screen-cleanerr.blogspot.com Open in urlscan Pro
216.58.212.161  Malicious Activity! Public Scan

Submitted URL: https://cutt.ly/51ejp9I
Effective URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Submission: On November 26 via manual from FI — Scanned from FI

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 216.58.212.161, located in United States and belongs to GOOGLE, US. The main domain is screen-cleanerr.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on November 2nd 2022. Valid for: 3 months.
This is the only time screen-cleanerr.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.8.238 13335 (CLOUDFLAR...)
3 216.58.212.161 15169 (GOOGLE)
1 142.250.186.42 15169 (GOOGLE)
1 108.138.17.19 16509 (AMAZON-02)
2 142.250.184.238 15169 (GOOGLE)
1 142.250.185.202 15169 (GOOGLE)
4 104.18.11.207 13335 (CLOUDFLAR...)
3 142.250.181.225 15169 (GOOGLE)
1 18.66.121.17 16509 (AMAZON-02)
5 52.222.206.3 16509 (AMAZON-02)
1 46.105.201.240 16276 (OVH)
1 192.99.13.63 16276 (OVH)
23 11
Apex Domain
Subdomains
Transfer
6 cloudfront.net
d1j9qsxe04m2ki.cloudfront.net
dwmsurhf1svv8.cloudfront.net
24 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 993
114 KB
3 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 14143
182 KB
3 blogspot.com
screen-cleanerr.blogspot.com
15 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14615
s4.histats.com — Cisco Umbrella Rank: 11554
5 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 169
71 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 93
ajax.googleapis.com — Cisco Umbrella Rank: 414
97 KB
1 launchaco.com
www.launchaco.com
14 KB
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 64350
384 B
23 9
Domain Requested by
5 dwmsurhf1svv8.cloudfront.net d1j9qsxe04m2ki.cloudfront.net
4 maxcdn.bootstrapcdn.com screen-cleanerr.blogspot.com
maxcdn.bootstrapcdn.com
3 blogger.googleusercontent.com screen-cleanerr.blogspot.com
3 screen-cleanerr.blogspot.com screen-cleanerr.blogspot.com
2 apis.google.com screen-cleanerr.blogspot.com
apis.google.com
1 s4.histats.com s10.histats.com
1 s10.histats.com screen-cleanerr.blogspot.com
1 d1j9qsxe04m2ki.cloudfront.net screen-cleanerr.blogspot.com
1 ajax.googleapis.com screen-cleanerr.blogspot.com
1 www.launchaco.com screen-cleanerr.blogspot.com
1 fonts.googleapis.com screen-cleanerr.blogspot.com
1 cutt.ly 1 redirects
23 12

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.launchaco.com
Amazon
2021-11-19 -
2022-12-18
a year crt.sh
*.apis.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
histats.com
R3
2022-09-30 -
2022-12-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Frame ID: E8F2CBF605B1245736807241C8CB0489
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

⭐️Congratulations⭐️CONGRATULATIONS!!!

Page URL History Show full URLs

  1. https://cutt.ly/51ejp9I HTTP 301
    https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

