urlscan.io logo urlscan.io
SecurityTrails logo

id-ransomware.blogspot.com Open in urlscan Pro
2a00:1450:4001:80f::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://id-ransomware.blogspot.com/
Effective URL: https://id-ransomware.blogspot.com/
Submission: On May 15 via manual from MY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 89 HTTP transactions. The main IP is 2a00:1450:4001:80f::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is id-ransomware.blogspot.com.
TLS certificate: Issued by WR2 on May 6th 2024. Valid for: 3 months.
This is the only time id-ransomware.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 206.221.176.133 23470 (RELIABLESITE)
1 2a02:6b8:a::a 13238 (YANDEX)
1 1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.181.233 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.206 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a02:6b8:23::225 13238 (YANDEX)
4 8 2a02:6b8::1:119 13238 (YANDEX)
3 142.250.185.97 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
89 23
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
id-ransomware.blogspot.com
8    2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
www.blogblog.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
41    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    206.221.176.133 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)
s05.flagcounter.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
1    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
4    142.250.181.233 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f9.1e100.net
www.blogger.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
5    2a02:6b8:23::225 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
site.yandex.net
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
3    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
id-ransomware.blogspot.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
41 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10405
956 KB
10 blogger.com
www.blogger.com — Cisco Umbrella Rank: 11861
192 KB
9 blogspot.com
id-ransomware.blogspot.com
2.bp.blogspot.com — Cisco Umbrella Rank: 18449
221 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9603
4 KB
5 yandex.net
site.yandex.net — Cisco Umbrella Rank: 210171
37 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
11 KB
4 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2161
mc.yandex.ru — Cisco Umbrella Rank: 4550
76 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 139
translate.google.com — Cisco Umbrella Rank: 1182
accounts.google.com — Cisco Umbrella Rank: 20
114 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
420 B
2 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 22467
www.blogblog.com — Cisco Umbrella Rank: 45375
540 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
162 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
translate.googleapis.com — Cisco Umbrella Rank: 866
99 KB
1 flagcounter.com
s05.flagcounter.com — Cisco Umbrella Rank: 363338
36 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
71 B
89 15
Domain Requested by
41 blogger.googleusercontent.com id-ransomware.blogspot.com
10 www.blogger.com 1 redirects id-ransomware.blogspot.com
www.blogger.com
apis.google.com
6 id-ransomware.blogspot.com 1 redirects id-ransomware.blogspot.com
www.blogger.com
5 mc.yandex.com 3 redirects id-ransomware.blogspot.com
5 site.yandex.net id-ransomware.blogspot.com
site.yandex.net
3 mc.yandex.ru 1 redirects id-ransomware.blogspot.com
3 www.gstatic.com id-ransomware.blogspot.com
www.gstatic.com
3 2.bp.blogspot.com id-ransomware.blogspot.com
3 www.google-analytics.com id-ransomware.blogspot.com
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com id-ransomware.blogspot.com
www.google-analytics.com
2 apis.google.com id-ransomware.blogspot.com
apis.google.com
1 fonts.gstatic.com id-ransomware.blogspot.com
1 region1.google-analytics.com www.googletagmanager.com
1 translate.googleapis.com
1 accounts.google.com 1 redirects
1 yandex.ru id-ransomware.blogspot.com
1 s05.flagcounter.com id-ransomware.blogspot.com
1 translate.google.com id-ransomware.blogspot.com
1 www.blogblog.com id-ransomware.blogspot.com
1 pagead2.googlesyndication.com id-ransomware.blogspot.com
1 resources.blogblog.com id-ransomware.blogspot.com
1 ajax.googleapis.com id-ransomware.blogspot.com
89 23
Subject Issuer Validity Valid
misc-sni.blogspot.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.blogger.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.apis.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
s02.flagcounter.com
R3		 2024-04-02 -
2024-07-01		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2024-03-04 -
2024-09-01		 6 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.yastatic-net.ru
GlobalSign RSA OV SSL CA 2018		 2024-04-16 -
2024-11-16		 7 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh

This page contains 4 frames:

Primary Page: https://id-ransomware.blogspot.com/
Frame ID: CC882C385C36FAAA0AEE27CC7786C141
Requests: 87 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=6113896202570680354&blogName=%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8+The+Digest+%22...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://id-ransomware.blogspot.com/search&blogLocale=ru&v=2&homepageUrl=https://id-ransomware.blogspot.com/&vt=-399970744322218291&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Dsoa_Wdo28w.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg%2Fm%3D__features__
Frame ID: 741D94E3AFDCC8302799A98EB03BF50B
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50&pageSize=21&origin=https://id-ransomware.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.de.Dsoa_Wdo28w.O/am%3DAAAC/d%3D1/rs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/m%3D__features__&bpli=1
Frame ID: EDBB1A2A9B3E12E96BBDA8EC4ECC4C1A
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 214A27736EF57B11E84792DB69A91DDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Шифровальщики-вымогатели The Digest "Crypto-Ransomware"

Page URL History Show full URLs

  1. http://id-ransomware.blogspot.com/ HTTP 307
    https://id-ransomware.blogspot.com/ HTTP 307
    http://id-ransomware.blogspot.com/ HTTP 301
    https://id-ransomware.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

98 %
HTTPS

78 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

1926 kB
Transfer

3484 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://id-ransomware.blogspot.com/ HTTP 307
    https://id-ransomware.blogspot.com/ HTTP 307
    http://id-ransomware.blogspot.com/ HTTP 301
    https://id-ransomware.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50&pageSize=21&origin=https://id-ransomware.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Dsoa_Wdo28w.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg%2Fm%3D__features__ HTTP 302
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D6113896202570680354%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://id-ransomware.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.de.Dsoa_Wdo28w.O/am%253DAAAC/d%253D1/rs%253DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D6113896202570680354%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://id-ransomware.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.de.Dsoa_Wdo28w.O/am%253DAAAC/d%253D1/rs%253DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/m%253D__features__%26bpli%3D1&go=true HTTP 302
  • https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50&pageSize=21&origin=https://id-ransomware.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.de.Dsoa_Wdo28w.O/am%3DAAAC/d%3D1/rs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/m%3D__features__&bpli=1
Request Chain 82
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10370.pgRCtrCcwzriIeea2eMezu42ZNAxftSNkcz9wwfKCApJg3cQKqV2PsxuzW0WuN78.no_Sugag7God_3dKpDnNt7ViUx0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10370.KAUmzj0zvWzP1XgKot7pRCwA0DnQLJhSUXktaeZTOXa-gWN-6cMv3BLbQTD5xLTeRvPyMadbA1KN8G9FKJ_EYr0NOZzRgdEBSJoWqYj4sxJ4tw1HqnMP968zu4TU78AQNe8HB3sUDp_HeTt2ic8uFvUlDA501_MeXRqV9VDhPPt4Bna0AANQMDWTTmsmu6mPiGgR3568_j18qn25e6zpUA2G4DE9gwI3dtpXcM_fdJ4%2C.sFqQ5jPBeI8_3YL8dU-Q91bCnOk%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10370.a4TOfqLP3e8iFCArkjeKCMT8gkSZvE1PY30bMBMxP5yiRh5WHVEy2_TWUFgxebQU2HFvzMPBV-QgBDATWthgZEsKSjCGU6DzUWUuy-nJOnN_iLpG1Sn2bjwDQ2X0tFwTfbbjNRe0MlZ3ubDcUV3jGZLME16OLKMxXk78aYoeLG1w2fBZaitDDG-MgkVlXeioFzIEsOkMT6X14v1xj-8nqA%2C%2C.JVhkVbzhqkNTSqtR0dX9aWtpbv0%2C
Request Chain 84
