAs/s1600/ 547 B
668 B 7ms
7ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ku_TRSeCPD8/WYsWU06DseI/AAAAAAAAG4E/VykKXnkItQEO9GGCOBZjSCDXMVpgsg1mwCLcBGAs/s1600/mdclose.png

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

bf31df748dbb0b8e6a1c4670d202710a5ed8f5f8b944648a592645d6cffafc20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:14:33 GMT
x-content-type-options: nosniff
age: 483
content-disposition: inline;filename="mdclose.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547
x-xss-protection: 0
server: fife
etag: "v1b82"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 26 Aug 2021 22:44:27 GMT

GET
H3 200 amd-or-intel-why-you-only-have-two.html Show response
androidtricks4all.blogspot.com/2021/09/ 213 KB
50 KB 520ms
506ms XHR
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://androidtricks4all.blogspot.com/2021/09/amd-or-intel-why-you-only-have-two.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

GSE /

Resource Hash

a32dd605fd224723f70ed8582c63a8be260835306b2895ee8cc58a871c141970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.543842934.1632720156; _gid=GA1.3.1955638692.1632720156; _gat_gtag_UA_12000041_8=1
:path: /2021/09/amd-or-intel-why-you-only-have-two.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: androidtricks4all.blogspot.com
referer: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 26 Sep 2021 21:47:16 GMT
server: GSE
etag: W/"996fd8b1847352a91967f68dd1daa54cd0015bb70cb75e0c65f5470b0db8474e"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
x-robots-tag: all
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51504
x-xss-protection: 1; mode=block
expires: Mon, 27 Sep 2021 05:22:36 GMT

GET
H3 200 the-top-7-digital-art-resources-to-find.html Show response
androidtricks4all.blogspot.com/2021/09/ 215 KB
50 KB 991ms
977ms XHR
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://androidtricks4all.blogspot.com/2021/09/the-top-7-digital-art-resources-to-find.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

GSE /

Resource Hash

9586df277dfd0241edfa4b7910e81f194b0bf33c8b595dd5d7ef315e458f8bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.543842934.1632720156; _gid=GA1.3.1955638692.1632720156; _gat_gtag_UA_12000041_8=1
:path: /2021/09/the-top-7-digital-art-resources-to-find.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: androidtricks4all.blogspot.com
referer: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 26 Sep 2021 21:47:16 GMT
server: GSE
etag: W/"996fd8b1847352a91967f68dd1daa54cd0015bb70cb75e0c65f5470b0db8474e"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
x-robots-tag: all
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51420
x-xss-protection: 1; mode=block
expires: Mon, 27 Sep 2021 05:22:37 GMT

GET
H3 200 summary Show response
indzign.blogspot.com/feeds/posts/ 333 KB
40 KB 213ms
196ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://indzign.blogspot.com/feeds/posts/summary?alt=json-in-script&max-results=99999&orderby=published&callback=showTabs_1632720156216

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/Indzign/InSEO@master/daftarisikeren.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