522 kB
Transfer

882 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.ly/51ejp9I HTTP 301
    https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
screen-cleanerr.blogspot.com/
Redirect Chain
  • https://cutt.ly/51ejp9I
  • https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
15 KB
6 KB
Document
General
Full URL
https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
GSE /
Resource Hash
875582c70c5cee3cbe075ec14d36d3f94023592de48c23c6f40f46b57bdc6d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
5675
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 08:36:09 GMT
etag
W/"61b5ca38b8651ea6513fad77df2131d05cfa03ee63bf15054ec5b71b295f949a"
expires
Sat, 26 Nov 2022 08:36:09 GMT
last-modified
Thu, 24 Nov 2022 13:28:17 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77014b70cda99906-ARN
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 08:36:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://screen-cleanerr.blogspot.com?s1=OTW-Gazza
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
2 KB
974 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
3e0ffb2daec3a6a0841661de3a4889c93726a28b57e85088d30efed2ddb7c0ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 08:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 08:24:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 08:36:09 GMT
AllTemplates.min.css
www.launchaco.com/static/
65 KB
14 KB
Stylesheet
General
Full URL
https://www.launchaco.com/static/AllTemplates.min.css
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdecf0171609fc54f6b4ce8c8f03cc67f4fbe8f8e01fa3ef5782c7802e9c9c6a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
date
Sat, 26 Nov 2022 05:49:31 GMT
last-modified
Fri, 27 Aug 2021 22:03:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
9999
etag
W/"1b5e678932dca889364e7e1d8289b7c6"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
x-cache
Hit from cloudfront
x-amz-cf-id
QVLIgI_mcB-F2-aiLBj0V-FXSHYIbeAztkIM03apCzdcaXuAOwElFQ==
x-xss-protection
1
plusone.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
sffe /
Resource Hash
000185dec97d1557f9120e173b38877687528b6284d2885cd74017d7bc8941fc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Nov 2022 08:36:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20983
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"451993779f4d2ae5"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Nov 2022 08:36:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.1/
95 KB
96 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:28:38 GMT
x-content-type-options
nosniff
age
277651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97403
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:28:38 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://screen-cleanerr.blogspot.com/
Origin
https://screen-cleanerr.blogspot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1053
age
140
cdn-cachedat
11/15/2022 10:30:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9fce814bc7e095cc742f32abc9d0efbc
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77014b786d8d9936-ARN
cdn-requestpullsuccess
True
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://screen-cleanerr.blogspot.com/
Origin
https://screen-cleanerr.blogspot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
140
cdn-cachedat
11/18/2022 06:18:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ce61e4bdd905726e335178325589f633
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77014b786d8b9936-ARN
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
3121149
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8b677d48aa464c28c0815c97adbbe174
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77014b786d7c16a5-ARN
cdn-requestpullsuccess
True
FrightenedAffectionateAlleycat-size_restricted.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_ZhA2UtmjTttx4Ox7xRR84VBiYkUrBAgtlNY809nUk-BDekynjtg_naitCwr8dtn-Rw_jcp-MjiCBs7__7b3vJsVsCMVX8Q1aCl9YO-eGaKdpkyrjkCFz6Lu336GhDcpxN7Q8y8MjHcbPR32i...
36 KB
36 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_ZhA2UtmjTttx4Ox7xRR84VBiYkUrBAgtlNY809nUk-BDekynjtg_naitCwr8dtn-Rw_jcp-MjiCBs7__7b3vJsVsCMVX8Q1aCl9YO-eGaKdpkyrjkCFz6Lu336GhDcpxN7Q8y8MjHcbPR32iUs5A9TgQCi3pY0R9N8YL3W_FZAiVX4vHW2Tct2We/s320/FrightenedAffectionateAlleycat-size_restricted.gif
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
fife /
Resource Hash
acdda309c58c61c79856a3ce0f0aaf4b856eb0e8682e6e557a2d584ad1e110c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:10 GMT
x-content-type-options
nosniff
server
fife
etag
"v3db"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="FrightenedAffectionateAlleycat-size_restricted.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37050
x-xss-protection
0
expires
Sun, 27 Nov 2022 08:36:10 GMT
Screenshot_194.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2iLEW6QdRpiAvsMTUwXIMpdniA1KQLVrPx0naUIZL7H4JYsW399b7C8pZkG6f9SD6lm6Ah37_HoIc-xZyRUUdWIh7vFJz_DZWSFyZQxzBIkW1TxTYPcwVAvNCRZdszt-YKsxvNK7hm4-GH-BJ...
88 KB
89 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2iLEW6QdRpiAvsMTUwXIMpdniA1KQLVrPx0naUIZL7H4JYsW399b7C8pZkG6f9SD6lm6Ah37_HoIc-xZyRUUdWIh7vFJz_DZWSFyZQxzBIkW1TxTYPcwVAvNCRZdszt-YKsxvNK7hm4-GH-BJw-OskkYREUu-39n94Y7RHCRMpQP_mQd4OXL8tqC8/s320/Screenshot_194.png
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
fife /
Resource Hash
8944b5851ecb0700e0d60139e6a6911636a742e153caa8120d5f11a8ff59ffd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:10 GMT
x-content-type-options
nosniff
server
fife
etag
"v3d9"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_194.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90464
x-xss-protection
0
expires
Sun, 27 Nov 2022 08:36:10 GMT
Untitled.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2ujnRbx_t05kzuus1W2BDctaLoFw-FNlPbLXWWXaEqJqMl9WlU0UiZfWfCHAi9rzqWc7q1dVik8rVmZ6oMdhuh57Suz45_iHcfpQ_JaXkMfMyF4MTpepSibir7uxxRw6sYZQVzQqV6Mw9rR0x...
57 KB
57 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2ujnRbx_t05kzuus1W2BDctaLoFw-FNlPbLXWWXaEqJqMl9WlU0UiZfWfCHAi9rzqWc7q1dVik8rVmZ6oMdhuh57Suz45_iHcfpQ_JaXkMfMyF4MTpepSibir7uxxRw6sYZQVzQqV6Mw9rR0x0mgRkB1JO9s7YzzDN7HT59zNzJclDlOG3DjWbqTWLQ/s320/Untitled.gif
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
fife /
Resource Hash
7dc2f227ba505bac2b5072e117862f9014c1c63b27d58a41a343f5bd350e2a36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:10 GMT
x-content-type-options
nosniff
server
fife
etag
"v3c3"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58511
x-xss-protection
0
expires
Sun, 27 Nov 2022 08:36:10 GMT
ba42ab6.js
d1j9qsxe04m2ki.cloudfront.net/
23 KB
7 KB
Script
General
Full URL
https://d1j9qsxe04m2ki.cloudfront.net/ba42ab6.js
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:17:51 GMT
content-encoding
br
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified
Sun, 30 Oct 2022 13:50:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1104
etag
W/"d0adadb877ad5f27d0c2a369cd5acb5e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
cOXck32dgJU5GcuxzU7eAak3tfPUMxAQDgjzenSOJHLoBBf3NKOo_Q==
cookienotice.js
screen-cleanerr.blogspot.com/js/
6 KB
2 KB
Script
General
Full URL
https://screen-cleanerr.blogspot.com/js/cookienotice.js
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 07:50:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 03 Dec 2022 08:33:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.HtSm0zoQFcM.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-roB2fmxUuxFe4uTOwKr3qc0uqaQ/
145 KB
50 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.HtSm0zoQFcM.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-roB2fmxUuxFe4uTOwKr3qc0uqaQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
sffe /
Resource Hash
501083605727fad6b382d1ec43037a36a12e34d08eed25c42ca90ec089c81fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 00:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51075
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 15:24:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 00:30:22 GMT
/
screen-cleanerr.blogspot.com/
6 KB
6 KB
Image
General
Full URL
https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f1.1e100.net
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Nov 2022 13:28:17 GMT
server
GSE
etag
W/"61b5ca38b8651ea6513fad77df2131d05cfa03ee63bf15054ec5b71b295f949a"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5675
x-xss-protection
1; mode=block
expires
Sat, 26 Nov 2022 08:36:10 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://screen-cleanerr.blogspot.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
141
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
845d809dc1f62ad31cadc90db391cce4
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77014b7bd8719936-ARN
cdn-requestpullsuccess
True
html.2632365.f1fa8.0.js
dwmsurhf1svv8.cloudfront.net/public/external/v2/
8 KB
9 KB
Script
General
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2632365.f1fa8.0.js
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/ba42ab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-3.fra56.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
dc0fc6c323f3933f2e5aaddad1f9f46287ed5916e2537ef7583102eb47a4f8c6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:11 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-P3
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
LW_Fc8NNRmxwFkSeQkHPhBIhSQG8hmFjnFjdNL6Opi69-wsEwyvdDg==
css_front.css
dwmsurhf1svv8.cloudfront.net/public/external/
6 KB
7 KB
Stylesheet
General
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/css_front.css
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/ba42ab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-3.fra56.r.cloudfront.net
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:11 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-P3
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
NM3xzrFdMAhGQ3nT_P8SuvWrnNHrP3_w_NU7yUR7HxU0tnvPijqE2g==
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: screen-cleanerr.blogspot.com
URL: https://screen-cleanerr.blogspot.com/?s1=OTW-Gazza
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:35:17 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
337907074
0.php
s4.histats.com/stats/
50 B
184 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4667300&@f16&@g1&@h1&@i1&@j1669451770888&@k0&@l1&@m%E2%AD%90%EF%B8%8FCongratulations%E2%AD%90%EF%B8%8F&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:20324072&@b3:1669451771&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fscreen-cleanerr.blogspot.com%2F%3Fs1%3DOTW-Gazza&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
d8b2e6dd1404aa5d2874a7ba0717c3889e6a03095a62d4d118b4286a3f37fb62