  • https://mc.yandex.com/watch/69634408?wmode=7&page-url=https%3A%2F%2Fid-ransomware.blogspot.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A97873557876%3Ahid%3A923061904%3Az%3A120%3Ai%3A20240515120218%3Aet%3A1715767338%3Ac%3A1%3Arn%3A205295602%3Arqn%3A1%3Au%3A1715767338110423888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3821%3Awv%3A2%3Ads%3A0%2C0%2C370%2C327%2C3161%2C0%2C%2C460%2C10%2C%2C%2C%2C4322%3Aco%3A0%3Acpf%3A1%3Ans%3A1715767333748%3Agi%3AR0ExLjMuMTUyODU3MjU0OS4xNzE1NzY3MzM4%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715767339%3At%3A%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
  • https://mc.yandex.com/watch/69634408/1?wmode=7&page-url=https%3A%2F%2Fid-ransomware.blogspot.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A97873557876%3Ahid%3A923061904%3Az%3A120%3Ai%3A20240515120218%3Aet%3A1715767338%3Ac%3A1%3Arn%3A205295602%3Arqn%3A1%3Au%3A1715767338110423888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3821%3Awv%3A2%3Ads%3A0%2C0%2C370%2C327%2C3161%2C0%2C%2C460%2C10%2C%2C%2C%2C4322%3Aco%3A0%3Acpf%3A1%3Ans%3A1715767333748%3Agi%3AR0ExLjMuMTUyODU3MjU0OS4xNzE1NzY3MzM4%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715767339%3At%3A%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
id-ransomware.blogspot.com/
Redirect Chain
  • http://id-ransomware.blogspot.com/
  • https://id-ransomware.blogspot.com/
  • http://id-ransomware.blogspot.com/
  • https://id-ransomware.blogspot.com/
283 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a84cbf99a599f762a5e8e1e58ff5430d7382d6c9c1797eacc12d20d9d7e1b6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
52029
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 10:02:17 GMT
etag
W/"a0dab62cb7dbb2d060cdd058962b127e49b71fdbd066cb566371ab74b1dd96fe"
expires
Wed, 15 May 2024 10:02:17 GMT
last-modified
Wed, 15 May 2024 04:59:17 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
200
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 May 2024 10:02:16 GMT
Expires
Wed, 15 May 2024 10:02:16 GMT
Location
https://id-ransomware.blogspot.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7756
x-xss-protection
0
last-modified
Mon, 13 May 2024 18:54:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 14 May 2025 14:04:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27266
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 07:58:17 GMT
platform.js
apis.google.com/js/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 May 2024 10:02:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21302
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"791be0a0400d03a0"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 May 2024 10:02:17 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-81232046-1
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8e4020c724292474a0d81042ea11c11823c43ee65bd6f0df03b5c640642ebb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75082
x-xss-protection
0
last-modified
Wed, 15 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 May 2024 10:02:17 GMT
Screenshot_2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS5DAhtSv1vdkET2pBdwi1mYdvv5ZIlPSW1AIlYN4QZjmF2lvB92tqzqTRPg4RrETskimVOwfmPct79QxLWo4dRVW9VTC6amybxV3MJxhf0Pba9U29FYsTfJrIJufQRWJJkjkM3WNz3GWkM2pr... 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS5DAhtSv1vdkET2pBdwi1mYdvv5ZIlPSW1AIlYN4QZjmF2lvB92tqzqTRPg4RrETskimVOwfmPct79QxLWo4dRVW9VTC6amybxV3MJxhf0Pba9U29FYsTfJrIJufQRWJJkjkM3WNz3GWkM2prPmqkyXvVpqvQkESFvmLF0D81KtiPey6yflw23T1b/w626-h227/Screenshot_2.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
55b71972822a7605bedde2764d957839dd3d99cd3c3d6f3ac9c8980d07b46d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7658"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35021
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
mailservice.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO03GHry4whf46wJBEuN76HPmTX-YjPTRtXhbeY6BX1-DsSCKxGDIG5P1zm-SF2qdEZFBXC8mFBADpjHRYEzXxY6WAQMRE-B8p7WZ6lE0zYnWiOo6pmFUjVS4XWtPxH6xa6d2OWpysTOAilA4p... 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO03GHry4whf46wJBEuN76HPmTX-YjPTRtXhbeY6BX1-DsSCKxGDIG5P1zm-SF2qdEZFBXC8mFBADpjHRYEzXxY6WAQMRE-B8p7WZ6lE0zYnWiOo6pmFUjVS4XWtPxH6xa6d2OWpysTOAilA4p53YulWUUJYpskwQndx9HllC2x4kk5FDzdCUhzVmi/s320/mailservice.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f224363ebf18111fda804bb16c9bf2918478861f3b65db28a0819bf5fa7e799a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v769d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="mailservice.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30487
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:07:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 01:54:07 GMT
server
sffe
age
93289
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 21 May 2024 08:07:28 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCGAVlqRXgu8hiEETqGYGTtznZ42aLgVS2A5NmfQu0Jj14LKb93gO9butkpQt-UTcSffjr40Paw-CWAngW0dJQZK4zyueVLfdiSt7uY7E-b7XE8SloJivDVn4e7pYoh8kOP6Rao3Z8OXSb8mX4... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCGAVlqRXgu8hiEETqGYGTtznZ42aLgVS2A5NmfQu0Jj14LKb93gO9butkpQt-UTcSffjr40Paw-CWAngW0dJQZK4zyueVLfdiSt7uY7E-b7XE8SloJivDVn4e7pYoh8kOP6Rao3Z8OXSb8mX4F8LvujiMFPlsiX6LU0tlI-ebxUkfjOQ-LKXD-Y7HWuc/w200-h200/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
19d5e6f5485733593f45f8490c5be704fc9d68d5485cff1e0427607a718b8993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b88"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10195
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
AVvXsEg-jyBVz6seI__YnNm2qu5bgkDfulD2MTvBupxvnQEjcP2nGn3MKTacUkBhxEClpFUUXDiGS7YtFPEEA9C6TjY18-tOzyXTYonVTyyLSx3oV0cBmA3JelPfC6cL4FMvN7XNSxr8NUzS_7unz-4pcdon0SR5uDT_VmhY_BPUyHW80zCZ3MltGzTcI9Os
blogger.googleusercontent.com/img/a/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEg-jyBVz6seI__YnNm2qu5bgkDfulD2MTvBupxvnQEjcP2nGn3MKTacUkBhxEClpFUUXDiGS7YtFPEEA9C6TjY18-tOzyXTYonVTyyLSx3oV0cBmA3JelPfC6cL4FMvN7XNSxr8NUzS_7unz-4pcdon0SR5uDT_VmhY_BPUyHW80zCZ3MltGzTcI9Os
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
290899b31d93433fdeae397a797ad17e4e3d719a54662f1d9979dab6986cd879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v6d1e"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="button-no.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
note.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheOOOQM9H6vo5VZVe1dixWOyZYFpnsvNwcFzhDtF8nUR-8kSd62HWn0f7S571mOPIc7Nod2MJ0R1QHiUS0pdzONhmTaFZRQ-Bb5fp_2wB2YNIRoa_-RmET3UDBGTS019NUFUElo2AGPpW5Z3EO... 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheOOOQM9H6vo5VZVe1dixWOyZYFpnsvNwcFzhDtF8nUR-8kSd62HWn0f7S571mOPIc7Nod2MJ0R1QHiUS0pdzONhmTaFZRQ-Bb5fp_2wB2YNIRoa_-RmET3UDBGTS019NUFUElo2AGPpW5Z3EO6Xxt_s8H54fqf9uNvoIVZ6s1DpeIJKkMlv-FcvBmzzI/w320-h259/note.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ded380bcde2d13d63b60bb804c90eda76a77a36612bff4b62fc68335048aa48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b8a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="note.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58106
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
victims.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhybYP4ZYB_ad655u79sKu8qugmQ2nnNF2c0L1grITyXp1jxXxa1gm1lm3ADZwKjFECBiVi2owyRP4cGOyrF2CGnN1IQVI4zR0E9PAHvtccFMBEPVajg1c_rrxTsJwWmrAr_oWKA9yZJRU6E0j4... 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhybYP4ZYB_ad655u79sKu8qugmQ2nnNF2c0L1grITyXp1jxXxa1gm1lm3ADZwKjFECBiVi2owyRP4cGOyrF2CGnN1IQVI4zR0E9PAHvtccFMBEPVajg1c_rrxTsJwWmrAr_oWKA9yZJRU6E0j4HUsz9auTJ6gq3mE9IN0AtLZBUDo8dNGGs7dTu1o8fXI/s320/victims.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6b10dbc0c8ec50e1442806622d6bd78bf067ad1c1060fd0337d3410ce528020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b8c"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="victims.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39150
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
address2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihCdBNSJv9OyIuwx-ECbWBEQAkIKqTd3j9-gdpBuy9s6mZkpKC2pCGtcliDXqfjwCbxtrVIUkJ-_vk0tfO9e9jUznhrjQPoCeHu2fEYYP_QMVRCCaO-I9mE1NorEHp3gf2RZGupuZvwWCZF2zR... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihCdBNSJv9OyIuwx-ECbWBEQAkIKqTd3j9-gdpBuy9s6mZkpKC2pCGtcliDXqfjwCbxtrVIUkJ-_vk0tfO9e9jUznhrjQPoCeHu2fEYYP_QMVRCCaO-I9mE1NorEHp3gf2RZGupuZvwWCZF2zR5YGe6fNZfBawgNjI56abvHkjmBNGPq8MYBGPixmi/s1600/address2.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7810a70b0a69c8483fdec333cc3b85b7b10799783a7569463e4770c05512b5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7616"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="address2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11555
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
big-thanks2.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_OGW9iycLEZXKLLABeYEINuZKQDKqrEhk_UhgJoA4Ol7_Ua67tQAxzwnko8fj_FLBGDTCs1fNi8EpirnauB-L1kuhHvSihqkHz_Tn2XzCFCggRoKrmt17siUzDlI4cXUeHaWi70Ug7nbRXUK1... 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_OGW9iycLEZXKLLABeYEINuZKQDKqrEhk_UhgJoA4Ol7_Ua67tQAxzwnko8fj_FLBGDTCs1fNi8EpirnauB-L1kuhHvSihqkHz_Tn2XzCFCggRoKrmt17siUzDlI4cXUeHaWi70Ug7nbRXUK1I_Oiv4188fToGd4cW1f3sKd9lBlpJd_WzJVGilQJ/s1600/big-thanks2.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