blogger-renderd /

Resource Hash

f01e2e0ea95f37f5112cfc7f6b52c7e89b2ed0e6c60e539dbf33d644b2606e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 30 May 2021 07:32:20 GMT
server: blogger-renderd
etag: W/"06c8d677bffc64f79daf9ecbae140291acfefed4004984e9ba2b37f1a6bf3da5"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 41278
x-xss-protection: 0
expires: Mon, 27 Sep 2021 05:22:37 GMT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 180 B
534 B 222ms
180ms Script
text/javascript 13.225.78.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fandroidtricks4all.blogspot.com%2F2021%2F09%2Ftanglebot-new-malware-uses-covid-19.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-86.fra2.r.cloudfront.net
Software: /
Resource Hash: a55d9924a020f1f201574b86fdd12680c7095abc2cb79fd28752731913710cc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0, 0
etag: 4a6411f20f075acb90521f5ceca19a66
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C2
content-length: 180
apigw-requestid: GTo8djR7oAMEToA=
x-amz-cf-id: PRCX8XnA_S_OYrg-p56LezGsp9Wz0B9DlOxCB13T7jiceOyut-oC1w==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
678 B 40ms
6ms Image
image/svg+xml 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 01 Sep 2021 06:32:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2242204
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 301
x-amz-cf-id: 5pLzQdJxhoLxmjPUKumYGUCJogQiIE4G8Blv6j1XxYM6Lo5Ps_QHew==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 41ms
7ms Image
image/svg+xml 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 02 Sep 2021 07:18:35 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2153042
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 731
x-amz-cf-id: 5h5SFll4nCMNA8OgjqcdIFna1sk_zkksE1CA32efRsfYk_2YoxabEg==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 41ms
7ms Image
image/svg+xml 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Sep 2021 06:43:20 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1118357
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 832
x-amz-cf-id: OWbvtURXNOhrXzk7JrCfECribKxei5eqOPDK2bjbO3PpNaXTLG96kg==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 42ms
8ms Image
image/svg+xml 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 15 Sep 2021 02:35:17 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1046840
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 771
x-amz-cf-id: DWQY9LdZJZJOehcug-9kW8HM10sgZAEqfQq3hRplbfEa2Z4qxpj60g==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
890 B 42ms
8ms Image
image/svg+xml 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 17 Sep 2021 06:11:13 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 861084
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 514
x-amz-cf-id: Goo_nZNwrdVE3jB4_DPG4wlf-BZ_i1_1kxAufP2eaNugCwjn4u_ZUg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 28ms
28ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=3454&su=androidtricks4all.blogspot.com&d=5000

Requested by

Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Old-computer.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 216 KB
216 KB 69ms
24ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/Old-computer.jpg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0978b50470b441936551818f79ba207ac06d1c8f1e1cbbf3316c5d50ba3818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
cf-cache-status: HIT
age: 148785
cf-polished: qual=85, origFmt=jpeg, origSize=243858
content-disposition: inline; filename="Old-computer.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 220690
x-request-id: oXbkTkT0cbOOyuzF-hekR
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 7c2c74bd48e17d5fc35f62443c9c4f19a1ae8c734bd03e99dff2d5e26b71348c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b94f94f6909-FRA
expires: Sun, 25 Sep 2022 12:02:51 GMT

GET
H2 200 intel-logo.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 9 KB
9 KB 61ms
17ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/intel-logo.jpg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fee982dea3cebf767ada84aa56d6f0f9db383e7724994bc2a2be27d43d08e2ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
cf-cache-status: HIT
age: 148785
cf-polished: qual=85, origFmt=jpeg, origSize=24608
content-disposition: inline; filename="intel-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8750
x-request-id: LBSuA4NDo1JEz8NzI0wgq
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: b048681a49db32c089dbac7024ff88df00a0d459bcd355525c0bd538520096ff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b94f9516909-FRA
expires: Sun, 25 Sep 2022 12:02:51 GMT

GET
H2 200 AMD-logo.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 9 KB
9 KB 69ms
25ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/AMD-logo.jpg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e65f025ca396f65a195b77b0f11232a8d76351abc9cb1178cd8d50d9795a32d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
cf-cache-status: HIT
age: 31787
cf-polished: qual=85, origFmt=jpeg, origSize=23915
content-disposition: inline; filename="AMD-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9026
x-request-id: biyEyffunxlXfk-hqHudo
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: f0cb588c9d2a8400e37a46f15772bcff218479600cb9de9f262a6bd1327735aa
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b94f9536909-FRA
expires: Mon, 26 Sep 2022 20:32:49 GMT

GET
H2 200 RAM-1.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 157 KB
157 KB 68ms
24ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/RAM-1.jpg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2fa913d2d1669a336f46724e03c6d33ada0d433f326db4cf39b8f205d72c8b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
cf-cache-status: HIT
age: 148784
cf-polished: qual=85, origFmt=jpeg, origSize=188173
content-disposition: inline; filename="RAM-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 160514
x-request-id: F27cEHS33TpOO0UkVOqK1
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 0bc9f239d81aca050ae4f0b5e3875dc0902c9c633cebc602b54fcb375aacd24a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b94f9546909-FRA
expires: Sun, 25 Sep 2022 12:02:52 GMT