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 08:36:11 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
css.css
dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/
1010 B
1 KB
Stylesheet
General
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/css.css
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/ba42ab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-3.fra56.r.cloudfront.net
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:11 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-P3
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
tCiyBC7GlGIxvUKlmc1msmzVdYZR-io6fVZKhb3euNWEslFSv0l1jA==
guid
dwmsurhf1svv8.cloudfront.net/public/
0
277 B
Script
General
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=9hnk9clwv&s1=OTW-Gazza&e=ll&t=1669451771664
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/ba42ab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-3.fra56.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:11 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-P3
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
jfya4Sof5J10G8bSKdrIozFIQgNJ6IAPRKVt__aQV4n_6JW3SMaFWw==
check.php
dwmsurhf1svv8.cloudfront.net/public/external/
78 B
372 B
Script
General
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2632365&time=1669451773379
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/ba42ab6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-3.fra56.r.cloudfront.net
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://screen-cleanerr.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:36:13 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-P3
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
U0s--hhtDB6WoANMEGWc9kPonBTuI9d7GeBA6RQSvunxzEXG5QEO1Q==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| adsbygoogle object| gapi object| ___jsl function| $ function| jQuery object| jQuery112109226471547503503 function| redirectCU function| redirectKK object| CPABUILDSETTINGS object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| _Hasync object| cookieChoices function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