27b8c90e2bba543cc5fd79104da6e08d0e670db09e443a3643df64c843b3c1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7618"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="big-thanks2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17412
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNc-oX1nO0GzSPJg-Lgva-TFygwqLpYEesta10EOOv7AZDTwln810xdFweUNdfs7yzT23_wDwF_6xgEroxrl_3oRoitIPX_boxI9mPPrs7xLb2PgDxxPWUlnGTmLO610JisKAcwBAfMp6XM6uI... 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNc-oX1nO0GzSPJg-Lgva-TFygwqLpYEesta10EOOv7AZDTwln810xdFweUNdfs7yzT23_wDwF_6xgEroxrl_3oRoitIPX_boxI9mPPrs7xLb2PgDxxPWUlnGTmLO610JisKAcwBAfMp6XM6uIlFFRwowKrzroH49LHkYpx9M-Ubn1WEADJ8UD6Q44md4/w200-h200/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6227c5e580bccf654a2c58c8d8bbb9f0d787984c56cb1c0065638fe3691ea3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b43"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42752
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
wallp-note.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2JJHl_kwY3xpZX1k2KqAcvhSK7a-bfvYv819GJ_EDMOrUM8xQWebSueHl0UBr9tfN80nvTw0B0ktbRey1x2B7Jr4-0xFoIimEV0u75IEFs-jJn8blrjYXTJhFfn6U-r6d6zz5aO1Aj4CXNF2F... 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2JJHl_kwY3xpZX1k2KqAcvhSK7a-bfvYv819GJ_EDMOrUM8xQWebSueHl0UBr9tfN80nvTw0B0ktbRey1x2B7Jr4-0xFoIimEV0u75IEFs-jJn8blrjYXTJhFfn6U-r6d6zz5aO1Aj4CXNF2FAh1PtbG1WSwgPpFOy1ITuySyNgCIBfSmmx2Bmy8v4xQ/s320/wallp-note.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
592149e68b573c799f7e47db77923665157d9f5d4cda17b70fc596702854757b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b47"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="wallp-note.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34585
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhriujNYL8cN8lQ6Jo-hTsGhpAH2sPARqhAB-EN5xfOEr9MicSx_tZrodqH2dVfPVxe_VFFtY6eS95AKNGXv9BkgwXWjWGv1eUML-X89YKzrgdfs4-tkCmCGUnCugQqMf7-AXqqjki_xpO5NHmO... 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhriujNYL8cN8lQ6Jo-hTsGhpAH2sPARqhAB-EN5xfOEr9MicSx_tZrodqH2dVfPVxe_VFFtY6eS95AKNGXv9BkgwXWjWGv1eUML-X89YKzrgdfs4-tkCmCGUnCugQqMf7-AXqqjki_xpO5NHmO1IXGbQ-99RPf3mcYLmcrBg5IeYaIkgOrmCRficS-Afg/w200-h200/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ad01a94ccf2c02ae377cb22af3fe66685de4023a14b168e159140edc2aada46d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b33"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13455
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
Screenshot_1.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqFpLMIQbiW57Yr7cSsOC9zgk0AN2MRlRf_YR3NSxnh6lj0x7Eb-bdDI7VTFGvcm4-TEh-A7BwvRnxdPtB1A3oh4eyVRetOa0cn-fGX7RGPWDY6lBkE3z2zIdV7Wvn-kewyLu_h22aD7x-gNF0... 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqFpLMIQbiW57Yr7cSsOC9zgk0AN2MRlRf_YR3NSxnh6lj0x7Eb-bdDI7VTFGvcm4-TEh-A7BwvRnxdPtB1A3oh4eyVRetOa0cn-fGX7RGPWDY6lBkE3z2zIdV7Wvn-kewyLu_h22aD7x-gNF0aFE88-s9_H5c_5XEzMh8igRJMpV_k_oM8ruSGcqV354/s320/Screenshot_1.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
69077024abfef4c2c486300977aa280341e597d1b10808a34240d0ecbe96d727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b3c"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29062
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
Screenshot_2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNnQoM7vpoJLY3P4HjzE7Fd0kCr9mTWZquYkx9hN0-bvYEe5IphuOqtPWeIYNP_slEga9wTU4LhmXooaEunmfTMEML9ZlxlrBnAJVB_6DWUesJ5V1Xlpd8LtU0eLZDjEJv3T6qNlWrhNwGAWEg... 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNnQoM7vpoJLY3P4HjzE7Fd0kCr9mTWZquYkx9hN0-bvYEe5IphuOqtPWeIYNP_slEga9wTU4LhmXooaEunmfTMEML9ZlxlrBnAJVB_6DWUesJ5V1Xlpd8LtU0eLZDjEJv3T6qNlWrhNwGAWEgEvoZLeKQLzlOxM9TsbdGw1eU-ryFcCImKKZKcoxbwrs/s320/Screenshot_2.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0a18e1575e0999d9a23ed72cfeeb4e2e0aa2e8861927ce472767d7b513d2fb2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b3d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30904
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
lock-note.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEjdNuP3cE_LmdzFdabWTKCSJ0ONNqMnr1jGhRWoWZfziYC9Y9RYXFoCyBt16XW0Htv88ieP0Dq1H4rQXe4VJBJMVcH1qwCjN5PoUln63KRVlTryZPogI8Tc2dSYZqFaPB5_NNnKivnZyMCChC... 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEjdNuP3cE_LmdzFdabWTKCSJ0ONNqMnr1jGhRWoWZfziYC9Y9RYXFoCyBt16XW0Htv88ieP0Dq1H4rQXe4VJBJMVcH1qwCjN5PoUln63KRVlTryZPogI8Tc2dSYZqFaPB5_NNnKivnZyMCChCNSWRAThbraurcH6MqOW1f-M7ojD9WKK7NA6NYeMcGC4/w320-h198/lock-note.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5097a1e87dd10258ef387bb10c64366bf5d5770780490110aff50d2ff67bfd50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b31"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lock-note.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10396
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYpFgXAqGtbfzxjWJecvPdpwj08aXSqaVzNkEsNKJ2AkeLbXpSR9k9Pnyv7aTl44m3Bm03CA5t5eFbCp4xI-FaT8Jel1bE8KG13KH58fNxdSEPkSmXKH-PzrD6zyEsGRXLgcljnMVJVwslRpVl... 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYpFgXAqGtbfzxjWJecvPdpwj08aXSqaVzNkEsNKJ2AkeLbXpSR9k9Pnyv7aTl44m3Bm03CA5t5eFbCp4xI-FaT8Jel1bE8KG13KH58fNxdSEPkSmXKH-PzrD6zyEsGRXLgcljnMVJVwslRpVl2hqekDfNMC5Kuz9u7ntTMuWTkLIhhiDgxhMmCT3t5bc/w200-h200/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e14b1d9c3fe0343767431e38b7b8df7ee4c97a68b70b2035fbdea10fe90d610d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b7e"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13548
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
sample1.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1MEpVw_1Mr3BufPKxoaQwjADekFLLFQpMqOmwknpu25kJWbDifwSFoypsjjI6Jum31-so04CNTkzJzcl_D-Y94N6vOp4nwwxvRBoLrpLCl137YOLTb__Q0ijlD9CazuJZTDRm_cicZixLeyzz... 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1MEpVw_1Mr3BufPKxoaQwjADekFLLFQpMqOmwknpu25kJWbDifwSFoypsjjI6Jum31-so04CNTkzJzcl_D-Y94N6vOp4nwwxvRBoLrpLCl137YOLTb__Q0ijlD9CazuJZTDRm_cicZixLeyzz9xmG3OOCjwwgEZXSJM1vNV0RnkMga34kKX_4JytRn3s/w200-h164/sample1.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02ab3a0e57352397d08bcc81ed6b71754e88f13ab9ccc55587c08609cd952262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b6b"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="sample1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
note1.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_PeqeJOsXZSmzKa15lhorcExaHLsUb5f61SXameN6M1NKXsr5l260BZXrEGv_87FY2kr0Y0mu5gcDg3w9JjBN0RDQj3OvV6QHdf9FS4Ed1zTSFOwOuolRZYcL2SGpOPeII1aMjScb9_uZqz_t... 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_PeqeJOsXZSmzKa15lhorcExaHLsUb5f61SXameN6M1NKXsr5l260BZXrEGv_87FY2kr0Y0mu5gcDg3w9JjBN0RDQj3OvV6QHdf9FS4Ed1zTSFOwOuolRZYcL2SGpOPeII1aMjScb9_uZqz_t9LXVweMYW0cUALS1fmn8uixWqGtdUUj3fImzWAaSGFs/s320/note1.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
37b3e7c1f583cc3076597c9e44c3286040d5c8724ff9c76ae358a3d605faff9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b80"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="note1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12357
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 May 2024 08:20:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6110
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 15 May 2024 10:20:27 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6113896202570680354&zx=0c6e18c4-95f8-4b11-9f1f-d680c46daa50
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 10:02:18 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d206d37f46b471524cc264a53d14f39844f9357480cb0100cd9a5c1df7a92482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61034
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:15:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 May 2025 13:56:54 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 11:55:02 GMT
x-content-type-options
nosniff
age
79635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 May 2024 11:55:02 GMT
00001.jpg
2.bp.blogspot.com/-UQOCaF5IV3k/WharCXygFVI/AAAAAAAAIG8/nAFDPR77cNoka_ZNUFKnQb_y4l9UMdU0gCK4BGAYYCw/s0/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-UQOCaF5IV3k/WharCXygFVI/AAAAAAAAIG8/nAFDPR77cNoka_ZNUFKnQb_y4l9UMdU0gCK4BGAYYCw/s0/00001.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
580c3cc5729f226bbee2626a16e7882b8d4dd1bb75b116ba1f2b44d40a4766a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 07:50:04 GMT
x-content-type-options
nosniff
age
7933
content-disposition
inline;filename="00001.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152886
x-xss-protection
0
server
fife
etag
"v2070"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 May 2024 07:50:04 GMT
white-fade.png