GET
H2 200 computer-engineer.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 116 KB
117 KB 61ms
17ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/computer-engineer.jpg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db884bd9503b0b5b5616a1cf780a56454f027918649c86993e988c332d50da32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
cf-cache-status: HIT
age: 148784
cf-polished: qual=85, origFmt=jpeg, origSize=156403
content-disposition: inline; filename="computer-engineer.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 119196
x-request-id: lpkD7EQpo_jBV3X0pHhzf
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 7ebde5ad40236c3c084eb20dcfc7387f986af0ea107f0efde24338863953bde2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b94f9566909-FRA
expires: Sun, 25 Sep 2022 12:02:52 GMT

GET
H2 200 Snapdragon.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 97 KB
97 KB 69ms
25ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/Snapdragon.jpg
Requested by: Host: androidtricks4all.blogspot.com
URL: https://androidtricks4all.blogspot.com/2021/09/tanglebot-new-malware-uses-covid-19.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7cd54a8fe6e9a3989c507f2bf08363da9de2809991df59c1febdc851751ec03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
cf-cache-status: HIT
age: 148784
cf-polished: qual=85, origFmt=jpeg, origSize=135363
content-disposition: inline; filename="Snapdragon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 99312
x-request-id: zsgt6N1_lnwDXhD9pANMZ
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 434060c7fe4945de1c69b83cdec6e40b9d3b41e34f7075a6b434a85e340aa3ed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b94f9586909-FRA
expires: Sun, 25 Sep 2022 12:02:52 GMT

GET
H3 200 3148634864-cmt.js Show response
www.blogger.com/static/v1/jsbin/ Frame E442 96 KB
96 KB 16ms
16ms Script
text/javascript 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3148634864-cmt.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

4f19c16277d74215c0733d4d0bc90607721498f9ff9a119ef495b77b7138b23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 03:27:39 GMT
x-content-type-options: nosniff
age: 438898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97940
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 02:51:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 22 Sep 2022 03:27:39 GMT

GET
H2 200 blank.gif
resources.blogblog.com/img/ Frame E442 43 B
181 B 7ms
6ms Image
image/gif 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/blank.gif

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:33:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 04:52:41 GMT
server: sffe
age: 308956
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 30 Sep 2021 15:33:21 GMT

GET
H2 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
www.google.com/js/bg/ Frame E442 35 KB
14 KB 29ms
7ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 05:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 21 Sep 2022 05:16:55 GMT

GET
H3 200 close.gif
www.blogger.com/img/cmt/ Frame E442 347 B
370 B 17ms
16ms Image
image/gif 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/cmt/close.gif

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

df6cb367e3692c4d2056dd69c54bea18458148ef028ce7b998824f9f49ceafd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:27:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 18:04:41 GMT
server: sffe
age: 402893
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 347
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 29 Sep 2021 13:27:44 GMT

GET
H3 200 sprite_comment_v1.css.svg
www.blogger.com/img/responsive/ Frame E442 585 B
363 B 16ms
16ms Other
image/svg+xml 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/img/responsive/sprite_comment_v1.css.svg

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

b87dd1f80f3239467127bfa7c4d48f4071b0bacb510dc87cd1193eb3afc8241d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 23:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 04:52:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 29 Sep 2021 23:10:47 GMT

GET
H3 200 anon36.png
resources.blogblog.com/img/ Frame E442 2 KB
2 KB 17ms
16ms Image
image/png 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/anon36.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 23:50:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 25 Sep 2021 10:49:14 GMT
server: sffe
age: 106354
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1654
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 02 Oct 2021 23:50:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E442 15 KB
15 KB 37ms
36ms Font
font/woff2 216.58.207.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

arn11s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:32:03 GMT
x-content-type-options: nosniff
age: 391834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:32:03 GMT