9 Cookies

Domain/Path Name / Value
cutt.ly/ Name: PHPSESSID
Value: 58f69l46vfjfom45m6k7s5304k
screen-cleanerr.blogspot.com/ Name: _cpguid
Value: 9hnk9clwv
screen-cleanerr.blogspot.com/ Name: HstCfa4667300
Value: 1669451770888
screen-cleanerr.blogspot.com/ Name: HstCla4667300
Value: 1669451770888
screen-cleanerr.blogspot.com/ Name: HstCmu4667300
Value: 1669451770888
screen-cleanerr.blogspot.com/ Name: HstPn4667300
Value: 1
screen-cleanerr.blogspot.com/ Name: HstPt4667300
Value: 1
screen-cleanerr.blogspot.com/ Name: HstCnv4667300
Value: 1
screen-cleanerr.blogspot.com/ Name: HstCns4667300
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
blogger.googleusercontent.com
cutt.ly
d1j9qsxe04m2ki.cloudfront.net
dwmsurhf1svv8.cloudfront.net
fonts.googleapis.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
screen-cleanerr.blogspot.com
www.launchaco.com
104.18.11.207
108.138.17.19
142.250.181.225
142.250.184.238
142.250.185.202
142.250.186.42
172.67.8.238
18.66.121.17
192.99.13.63
216.58.212.161
46.105.201.240
52.222.206.3
000185dec97d1557f9120e173b38877687528b6284d2885cd74017d7bc8941fc
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3e0ffb2daec3a6a0841661de3a4889c93726a28b57e85088d30efed2ddb7c0ad
501083605727fad6b382d1ec43037a36a12e34d08eed25c42ca90ec089c81fe4
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dc2f227ba505bac2b5072e117862f9014c1c63b27d58a41a343f5bd350e2a36
875582c70c5cee3cbe075ec14d36d3f94023592de48c23c6f40f46b57bdc6d3a
8944b5851ecb0700e0d60139e6a6911636a742e153caa8120d5f11a8ff59ffd9
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
acdda309c58c61c79856a3ce0f0aaf4b856eb0e8682e6e557a2d584ad1e110c3
bdecf0171609fc54f6b4ce8c8f03cc67f4fbe8f8e01fa3ef5782c7802e9c9c6a
d8b2e6dd1404aa5d2874a7ba0717c3889e6a03095a62d4d118b4286a3f37fb62
dc0fc6c323f3933f2e5aaddad1f9f46287ed5916e2537ef7583102eb47a4f8c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c