www.blogblog.com/1kt/ethereal/ 		144 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogblog.com/1kt/ethereal/white-fade.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
909a47a95386ffd0420ff44c0f1278a3259b918b1bc8213afa97ad6a4bb5bb58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 07:49:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 06:55:04 GMT
server
sffe
age
94353
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 21 May 2024 07:49:44 GMT
share_buttons_20_3.png
www.blogger.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:02:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 May 2024 18:54:09 GMT
server
sffe
age
72006
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5080
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 21 May 2024 14:02:11 GMT
DailyDarkWeb-message.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCbq65LBW3kNiDH8_9J3JK4uYYfSZ_vZYjNHYTbDfiDLzj_pJW5b9eyV5Jild-W3TgA7i80042YI7P7wBPlD7NrSIoTu0kWYf_LoZOIB07HEJQnXKEs5zchq0HxalK2Tc9Hx1-kAI-JgvHhRP1... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCbq65LBW3kNiDH8_9J3JK4uYYfSZ_vZYjNHYTbDfiDLzj_pJW5b9eyV5Jild-W3TgA7i80042YI7P7wBPlD7NrSIoTu0kWYf_LoZOIB07HEJQnXKEs5zchq0HxalK2Tc9Hx1-kAI-JgvHhRP1RKycsGYy7rqarNvvy33gHJezPyhXJofRbENEtcbW1dg/s320/DailyDarkWeb-message.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ff67afdeb854ea9360c4a803482519f1aea885c3c389449f217ab8d6b50233c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b6d"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="DailyDarkWeb-message.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15640
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
note-5-3-24.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmd12XN9Y521qvPu_y5oIri3mBU-eULGoMKLvlFSfVucF4k4kwlMrrJs6AEfkejiMiD2J-gpFgMrgZQ_OtTQ-4qLuRrF7_OMlkS7DKbx2E03R4m_01A3PVUie53eb20NiEJyuPlBSNHXzy8Tfh... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmd12XN9Y521qvPu_y5oIri3mBU-eULGoMKLvlFSfVucF4k4kwlMrrJs6AEfkejiMiD2J-gpFgMrgZQ_OtTQ-4qLuRrF7_OMlkS7DKbx2E03R4m_01A3PVUie53eb20NiEJyuPlBSNHXzy8TfhlKO1XK-Je44BMOnBgyjuSSf3PEdEHcVaWL0njreW9Rw/w320-h235/note-5-3-24.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e4552840fc0e763c8b48060ef681dea3684a7875a9ea494626941d3b1859fef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b84"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="note-5-3-24.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15697
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
note-13-3-24.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDVk_3Q-GIGYHYsPAQU7rAGH_MxobyorljVd9xL0TUPidVq27-JlgOWBstxJGY8_Vw5TmVpVVj6IGgurV4vx-Zd2Y1BO1o_uDccn2D-vz-NEypYkhaNmeFBFpPLtwimbb_lwVQ7ZRZ6qrxPEnc... 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDVk_3Q-GIGYHYsPAQU7rAGH_MxobyorljVd9xL0TUPidVq27-JlgOWBstxJGY8_Vw5TmVpVVj6IGgurV4vx-Zd2Y1BO1o_uDccn2D-vz-NEypYkhaNmeFBFpPLtwimbb_lwVQ7ZRZ6qrxPEncxzyBQIe1-0phJmMfTjcCwIqpo0JtVQD_ztUEdoYz0qk/w268-h320/note-13-3-24.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
82a388814c328df235eebe4ff44164a6bc2a54b778522e849a9bae0c9dba1eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b82"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="note-13-3-24.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41371
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
note-16-3-24.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_6MXoXCtxaSLZC37NuxeZED6W3yGauDhR49k-ZIRG0jfRe7M5tzOuQ7rJ9i14Kydwm5Inf-qdoKSLEbMZdGkdM00BCb4KmOeV3UwA8lKBU0pAPiwORe6Db9vvdoCE8-_v1jxdY8eLTOaMEE-_... 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_6MXoXCtxaSLZC37NuxeZED6W3yGauDhR49k-ZIRG0jfRe7M5tzOuQ7rJ9i14Kydwm5Inf-qdoKSLEbMZdGkdM00BCb4KmOeV3UwA8lKBU0pAPiwORe6Db9vvdoCE8-_v1jxdY8eLTOaMEE-_QSF8gxH2UYheBNS2q1mYYAh8DdszKrfSbMzIU5ev4rg/w320-h285/note-16-3-24.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
40e207cbf350f0c6c0b8747536e477b1415e021b461b5efc4160e61e9874ae0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b6f"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="note-16-3-24.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21568
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
Screenshot_1.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7B_wFceHdWFwYBiIpT4SVeRpT8Kx8fDJ8Jh60qOYYSZ1Y_XbULzek0A4Au6NACs6D12Xqbqu57zmYvoWxoYjCSVVMq3hnq7n57NddI_5KLMwk50qI_69eoimvxyqmyAFgGws0nK0wCX9uHueP... 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7B_wFceHdWFwYBiIpT4SVeRpT8Kx8fDJ8Jh60qOYYSZ1Y_XbULzek0A4Au6NACs6D12Xqbqu57zmYvoWxoYjCSVVMq3hnq7n57NddI_5KLMwk50qI_69eoimvxyqmyAFgGws0nK0wCX9uHueP5R8ecoUYHmMe-BLSdgZSrbQbAMwaSDp7G4g4mSo7u2A/w200-h149/Screenshot_1.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
37f0a3de4a1de3bcaa8b3d78a5bb67ba538944badde2ef6bdea7220aa8c1b88c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b73"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_1.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21100
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
Screenshot_2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMQ5zmSP4mKlr5HZGVhi43o-YB3gfLM2pc0NHXu_a8RTN0imLeLEBqDLYyu3rnOdGLsjJzMGgaXqwgkAZEzT7TM0_A2BkGxX-Don3MDStkYSuvTCPKcaw3iiZNkI4WJVN2nGs1wRbHr1TbRMcN... 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMQ5zmSP4mKlr5HZGVhi43o-YB3gfLM2pc0NHXu_a8RTN0imLeLEBqDLYyu3rnOdGLsjJzMGgaXqwgkAZEzT7TM0_A2BkGxX-Don3MDStkYSuvTCPKcaw3iiZNkI4WJVN2nGs1wRbHr1TbRMcNFqbyps_I7S3734ChcaErJs6yrmQw-GulXHpwWr59sKM/w194-h200/Screenshot_2.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7e58d48a0c16a23fe8abb4fe36fb3452b5660532360f7df58bcfd591a6d4f255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b75"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7151
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
Screenshot_3.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxN41D5TYau25JNM5nb1RLrz0mnvH0w9LY9FUW5pjHEynNNxq2S5YFs9SkCRl6WQDlEbpvz4wQXXKXRnADC0ID6aQqKxEjUGR1qx2aYM9cVU9roz3NfkEZOOalBP1cv7KxMkdBWZetn_7Qg3zS... 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxN41D5TYau25JNM5nb1RLrz0mnvH0w9LY9FUW5pjHEynNNxq2S5YFs9SkCRl6WQDlEbpvz4wQXXKXRnADC0ID6aQqKxEjUGR1qx2aYM9cVU9roz3NfkEZOOalBP1cv7KxMkdBWZetn_7Qg3zSvB_42YOfTertyTf1LcfQvdu5NVgKTYhi5zB1U-voPKk/w159-h200/Screenshot_3.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ae7034c2f87644982ff101ea77da1b22673603547bec9e5eadc2d49303e1118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b75"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_3.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6046
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
Screenshot_4.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig79Mt7ZyZ0AMj29t3J3F68dxD7oTOQdzvlfCtZGO8Q9DtkmdgmWAnRv49-srvkP8mG9rNHfszZ9DTMvo5tV7Jp4kSL9Q2U1lV4-41dkXae7D0Z-ucBf9iBjBCIf18DyXvrbPRJxbct0EHc7tW... 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig79Mt7ZyZ0AMj29t3J3F68dxD7oTOQdzvlfCtZGO8Q9DtkmdgmWAnRv49-srvkP8mG9rNHfszZ9DTMvo5tV7Jp4kSL9Q2U1lV4-41dkXae7D0Z-ucBf9iBjBCIf18DyXvrbPRJxbct0EHc7tW9fsNs2uPJ9BS6QJgEbAwkQYOqibHeXNbaudO1j7sgoc/w193-h200/Screenshot_4.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9f39dc2df8f821541e216add4a158b0e0dd222fdbb40bc3761ea6e071da424d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b76"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_4.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7043
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
BlackLegion-sample.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZGlWRNYwPdRUv9rtRw3-2dD_Gb69TfP95gvS5ujX3tj9unz5jbPd-XVJ4f5yaJURMj7oc0AriztbB6u2l4dNf_z_e_0XwYcPNt1u0pgevlUgQynQBMY1KdJn_I_9QSpeuUDzvqPPZWVH8GKvX... 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZGlWRNYwPdRUv9rtRw3-2dD_Gb69TfP95gvS5ujX3tj9unz5jbPd-XVJ4f5yaJURMj7oc0AriztbB6u2l4dNf_z_e_0XwYcPNt1u0pgevlUgQynQBMY1KdJn_I_9QSpeuUDzvqPPZWVH8GKvXyD0Cvpt4GeTwOYiNe4xdnrhydZcRpC3BmUyWW-uam-c/s320/BlackLegion-sample.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0788d98fcf32c5543e12ed72c5817aea45d84f3450a63ba1497de5f02f393843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b79"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="BlackLegion-sample.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51202
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
Poraton-sample.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxUXN7hY7oLEDTOVQQLnnpYJxE9EKF-lOI8kts4kTkBwYUZZWf4vBhGD4Z7Jz92xx2Ef-zeDdKokLjxZV7Tif9tuDrZjPFsTUPX3_XSNt6-xkxfJuvTs1_MTheJWZxlfWRxavMbCuxzEHFL9Oh... 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxUXN7hY7oLEDTOVQQLnnpYJxE9EKF-lOI8kts4kTkBwYUZZWf4vBhGD4Z7Jz92xx2Ef-zeDdKokLjxZV7Tif9tuDrZjPFsTUPX3_XSNt6-xkxfJuvTs1_MTheJWZxlfWRxavMbCuxzEHFL9Oht4UcF7vnfoy4oGe7Y_GYUTCtSvqYgduDSlL9pS8M5ZA/s320/Poraton-sample.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0b2fa5f670d36712b7101b643eab506f73f8fe98398c464a84b19cc55f54d418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b7a"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Poraton-sample.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51285