GET
H3 200 comment-iframe-bg.g Show response
www.blogger.com/ Frame E442 58 KB
26 KB 171ms
171ms XHR
text/javascript 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3148634864-cmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

GSE /

Resource Hash

14f5e8be3acc9ff8b7168864d2877127c44df3efbcf85b847f9c261f0547bb22

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=4065937703720099783&postID=6481448296089493134&skin=contempo&blogspotRpcToken=8321762&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Mon, 27 Sep 2021 05:22:37 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26299
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
22ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

365e02324a7e0ad3f4af217143cde337e906e30a2960501098e5b5fecf36d3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 05:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8513
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 72ms
35ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 27 Sep 2021 05:22:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 50EC 12 KB
5 KB 36ms
13ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 26 Sep 2021 20:16:11 GMT
expires: Mon, 26 Sep 2022 20:16:11 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 32786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6773 783 B
535 B 56ms
25ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

9b66b35edef5687d61306f5e77ad2bc5d84d9422f9a5eba7e6d19e7c795a0676

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zCgQHV0r6qOc0ofw1jy/Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://androidtricks4all.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 27 Sep 2021 05:22:37 GMT
date: Mon, 27 Sep 2021 05:22:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zCgQHV0r6qOc0ofw1jy/Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 50EC 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:35:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 26 Sep 2022 12:35:21 GMT

GET
H3 200 rsz_278638655_2415813832068445_3188235978523279360_n.png
2.bp.blogspot.com/-rBJNnROtsB0/XwbOq1AaoRI/AAAAAAAACIs/ZD6PHc35sAo2FZAyGpNA1da71Ct31NXMgCK4BGAYYCw/s1600/ 18 KB
19 KB 8ms
7ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-rBJNnROtsB0/XwbOq1AaoRI/AAAAAAAACIs/ZD6PHc35sAo2FZAyGpNA1da71Ct31NXMgCK4BGAYYCw/s1600/rsz_278638655_2415813832068445_3188235978523279360_n.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

e4038c622138d4e8fca9f188753fc99795ae501b74cb2dd03d668471960619e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="rsz_278638655_2415813832068445_3188235978523279360_n.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18917
x-xss-protection: 0
server: fife
etag: "v88c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 05:22:35 GMT

GET
H3 200 blank-profile-picture.png
1.bp.blogspot.com/-uVSLa957jy4/XrBwK6Jr2dI/AAAAAAAADcM/qPB_-WoQiUoCmKTpGWjA7-kYSWNoHjycwCLcBGAsYHQ/s320/ 7 KB
7 KB 10ms
9ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uVSLa957jy4/XrBwK6Jr2dI/AAAAAAAADcM/qPB_-WoQiUoCmKTpGWjA7-kYSWNoHjycwCLcBGAsYHQ/s320/blank-profile-picture.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

791108cf4d35e8cce89e79adb955b7d73b7234478e01868e41364e74e11403d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="blank-profile-picture.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7392
x-xss-protection: 0
server: fife
etag: "vdc4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 14:36:43 GMT

GET
H/1.1 200
OK ref_125x125_black_pbl.gif
my.bidvertiser.com/BidVertiser/Images/Referral/p/ 8 KB
8 KB 175ms
174ms Image
image/gif 54.177.15.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.bidvertiser.com/BidVertiser/Images/Referral/p/ref_125x125_black_pbl.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.177.15.8 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-15-8.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 63b8e25df72b8ca1aabadd5690e1923a753ca36f53b678163ce2df3b52a27831

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 05:22:36 GMT
Last-Modified: Sun, 23 Dec 2018 11:49:43 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "f6ff9098b59ad41:0"
Content-Length: 7908
Content-Type: image/gif

GET
H3 200 1579998755791.jpg
4.bp.blogspot.com/-Ut1gqxyLb1k/XwO-G2Yjj9I/AAAAAAAACG8/o6G61FiuGe8CAERvsSw5kR5LQZ9imghEgCK4BGAYYCw/s220/ 17 KB
17 KB 10ms
10ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Ut1gqxyLb1k/XwO-G2Yjj9I/AAAAAAAACG8/o6G61FiuGe8CAERvsSw5kR5LQZ9imghEgCK4BGAYYCw/s220/1579998755791.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

e515138269bbeb7d9ccae9d8aa51489a654361c470f53bff960ec1f1749e37b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:36 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="1579998755791.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17297
x-xss-protection: 0
server: fife
etag: "v876"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 05:22:36 GMT

GET
H3 200 adfly-review-2019.jpg
2.bp.blogspot.com/-W5lfATQfiXE/XDY93uj3OzI/AAAAAAAAIdM/FmMrrV8hobsL2A14BWphUwS1aqkszL3nQCLcBGAs/s72-c/ 3 KB
3 KB 9ms
9ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-W5lfATQfiXE/XDY93uj3OzI/AAAAAAAAIdM/FmMrrV8hobsL2A14BWphUwS1aqkszL3nQCLcBGAs/s72-c/adfly-review-2019.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

2d6a15b3aeabff28eaf1f8aa61aad6b65a406013ae27270fb8a0e2297d35456c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="adfly-review-2019.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3101
x-xss-protection: 0
server: fife
etag: "v21d4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 05:22:35 GMT

GET
H3 200 r-sim-9-unlock.jpg
2.bp.blogspot.com/-yXuwUvvyH40/Unp5b3ym9bI/AAAAAAAAAZ0/UOXk_-FCbYk/s72-c/ 2 KB
2 KB 12ms
12ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-yXuwUvvyH40/Unp5b3ym9bI/AAAAAAAAAZ0/UOXk_-FCbYk/s72-c/r-sim-9-unlock.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

4cd285a1ff0c13d4d941554ffbd52c26fcc1b08eefccc0ed286e3b75c480ea8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="r-sim-9-unlock.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2516
x-xss-protection: 0
server: fife
etag: "ve6a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 26 Sep 2021 01:32:22 GMT

GET
H3 200 Find+My+iPhone+Activation+Lock.jpg
2.bp.blogspot.com/-ahJHZDMFv9E/Unv36leUjnI/AAAAAAAAAbk/yTYnUnwi_Qg/s72-c/ 2 KB
2 KB 12ms
12ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ahJHZDMFv9E/Unv36leUjnI/AAAAAAAAAbk/yTYnUnwi_Qg/s72-c/Find+My+iPhone+Activation+Lock.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

c3e8d8d35b1ac855cb1fcbbcc530bc15d89698fcfec2ae87c39bc71b106fc58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:35 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="Find My iPhone Activation Lock.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1986
x-xss-protection: 0
server: fife
etag: "v1ba"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Sep 2021 08:43:04 GMT

GET
H3 200 concept-art-world-screen.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 45 KB
45 KB 47ms
35ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/concept-art-world-screen.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69cf9f31b86e4ac57006ee87648555f850d3c99f6e9028e1e4f6893ea67707ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:37 GMT
cf-cache-status: HIT
age: 146842
cf-polished: qual=85, origFmt=jpeg, origSize=61015
content-disposition: inline; filename="concept-art-world-screen.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45814
x-request-id: 3c4EiGyrKxrLUmBkKrj66
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 3c44267f86a122ab32aa84be8559772ad90add31f9b0a1ecb5e0c40355c45410
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b97bc9a1f11-FRA
expires: Sun, 25 Sep 2022 12:35:15 GMT