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
twitter-2.png
2.bp.blogspot.com/-h0YLcA9BtVE/YI6add-I_qI/AAAAAAAAZQE/TT2IgIC1Xxgo6lcOzOuofs8Jl61gSrqvACK4BGAYYCw/s482/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-h0YLcA9BtVE/YI6add-I_qI/AAAAAAAAZQE/TT2IgIC1Xxgo6lcOzOuofs8Jl61gSrqvACK4BGAYYCw/s482/twitter-2.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
16ce2aceb0e0cf0a3725ceb81832cd83bb0a1c4d52225b9e9a71940ec3b47f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:49:49 GMT
x-content-type-options
nosniff
age
4348
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="twitter-2.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9371
x-xss-protection
0
server
fife
etag
"v6502"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 May 2024 08:49:49 GMT
FOLLOW-BC.png
2.bp.blogspot.com/-kn981BkQVJU/YI6bqIrxJ5I/AAAAAAAAZQQ/GHZapFWHa2M40onyEGhbVyKMprb9xA06gCK4BGAYYCw/s1600/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-kn981BkQVJU/YI6bqIrxJ5I/AAAAAAAAZQQ/GHZapFWHa2M40onyEGhbVyKMprb9xA06gCK4BGAYYCw/s1600/FOLLOW-BC.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8ead09b519555de565f0d8de6b8826acabd5bd4f1afea6ac02242d4248efe2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:49:49 GMT
x-content-type-options
nosniff
age
4348
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="FOLLOW-BC.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7437
x-xss-protection
0
server
fife
etag
"v6505"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 May 2024 08:49:49 GMT
element.js
translate.google.com/translate_a/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7896a75d526524271e09699ad631832e7352d982cfc15697fa55aa62986c61c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 10:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AVvXsEgM1txPrE0dnVk8xuu14FlSE0PJNcycYw0xw8NG_mzcoz_1tUnqX4mhWLTNfpF5-DYf9qynWFerCqDyIf7tJN1FELjFXf3-gSzegOCjv2Xmai0S9B28GUqUYwdvrnZUKQRUaz09LZSBhOpOpFxTCbBXtkT-XERwieDARTbGoUKnbdKed6ZaaKN_LaeJ=s262
blogger.googleusercontent.com/img/a/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgM1txPrE0dnVk8xuu14FlSE0PJNcycYw0xw8NG_mzcoz_1tUnqX4mhWLTNfpF5-DYf9qynWFerCqDyIf7tJN1FELjFXf3-gSzegOCjv2Xmai0S9B28GUqUYwdvrnZUKQRUaz09LZSBhOpOpFxTCbBXtkT-XERwieDARTbGoUKnbdKed6ZaaKN_LaeJ=s262
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2e2f6993e2d20eb510a48b5ce8d2f7c2e9cf93d0f731685e1c77a9b289b4332b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v769f"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="mailservice.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214194
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
AVvXsEjydTl0Mthr6MxkQ_Ht3LdK0ZQXCsL9LwLKEifREbX34VkxCxVJxO_79rV9gY-K3OFFrDehOb_zC0y6IhJAxqDNdscNm53Vl5xdHVuyfXXbJl2Jk3VNmt6Q7-LBhR1GNxbicW8ArRnMzP5xhPZ0M2pdOFVhoVDaG7GLFNXi5fVrWeodVBQ5FAZwjSgHDxY=s262
blogger.googleusercontent.com/img/a/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEjydTl0Mthr6MxkQ_Ht3LdK0ZQXCsL9LwLKEifREbX34VkxCxVJxO_79rV9gY-K3OFFrDehOb_zC0y6IhJAxqDNdscNm53Vl5xdHVuyfXXbJl2Jk3VNmt6Q7-LBhR1GNxbicW8ArRnMzP5xhPZ0M2pdOFVhoVDaG7GLFNXi5fVrWeodVBQ5FAZwjSgHDxY=s262
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e38f9da12a1cc8370bd73b05e55fb8ccf0f6a48c93ee50acae9c7cd7ca694ce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v79a5"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="help2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18848
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
AVvXsEhz68l0QU2WHXEb4Bv7j1Id910nuiGhJZ88hcjdt1h5ET2m-u4yqrNmVHbd4_go8WVrjQ9Ottumbn4YB0FjByZEidjSAo69MPEjmfoOcdBeW7k6UsfynUzL2_JHOdBwOKXSyKEffAgL2xzZLcBrTQNGpu_h8JRd_Z84UTEmE0Araw_OKEE4v1mC6oy7=s369
blogger.googleusercontent.com/img/a/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEhz68l0QU2WHXEb4Bv7j1Id910nuiGhJZ88hcjdt1h5ET2m-u4yqrNmVHbd4_go8WVrjQ9Ottumbn4YB0FjByZEidjSAo69MPEjmfoOcdBeW7k6UsfynUzL2_JHOdBwOKXSyKEffAgL2xzZLcBrTQNGpu_h8JRd_Z84UTEmE0Araw_OKEE4v1mC6oy7=s369
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e59717f22bd5b4b6ed44315254f259fdcf81c721eb221b928ca6c1a494159d33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7458"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="of2019.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29128
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
AVvXsEiiD1OqhTxPtALufNuubZ1q-k7QksD3Cys48vU8lJyVP_y7eGKS0kEvfnRjTvSlMy5dQmvX6NFtUuVK1T8IHugmtWp1N3gaHwAqsqmEwRNfvgycH4clQ2n2BH9YrVk-uzzmjEoIKsWBQwfnguWOxE3TPe9SQDNwhJYAGDLkUkRT0Tzo1S0IqHzeZnyM=s195
blogger.googleusercontent.com/img/a/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiiD1OqhTxPtALufNuubZ1q-k7QksD3Cys48vU8lJyVP_y7eGKS0kEvfnRjTvSlMy5dQmvX6NFtUuVK1T8IHugmtWp1N3gaHwAqsqmEwRNfvgycH4clQ2n2BH9YrVk-uzzmjEoIKsWBQwfnguWOxE3TPe9SQDNwhJYAGDLkUkRT0Tzo1S0IqHzeZnyM=s195
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ef014ce3479410d3e2607e62ac052b32f6067603948e39ca6d392ef3544bd013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v745a"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="seif_s_kodom.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11552
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
/
s05.flagcounter.com/count2/TCeO/bg_FFFFFF/txt_4D1DA1/border_F70F3D/columns_2/maxflags_50/viewers_3/labels_1/pageviews_1/flags_0/percent_1/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s05.flagcounter.com/count2/TCeO/bg_FFFFFF/txt_4D1DA1/border_F70F3D/columns_2/maxflags_50/viewers_3/labels_1/pageviews_1/flags_0/percent_1/
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.221.176.133 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
5c96f77434894f8172429550ab7854232b4a8097a7ebb5228d59d7941b2bec13

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 15 May 2024 10:02:18 GMT
Cache-control
no-cache
Server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
Connection
close
Transfer-Encoding
chunked
Content-Type
image/png
cycounter
yandex.ru/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/cycounter?https://id-ransomware.blogspot.com&theme=light&lang=ru
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
fbee4e710c749c693a185bacfab172d8c2893d18ec073a3f520a59f48d3e2e5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Fri, 05 Apr 2024 10:06:28 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1715767338027233-819198429667149562-balancer-l7leveler-kubr-yp-sas-23-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/png
x-xss-protection
1; mode=block
expires
Fri, 19 Apr 2024 10:06:28 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYpFgXAqGtbfzxjWJecvPdpwj08aXSqaVzNkEsNKJ2AkeLbXpSR9k9Pnyv7aTl44m3Bm03CA5t5eFbCp4xI-FaT8Jel1bE8KG13KH58fNxdSEPkSmXKH-PzrD6zyEsGRXLgcljnMVJVwslRpVl... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYpFgXAqGtbfzxjWJecvPdpwj08aXSqaVzNkEsNKJ2AkeLbXpSR9k9Pnyv7aTl44m3Bm03CA5t5eFbCp4xI-FaT8Jel1bE8KG13KH58fNxdSEPkSmXKH-PzrD6zyEsGRXLgcljnMVJVwslRpVl2hqekDfNMC5Kuz9u7ntTMuWTkLIhhiDgxhMmCT3t5bc/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7523d275a00f720a13a48a616600d35db58ec1339afa58f79261937a083f1da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b7e"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3218
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCGAVlqRXgu8hiEETqGYGTtznZ42aLgVS2A5NmfQu0Jj14LKb93gO9butkpQt-UTcSffjr40Paw-CWAngW0dJQZK4zyueVLfdiSt7uY7E-b7XE8SloJivDVn4e7pYoh8kOP6Rao3Z8OXSb8mX4... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCGAVlqRXgu8hiEETqGYGTtznZ42aLgVS2A5NmfQu0Jj14LKb93gO9butkpQt-UTcSffjr40Paw-CWAngW0dJQZK4zyueVLfdiSt7uY7E-b7XE8SloJivDVn4e7pYoh8kOP6Rao3Z8OXSb8mX4F8LvujiMFPlsiX6LU0tlI-ebxUkfjOQ-LKXD-Y7HWuc/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cc0cb306fe1e390475afb1f3767606fda03cfc0c2b4dd87bdc1c0704fd819927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b88"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3416
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:17 GMT
navbar.g
www.blogger.com/ Frame 741D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=6113896202570680354&blogName=%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8+The+Digest+%22...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://id-ransomware.blogspot.com/search&blogLocale=ru&v=2&homepageUrl=https://id-ransomware.blogspot.com/&vt=-399970744322218291&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Dsoa_Wdo28w.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://id-ransomware.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2657
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 10:02:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
followers.g
www.blogger.com/ Frame EDBB
Redirect Chain
  • https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODV...