GET
H3 200 CG-Society-Screen.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 94 KB
94 KB 34ms
22ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/CG-Society-Screen.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f55784b8e412409fdbc086f3ef1ea0689bf7b86921101cf90b0ddd0278d5269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:37 GMT
cf-cache-status: HIT
age: 147052
cf-polished: qual=85, origFmt=jpeg, origSize=105555
content-disposition: inline; filename="CG-Society-Screen.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 96228
x-request-id: AbxeB3WNNW3-0DLFG_aFR
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 12e85797a0d6c4c59d8f2035f4f7ae431f8303ed4afb4104267fc7820ed011fb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b97bc9b1f11-FRA
expires: Sun, 25 Sep 2022 12:31:45 GMT

GET
H3 200 coolvibe-homepage.jpg
static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/ 79 KB
79 KB 28ms
17ms Image
image/webp 172.67.39.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.makeuseofimages.com/wordpress/wp-content/uploads/2021/09/coolvibe-homepage.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.39.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c79ef5f97e00e42e4eb9987cc6a3b487bded400dad1266ca5e983e6d42f119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:22:37 GMT
cf-cache-status: HIT
age: 147052
cf-polished: qual=85, origFmt=jpeg, origSize=92151
content-disposition: inline; filename="coolvibe-homepage.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80666
x-request-id: IQPU874MWSMO05Hnu69Ij
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 3239bc9403b59cfa8edc2c361da92c609de8e236052299ea402de7030d552c5a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 69524b97bc981f11-FRA
expires: Sun, 25 Sep 2022 12:31:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6773 0
0 59ms
59ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=3631216206091119&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
61ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=3631216206091119&bg=!pKelp-PNAAZNQyuQTUM7ACkAdvg8Wsv3ZXpjSlxqtcXDHLvzXmB2ldhWfc5IIQdX66npvHNIaaT-vwIAAADXUgAAAAtoAQeZAr1f93HscSrdO-_pPnO-cndYzAMPbZtCf3496JGi4akVa71ZhwcyCA8r327kHCoAaYDCsx51FwNL2VMXonOjJG5tb8HNCVL4IfQGDS6LsGmYnlvB-uMSB6qEDZ56cKhlYkMCnqNqQ1Yq4B0fRmcKVPQMN7dlcu4L1fJ0jAuvUahOOq1D5zSvW9qwFgK6WDs_Y3llVWyerOa93gUqldWpBibAzipwqhISyBF1GfloGtfUjJTPH0uPBw3nynMtCvIwmemYkkspkgSCZPwIBqBtSr4w7JT62SU1xfAytUVkjiwtVMoSgVf8EgpPKW-O0qdYaZ0yje1srm1WinrT9uDyxV9jwTQFf9FfTiK-tX9IyCFTrsL2380xSTBqJpiClaL1ACVVtgKgqkzlSKKL0JbsfStIVZPJwgbs3yNP2MmtjQG56tzlR3K487e_p1iZWOty-NJR-BU9wf0GLZ61U7UpyUXWKZmwKRagESW0y3GWgRcAGDVxCajIxRi8uVvODSVNTv1tSvTMgcUE4zsnoksaY-zWagZPETxhlyQLAkLYgLMHDyVXNgD_3zUh6L__9VZmsF7fgClaGQxFC4iKrfBYPBvhoWaDYshCWAJzi1IHLEZ1xi7422g_GhJGogkpU80kMzK5z6Q9_VWHBe99nPIlxCi9bLG9YKXz8lYa8AVEXwh1aPUS2rcU11gd3BVnbEyzsC_cziZsW5-ZFVAsNWoP5tnEUO4MVQUNLb8gnM5XvBYTu_yPT6mtIpSykjLNXY288wGH7yRDPP62c1BDP0cEOpB2fiB2RsavjRaz5gJnHKSBMorEh3uztm3qZPmDirm4JJRBxzCeecPgv6KhkV29q-iobuv2ULojDccLj-4wlp9tTGY1mSEDOoJ_9SKW3Fs-7EAkGvVXlRuazi0_Wn6I5rw1A9iKRVAHf16DIZvufg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 27ms
27ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=2376&su=androidtricks4all.blogspot.com&d=5000

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://androidtricks4all.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 05:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.androidtricks4all.blogspot.com/	1970-01-20 15:03:12	Name: _ga Value: GA1.3.543842934.1632720156
.androidtricks4all.blogspot.com/	1970-01-19 21:33:26	Name: _gid Value: GA1.3.1955638692.1632720156
.androidtricks4all.blogspot.com/	1970-01-19 21:32:00	Name: _gat_gtag_UA_12000041_8 Value: 1
.doubleclick.net/	1970-01-19 21:32:01	Name: test_cookie Value: CheckForPermission
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=vygITvcPfPS6D-SBa734DCx-Ow1FKyAFptIBkR9FHUA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
adservice.google.com
ajax.googleapis.com
androidtricks4all.blogspot.com
buttons-config.sharethis.com
cdn.jsdelivr.net
count-server.sharethis.com
fonts.gstatic.com
googleads.g.doubleclick.net
indzign.blogspot.com
l.sharethis.com
maxcdn.bootstrapcdn.com
my.bidvertiser.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
resources.blogblog.com
static1.makeuseofimages.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
z-na.amazon-adsystem.com
104.18.11.207
13.224.185.14
13.224.193.25
13.224.193.72
13.225.78.32
13.225.78.86
142.250.181.233
142.250.184.193
142.250.184.196
142.250.184.232
142.250.185.234
142.250.186.130
142.250.186.161
142.250.186.162
142.250.186.34
142.250.186.78
142.250.186.97
142.250.74.205
151.101.65.229
172.217.18.98
172.67.39.79
216.58.207.195
216.58.212.162
52.29.0.64
54.177.15.8
74.125.140.154
00001d3b9b00d5daf5cfc4e0e9e72db60a51f6928568ec99a635033468083937
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f
0f6bbb7e286f1f3ad2aadaa4794d4f1ce8d2a1a262f1a9b8851533edbd41ae79
14f5e8be3acc9ff8b7168864d2877127c44df3efbcf85b847f9c261f0547bb22
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22
1bb6b28835d25f6dbff85b9b18c629929da5de256cfad0fdbc23224c2e344cc8
1ef3ebf100017903a1efe5d5b45db7e77f0267aded8b25af51963fe75bf3c1d7
25f654e30834688f9a468bfa5b0a90b6c54066dfce4c81a7975fedef029f5e13
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d6a15b3aeabff28eaf1f8aa61aad6b65a406013ae27270fb8a0e2297d35456c
365e02324a7e0ad3f4af217143cde337e906e30a2960501098e5b5fecf36d3dd
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3e93dd374078f16da6f6edeb813f6d1d54c8a175ddef71122f8ce2cc740d37dd
4cd285a1ff0c13d4d941554ffbd52c26fcc1b08eefccc0ed286e3b75c480ea8a
4f19c16277d74215c0733d4d0bc90607721498f9ff9a119ef495b77b7138b23b
4f55784b8e412409fdbc086f3ef1ea0689bf7b86921101cf90b0ddd0278d5269
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
5951c794322740ced6fa0ef26059ecc773f87ec6d38f3e27cd603f526fbc7e8e
62715bd63baf82b6d828c253a31ddc8df07efa938ad0238f73806be24699d5d9
62c21495520a90a672b21d404e65c7cd8a62ad74ed0fcfd96f0da9b19c67a9dc
63b8e25df72b8ca1aabadd5690e1923a753ca36f53b678163ce2df3b52a27831
69cf9f31b86e4ac57006ee87648555f850d3c99f6e9028e1e4f6893ea67707ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4d2e8538bfa555fcb535f64b906ec960a8afd3ae590e967dbc05f9ce785067
6eb00b83cd70d85a81d7b4d2d5351c0ac0095536076c5345196713b39d165c7f
6f0946839f505413c52070c52689c6fe423ee5c5665fe715c0a36aa417d91e3f
701de3c4051aa7c7097b5209359dfa919f7bd67cb2a6d54d53706f96163fe894