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D6113896202570680354%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOG...
  • https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODV...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50&pageSize=21&origin=https://id-ransomware.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.de.Dsoa_Wdo28w.O/am%3DAAAC/d%3D1/rs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/m%3D__features__&bpli=1
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://id-ransomware.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
3587
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 10:02:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-ycZ6eSG5Q3nkwn3-qBaKPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 10:02:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://www.blogger.com/followers.g?blogID=6113896202570680354&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM0NDQ0NDQiByMyODVkOGMqByNkNGUxZmYyByM2NjY2NjY6ByM0NDQ0NDRCByMyODVkOGNKByM2NjY2NjZSByMyODVkOGNaC3RyYW5zcGFyZW50&pageSize=21&origin=https://id-ransomware.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.de.Dsoa_Wdo28w.O/am%3DAAAC/d%3D1/rs%3DAHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/m%3D__features__&bpli=1
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
Screenshot_2.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS5DAhtSv1vdkET2pBdwi1mYdvv5ZIlPSW1AIlYN4QZjmF2lvB92tqzqTRPg4RrETskimVOwfmPct79QxLWo4dRVW9VTC6amybxV3MJxhf0Pba9U29FYsTfJrIJufQRWJJkjkM3WNz3GWkM2pr... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS5DAhtSv1vdkET2pBdwi1mYdvv5ZIlPSW1AIlYN4QZjmF2lvB92tqzqTRPg4RrETskimVOwfmPct79QxLWo4dRVW9VTC6amybxV3MJxhf0Pba9U29FYsTfJrIJufQRWJJkjkM3WNz3GWkM2prPmqkyXvVpqvQkESFvmLF0D81KtiPey6yflw23T1b/w72-h72-p-k-no-nu/Screenshot_2.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4df6170b30c90952fbf40e4ed3830d49468089fecd9c5aab35ead90e8a746c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7658"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screenshot_2.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3763
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhriujNYL8cN8lQ6Jo-hTsGhpAH2sPARqhAB-EN5xfOEr9MicSx_tZrodqH2dVfPVxe_VFFtY6eS95AKNGXv9BkgwXWjWGv1eUML-X89YKzrgdfs4-tkCmCGUnCugQqMf7-AXqqjki_xpO5NHmO... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhriujNYL8cN8lQ6Jo-hTsGhpAH2sPARqhAB-EN5xfOEr9MicSx_tZrodqH2dVfPVxe_VFFtY6eS95AKNGXv9BkgwXWjWGv1eUML-X89YKzrgdfs4-tkCmCGUnCugQqMf7-AXqqjki_xpO5NHmO1IXGbQ-99RPf3mcYLmcrBg5IeYaIkgOrmCRficS-Afg/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
77bb22abab28fe9e0ac278454d4e45a47fcec044d92c65c511ee068a9b3843fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b33"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4027
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNc-oX1nO0GzSPJg-Lgva-TFygwqLpYEesta10EOOv7AZDTwln810xdFweUNdfs7yzT23_wDwF_6xgEroxrl_3oRoitIPX_boxI9mPPrs7xLb2PgDxxPWUlnGTmLO610JisKAcwBAfMp6XM6uI... 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNc-oX1nO0GzSPJg-Lgva-TFygwqLpYEesta10EOOv7AZDTwln810xdFweUNdfs7yzT23_wDwF_6xgEroxrl_3oRoitIPX_boxI9mPPrs7xLb2PgDxxPWUlnGTmLO610JisKAcwBAfMp6XM6uIlFFRwowKrzroH49LHkYpx9M-Ubn1WEADJ8UD6Q44md4/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6edf555abeb62a65f50dc86d46963ef277e226374563dc61de1fd9b7b487ab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b43"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7518
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzt0LEwyIxGxLTX-BdLJHKrMCDubgR_5N6nNytBojbiB6I6SnUMxM48ZtPfLxrndhHUZXbrVyBL1EO1yPCfOLN2qwqAiOQJO_8abzHRBvRHq5aYaIpET4lLQzriGaT456troNdyC3ZQlIUgihm... 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzt0LEwyIxGxLTX-BdLJHKrMCDubgR_5N6nNytBojbiB6I6SnUMxM48ZtPfLxrndhHUZXbrVyBL1EO1yPCfOLN2qwqAiOQJO_8abzHRBvRHq5aYaIpET4lLQzriGaT456troNdyC3ZQlIUgihmuWjkWBYe-Sx6ClbAB8Bef8FxQVnaK_ucefEVc521vW0/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d803a3fe4368ea79b92fbef8ad174e738c8592afcdbcba0823073a5c9f91e9d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7b15"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5553
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhj1vSQxhyCA88C7-za3nCKL7wo5-EbnqccZKzkIs4B-3JZCXOf-VDpc9_5Exi-osYL4Z5fzvrpAxO47nlVCXF4reWsGKFRGFalRzUTQ8RQ-wKh_gYoi64gFTCxldZcbe50XTYU6X9sidJXQR-2... 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhj1vSQxhyCA88C7-za3nCKL7wo5-EbnqccZKzkIs4B-3JZCXOf-VDpc9_5Exi-osYL4Z5fzvrpAxO47nlVCXF4reWsGKFRGFalRzUTQ8RQ-wKh_gYoi64gFTCxldZcbe50XTYU6X9sidJXQR-2CkA8tD8qR-P04-ATKnukBJROgqHUpQ7LACMK7fGjmos/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fcbd95a4bdc35145dfb88e1ab82fac2b2fab7ae54b7e629575d1aebbc0f13ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7ace"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5807
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNZHLlWdomlR4zdl_liyRTLtnsbSFQHJu_rtk0fFOip64aObwT8a2kMUIjJRAjfHnPNYNkKbLE8_CbGoZt3qzsFB9PFF4PF2SZGHjdB9ZFLs8-8lNxul6kckr7zY0F0BH69tXuAUyJZgCZGGWV... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNZHLlWdomlR4zdl_liyRTLtnsbSFQHJu_rtk0fFOip64aObwT8a2kMUIjJRAjfHnPNYNkKbLE8_CbGoZt3qzsFB9PFF4PF2SZGHjdB9ZFLs8-8lNxul6kckr7zY0F0BH69tXuAUyJZgCZGGWVUJIno2vLqMgF-zrAH4iREHlsx939YsbXAfR5Gml3Wnk/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df668089e2d6d7fca127a04b4a3be2e69f5cf5e09abcf08e2c50e65df96d708d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7af8"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2869
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhYdsTI_JxLw35WYhO3UZJltbbpcTvfDTPlLsVKL5bEkDyLo_BzO6DNihBTA1HZYAwPWgpEHvW-6vH3KweobsYsZrzC1F_tCKGq7JLhaHrzhKbebztC0KbnlRcMN0h4rhfqUDvOtCRAtDeJAC9... 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhYdsTI_JxLw35WYhO3UZJltbbpcTvfDTPlLsVKL5bEkDyLo_BzO6DNihBTA1HZYAwPWgpEHvW-6vH3KweobsYsZrzC1F_tCKGq7JLhaHrzhKbebztC0KbnlRcMN0h4rhfqUDvOtCRAtDeJAC9489qZat7jeMvi-IBE9U_rAMqjh-CsBLzkrFIZ4Q9wXc/w72-h72-p-k-no-nu/logo.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bbd6c6bc5e9911c572f5d17dc3a2ce65305f14431a1f8bad6b5641bbe2083501
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7af0"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12715
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
logo.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidIHjpvTbzdyuyoTtZJARPICDUrJ5J3L-dYNXsAO-A2suZxuOSRJXog9vjHw49D8sR18yrFlzLYlPfQSqGrdgvLTHtaGz5PEh3n2me6loFWw_OWq3tmjuUkOwkSBHiuL5M7zsXEgyavuzjDSQE... 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidIHjpvTbzdyuyoTtZJARPICDUrJ5J3L-dYNXsAO-A2suZxuOSRJXog9vjHw49D8sR18yrFlzLYlPfQSqGrdgvLTHtaGz5PEh3n2me6loFWw_OWq3tmjuUkOwkSBHiuL5M7zsXEgyavuzjDSQEXqC9E1zFY9MGlVODRkD3jhEjk-MkNlQYPd0KFPMSmeU/w72-h72-p-k-no-nu/logo.jpg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cfe8f4fc4586b90c0d0eaaa53a85ca6ac8465515bc33676d1de4f902ef87bdcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v7ad8"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4331
x-xss-protection
0
expires
Thu, 16 May 2024 10:02:18 GMT
cookienotice.js
id-ransomware.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id-ransomware.blogspot.com/js/cookienotice.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2026
x-xss-protection
0
last-modified
Wed, 15 May 2024 07:50:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 22 May 2024 08:49:48 GMT
1759232347-widgets.js
www.blogger.com/static/v1/widgets/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1759232347-widgets.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f9.1e100.net
Software
sffe /
Resource Hash
ce06d33c5b19e521b0bd671e5b58e20568a7f1a3ea1678a4cf52d5889771bb0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50962
x-xss-protection
0
last-modified
Tue, 14 May 2024 05:54:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 14 May 2025 14:04:46 GMT
collect
www.google-analytics.com/j/ 		16 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=74139740&t=pageview&_s=1&dl=https%3A%2F%2Fid-ransomware.blogspot.com%2F&ul=de-de&de=UTF-8&dt=%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1220527206&gjid=869113086&cid=1528572549.1715767338&tid=UA-81232046-1&_gid=1901306010.1715767338&_r=1&_slc=1&z=1698875668
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4a54ba70bc9d1619b3e2cea418310dfa909b5bc49f844fda171860299b6f3794
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 May 2024 10:02:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81232046-1&cid=1528572549.1715767338&jid=1220527206&gjid=869113086&_gid=1901306010.1715767338&_u=IEBAAEAAAAAAACAAI~&z=565904053
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		249 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-99EZ5NYFNR&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91fd42589c68f72e8a5df626a5b100e84bf19df4dfb25a7a64a6eefd04144a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90623