7342e46482b326de7931726ec7c04a26c9d3ac84339ad73a774e6a9472cd2a2e
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
77bbf7198131f779d4b0f1a60286ec9fe66e113a03be25e97b3ddac6b0480a59
791108cf4d35e8cce89e79adb955b7d73b7234478e01868e41364e74e11403d7
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
8457874379d39e5c1a9f82635e2765b932032a6ae36c63b713ece3562ca7d2fb
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8532e34cb3bf4986502aa5593ca75bff7bb3957c2483acf4053da0b954d37960
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87c79ef5f97e00e42e4eb9987cc6a3b487bded400dad1266ca5e983e6d42f119
8e6521ffb923d4b5f98967e3afaf074a82d2564610b559a1e52ee69215115aaa
9586df277dfd0241edfa4b7910e81f194b0bf33c8b595dd5d7ef315e458f8bc0
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9b66b35edef5687d61306f5e77ad2bc5d84d9422f9a5eba7e6d19e7c795a0676
a32dd605fd224723f70ed8582c63a8be260835306b2895ee8cc58a871c141970
a3df088ad295b0e4964ab86041ccb04e26befde8a3b8e34d51135c8bd8f37e59
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55d9924a020f1f201574b86fdd12680c7095abc2cb79fd28752731913710cc5
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c2c73b1ecad9015f1f1bc0fb397439860f77b83c0bb277022d857a241bc02b
b5391a29ecdefba33625ce734d97f4f829756b05605bb92d7e9f906b062507fa
b7cd54a8fe6e9a3989c507f2bf08363da9de2809991df59c1febdc851751ec03
b87dd1f80f3239467127bfa7c4d48f4071b0bacb510dc87cd1193eb3afc8241d
b9aaaa2c319468bc3dcfd55a81c7e83e9761b11b8240d6d7866fdf50ab55ea04
be617931e04d8c1d694f9948132890a21828b55fb640aab2c147cd1591ec688c
bec27cdcadfb173f8ffeeab7d8f7f36f93baa632af5d286257c512e770b28c7a
bf31df748dbb0b8e6a1c4670d202710a5ed8f5f8b944648a592645d6cffafc20
c3e8d8d35b1ac855cb1fcbbcc530bc15d89698fcfec2ae87c39bc71b106fc58f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce1b0ccd9e4b99c469fb6f13068242bcc56c71da7bae294bc47eb5ba100b807d
db884bd9503b0b5b5616a1cf780a56454f027918649c86993e988c332d50da32
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6cb367e3692c4d2056dd69c54bea18458148ef028ce7b998824f9f49ceafd6
e2fa913d2d1669a336f46724e03c6d33ada0d433f326db4cf39b8f205d72c8b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4038c622138d4e8fca9f188753fc99795ae501b74cb2dd03d668471960619e4
e515138269bbeb7d9ccae9d8aa51489a654361c470f53bff960ec1f1749e37b9
e65f025ca396f65a195b77b0f11232a8d76351abc9cb1178cd8d50d9795a32d2
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f01e2e0ea95f37f5112cfc7f6b52c7e89b2ed0e6c60e539dbf33d644b2606e3f
f4a51fb7b48586c8a09868084547a8710bec3134411801a6fa880a384def7b22
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe0978b50470b441936551818f79ba207ac06d1c8f1e1cbbf3316c5d50ba3818
fee982dea3cebf767ada84aa56d6f0f9db383e7724994bc2a2be27d43d08e2ca

androidtricks4all.blogspot.com Open in urlscan Pro 142.250.186.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

0 %IPv6

18 Domains

31 Subdomains

26 IPs

3 Countries

2097 kBTransfer

3944 kBSize

5 Cookies

9 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

androidtricks4all.blogspot.com Open in urlscan Pro
142.250.186.97 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

0 %
IPv6

18
Domains

31
Subdomains

26
IPs

3
Countries

2097 kB
Transfer

3944 kB
Size

5
Cookies

88 HTTP transactions
1 data transactions