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 May 2024 10:02:18 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=74139740&t=pageview&_s=1&dl=https%3A%2F%2Fid-ransomware.blogspot.com%2F&ul=de-de&de=UTF-8&dt=%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1024016282&gjid=1156915061&cid=1528572549.1715767338&tid=UA-81232046-1&_gid=1901306010.1715767338&_r=1&gtm=457e45d0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=160260447
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.tAwD_Neu9AE.O/am=BgM/d=1/rs=AN8SPfqQRLM7Vp5ofpHrmu-fU6ShT5BN2Q/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 May 2025 09:14:52 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.tAwD_Neu9AE.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrn7_EutbJQ5MyVqTpPHl_y1WqaRQ/ 		206 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.tAwD_Neu9AE.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrn7_EutbJQ5MyVqTpPHl_y1WqaRQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.tAwD_Neu9AE.O/am=BgM/d=1/rs=AN8SPfqQRLM7Vp5ofpHrmu-fU6ShT5BN2Q/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f360177e429362ddf85ba7d191b70e6a664963e4b51ed62ad2a754e52f25170a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72783
x-xss-protection
0
last-modified
Sun, 12 May 2024 03:10:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 May 2025 09:06:41 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81232046-1&cid=1528572549.1715767338&jid=1024016282&gjid=1156915061&_gid=1901306010.1715767338&npa=1&_u=aEDAAUABAAAAACAAI~&z=1010615947
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 15 May 2024 10:02:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
site.yandex.net/v2.0/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/all.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:23::225 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
3f7754f8700cc03a16dd9ac1c35f4242c9c371e3db0fb6f0e972ece70e642f81
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
content-encoding
br
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-request-id
2ab7e59b42749669
last-modified
Thu, 14 Mar 2024 10:20:57 GMT
server
nginx
etag
W/"f7635abc3bcad1a251f1d35c2fbe002e"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
cache-host
cloudcdn-spbmiran-01.cdn.yandex.net
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 16 May 2024 18:44:11 GMT
tag.js
mc.yandex.ru/metrika/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:07:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664353eb-11f0d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
73485
expires
Wed, 15 May 2024 11:02:18 GMT
stats
id-ransomware.blogspot.com/b/ 		411 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id-ransomware.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmB4xdmouZoidnf4TkbEyYVUv8MceU953pH6RT4HEC5JJ5r_sJQBjY466DXA3aI12lxt-m3CdGjt7c2Ct8F1-5HVvXsfuw
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1759232347-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
GSE /
Resource Hash
50d38eb54612dc543e95657624c1cbe40536705ba150c85dafda13bf4ec36035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
268
x-xss-protection
1; mode=block
expires
Wed, 15 May 2024 10:02:18 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-99EZ5NYFNR&gtm=45je45d0v9109977379za200&_p=1715767337509&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1528572549.1715767338&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fid-ransomware.blogspot.com%2F&dt=%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&sid=1715767338&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4370
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99EZ5NYFNR&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 10:02:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6113896202570680354&zx=0c6e18c4-95f8-4b11-9f1f-d680c46daa50
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 10:02:18 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 214A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 May 2025 09:18:59 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:23:10 GMT
x-content-type-options
nosniff
age
70748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 14 May 2025 14:23:10 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 06:03:18 GMT
x-content-type-options
nosniff
age
14340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 May 2025 06:03:18 GMT
suggest.js
site.yandex.net/v2.0/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/suggest.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:23::225 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
content-encoding
br
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-request-id
837e4c2f9505a4f1
last-modified
Thu, 14 Mar 2024 10:20:57 GMT
server
nginx
etag
W/"7b6f38e40b4c5677b862a187cb8b3e24"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
cache-host
cloudcdn-spbmiran-01.cdn.yandex.net
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 24 Apr 2024 22:14:43 GMT
opensearch.js
site.yandex.net/v2.0/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/opensearch.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:23::225 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
content-encoding
br
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-request-id
050b18f6d4fb50b8
last-modified
Thu, 14 Mar 2024 10:20:57 GMT
server
nginx
etag
W/"d12257f87644c4e89830f47705dee860"
cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
cache-host
cloudcdn-spbmiran-01.cdn.yandex.net
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 24 Apr 2024 22:14:43 GMT
yandex-hint-rb.png
site.yandex.net/v2.0/i/ 		425 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.yandex.net/v2.0/i/yandex-hint-rb.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:23::225 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
425
x-request-id
7d8112542ecac8b4
last-modified
Thu, 14 Mar 2024 10:20:57 GMT
server
nginx
etag
"fbe624b4939c4538e386beffac5861f6"
cache-status
HIT
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
cache-host
cloudcdn-spbmiran-01.cdn.yandex.net
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 16 May 2024 13:57:13 GMT
search.png
site.yandex.net/v2.0/i/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.yandex.net/v2.0/i/search.png
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:23::225 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
49c6ca26c2e3b18d1ef9f08f6f5eb5d3b26ebf13fd246e717072b9075df6fd2f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
771
x-request-id
68709b099280d2da
last-modified
Thu, 14 Mar 2024 10:20:57 GMT
server
nginx
etag
"95698da59d3786c4b32c0172ccf23009"
cache-status
HIT
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
cache-host
cloudcdn-spbmiran-01.cdn.yandex.net
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 09 May 2024 01:56:06 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10370.pgRCtrCcwzriIeea2eMezu42ZNAxftSNkcz9wwfKCApJg3cQKqV2PsxuzW0WuN78.no_Sugag7God_3dKpDnNt7ViUx0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10370.KAUmzj0zvWzP1XgKot7pRCwA0DnQLJhSUXktaeZTOXa-gWN-6cMv3BLbQTD5xLTeRvPyMadbA1KN8G9FKJ_EYr0NOZzRgdEBSJoWqYj4sxJ4tw1HqnMP968zu4TU78AQNe8HB3sUDp...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10370.a4TOfqLP3e8iFCArkjeKCMT8gkSZvE1PY30bMBMxP5yiRh5WHVEy2_TWUFgxebQU2HFvzMPBV-QgBDATWthgZEsKSjCGU6DzUWUuy-nJOnN_i...
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10370.a4TOfqLP3e8iFCArkjeKCMT8gkSZvE1PY30bMBMxP5yiRh5WHVEy2_TWUFgxebQU2HFvzMPBV-QgBDATWthgZEsKSjCGU6DzUWUuy-nJOnN_iLpG1Sn2bjwDQ2X0tFwTfbbjNRe0MlZ3ubDcUV3jGZLME16OLKMxXk78aYoeLG1w2fBZaitDDG-MgkVlXeioFzIEsOkMT6X14v1xj-8nqA%2C%2C.JVhkVbzhqkNTSqtR0dX9aWtpbv0%2C
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://id-ransomware.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10370.a4TOfqLP3e8iFCArkjeKCMT8gkSZvE1PY30bMBMxP5yiRh5WHVEy2_TWUFgxebQU2HFvzMPBV-QgBDATWthgZEsKSjCGU6DzUWUuy-nJOnN_iLpG1Sn2bjwDQ2X0tFwTfbbjNRe0MlZ3ubDcUV3jGZLME16OLKMxXk78aYoeLG1w2fBZaitDDG-MgkVlXeioFzIEsOkMT6X14v1xj-8nqA%2C%2C.JVhkVbzhqkNTSqtR0dX9aWtpbv0%2C
date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: id-ransomware.blogspot.com
URL: https://id-ransomware.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 May 2024 12:07:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664353eb-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 15 May 2024 11:02:18 GMT
1
mc.yandex.com/watch/69634408/
Redirect Chain
  • https://mc.yandex.com/watch/69634408?wmode=7&page-url=https%3A%2F%2Fid-ransomware.blogspot.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2...
  • https://mc.yandex.com/watch/69634408/1?wmode=7&page-url=https%3A%2F%2Fid-ransomware.blogspot.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22...
440 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/69634408/1?wmode=7&page-url=https%3A%2F%2Fid-ransomware.blogspot.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A97873557876%3Ahid%3A923061904%3Az%3A120%3Ai%3A20240515120218%3Aet%3A1715767338%3Ac%3A1%3Arn%3A205295602%3Arqn%3A1%3Au%3A1715767338110423888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3821%3Awv%3A2%3Ads%3A0%2C0%2C370%2C327%2C3161%2C0%2C%2C460%2C10%2C%2C%2C%2C4322%3Aco%3A0%3Acpf%3A1%3Ans%3A1715767333748%3Agi%3AR0ExLjMuMTUyODU3MjU0OS4xNzE1NzY3MzM4%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715767339%3At%3A%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
bd6bcd55f67b07a2271d5683cbf6de2c64d18571cd941a9555c587a688a7d8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://id-ransomware.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 15-May-2024 10:02:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
440
x-xss-protection
1; mode=block
expires
Wed, 15-May-2024 10:02:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 May 2024 10:02:18 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 15-May-2024 10:02:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/69634408/1?wmode=7&page-url=https%3A%2F%2Fid-ransomware.blogspot.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A97873557876%3Ahid%3A923061904%3Az%3A120%3Ai%3A20240515120218%3Aet%3A1715767338%3Ac%3A1%3Arn%3A205295602%3Arqn%3A1%3Au%3A1715767338110423888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3821%3Awv%3A2%3Ads%3A0%2C0%2C370%2C327%2C3161%2C0%2C%2C460%2C10%2C%2C%2C%2C4322%3Aco%3A0%3Acpf%3A1%3Ans%3A1715767333748%3Agi%3AR0ExLjMuMTUyODU3MjU0OS4xNzE1NzY3MzM4%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715767339%3At%3A%D0%A8%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B8-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B8%20The%20Digest%20%22Crypto-Ransomware%22&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin
https://id-ransomware.blogspot.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 15-May-2024 10:02:18 GMT
13464135-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/v-css/13464135-lightbox_bundle.css
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1759232347-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f9.1e100.net
Software
sffe /
Resource Hash
dbcb4b8e7dbaa9d09b7dbee23f9317eba8ae7933be22e798bc054c0c3b16f163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6525
x-xss-protection
0
last-modified
Mon, 13 May 2024 23:54:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 14 May 2025 14:08:38 GMT
3049225271-lbx__ru.js
www.blogger.com/static/v1/jsbin/ 		383 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/3049225271-lbx__ru.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1759232347-widgets.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f9.1e100.net
Software
sffe /
Resource Hash
fcb4127a1d76b2ffc7f43cb629bce9d13d06d10499a0d4ccd12fb9ddf3ff705b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123389
x-xss-protection
0
last-modified
Tue, 14 May 2024 08:54:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 14 May 2025 13:57:20 GMT
favicon.ico
id-ransomware.blogspot.com/ 		1 KB
785 B 		Other
General
Check archive.org
Download Go to
Full URL
https://id-ransomware.blogspot.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
GSE /
Resource Hash
027ca8fc1a8b8a79f7256eadf3d248129faaf4234165239430f28657b5fedae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 04:59:17 GMT
server
GSE
etag
W/"a0dab62cb7dbb2d060cdd058962b127e49b71fdbd066cb566371ab74b1dd96fe"
content-type
image/x-icon
cache-control
private, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
765
x-xss-protection
1; mode=block
expires
Wed, 15 May 2024 10:02:18 GMT
favicon.ico
id-ransomware.blogspot.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://id-ransomware.blogspot.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
GSE /
Resource Hash
027ca8fc1a8b8a79f7256eadf3d248129faaf4234165239430f28657b5fedae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://id-ransomware.blogspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 04:59:17 GMT
server
GSE
etag
W/"a0dab62cb7dbb2d060cdd058962b127e49b71fdbd066cb566371ab74b1dd96fe"
content-type
image/x-icon
cache-control
private, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
765
x-xss-protection
1; mode=block
expires
Wed, 15 May 2024 10:02:18 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| GoogleAnalyticsObject function| ga object| adsbygoogle function| $ function| jQuery function| setAttributeOnload object| gapi object| ___jsl function| gtag object| dataLayer function| followersIframeOpen object| followersIframe function| googleTranslateElementInit object| _F_toggles object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| yandex_site_callbacks function| ym function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| closure_lm_902318 object| cookieChoices object| closure_lm_503731 object| Ya object| yaCounter69634408

31 Cookies

Domain/Path Name / Value
.id-ransomware.blogspot.com/ Name: _ga
Value: GA1.3.1528572549.1715767338
.id-ransomware.blogspot.com/ Name: _gid
Value: GA1.3.1901306010.1715767338
.id-ransomware.blogspot.com/ Name: _gat_blogger
Value: 1
.id-ransomware.blogspot.com/ Name: _gat_gtag_UA_81232046_1
Value: 1
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CIKREhCN/AEYAQ==
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.id-ransomware.blogspot.com/ Name: _ga_99EZ5NYFNR
Value: GS1.3.1715767338.1.0.1715767338.0.0.0
.yandex.ru/ Name: yashr
Value: 8166128031715767338
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.id-ransomware.blogspot.com/ Name: _ym_uid
Value: 1715767338110423888
.id-ransomware.blogspot.com/ Name: _ym_d
Value: 1715767338
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1701822246fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: i
Value: PMEif96+igeCYK/thy5o96RDU1J3y1+Us4a2/KozBlPiXDbTbkEv5Y7MQx+35OIg/Is8oBGH3fGHQ+brcYxeoxz25UY=
.yandex.com/ Name: yandexuid
Value: 9142480171715767338
.yandex.com/ Name: yashr
Value: 9598313391715767338
.id-ransomware.blogspot.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 854991091fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 9142480171715767338
.yandex.ru/ Name: yuidss
Value: 9142480171715767338
.yandex.ru/ Name: i
Value: PMEif96+igeCYK/thy5o96RDU1J3y1+Us4a2/KozBlPiXDbTbkEv5Y7MQx+35OIg/Is8oBGH3fGHQ+brcYxeoxz25UY=
.yandex.ru/ Name: yp
Value: 1715853738.yu.7051262061715767338
.yandex.ru/ Name: ymex
Value: 1718359338.oyu.7051262061715767338
mc.yandex.com/ Name: yabs-sid
Value: 900192171715767338
.yandex.com/ Name: yuidss
Value: 9142480171715767338
.yandex.com/ Name: ymex
Value: 1747303338.yrts.1715767338
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI0IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI0IhoFIng4NiIiECIxMjQuMC42MzY3LjIwMSIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJcIkNocm9taXVtIjt2PSIxMjQuMC42MzY3LjIwMSIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNC4wLjYzNjcuMjAxIiwiTm90LUEuQnJhbmQiO3Y9Ijk5LjAuMC4wIiI=

62 Console Messages

Source Level URL
Text
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://id-ransomware.blogspot.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
accounts.google.com
ajax.googleapis.com
apis.google.com
blogger.googleusercontent.com
fonts.gstatic.com
id-ransomware.blogspot.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
resources.blogblog.com
s05.flagcounter.com
site.yandex.net
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
www.blogblog.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
yandex.ru
142.250.181.233
142.250.185.97
142.250.74.206
172.217.16.194
2001:4860:4802:34::36
206.221.176.133
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::2009
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9a
2a00:1450:400c:c0a::54
2a02:6b8:23::225
2a02:6b8::1:119
2a02:6b8:a::a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
027ca8fc1a8b8a79f7256eadf3d248129faaf4234165239430f28657b5fedae3
02ab3a0e57352397d08bcc81ed6b71754e88f13ab9ccc55587c08609cd952262
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0788d98fcf32c5543e12ed72c5817aea45d84f3450a63ba1497de5f02f393843
0a18e1575e0999d9a23ed72cfeeb4e2e0aa2e8861927ce472767d7b513d2fb2c
0b2fa5f670d36712b7101b643eab506f73f8fe98398c464a84b19cc55f54d418
0ff67afdeb854ea9360c4a803482519f1aea885c3c389449f217ab8d6b50233c
16ce2aceb0e0cf0a3725ceb81832cd83bb0a1c4d52225b9e9a71940ec3b47f98
19d5e6f5485733593f45f8490c5be704fc9d68d5485cff1e0427607a718b8993
27b8c90e2bba543cc5fd79104da6e08d0e670db09e443a3643df64c843b3c1f4
290899b31d93433fdeae397a797ad17e4e3d719a54662f1d9979dab6986cd879
2e2f6993e2d20eb510a48b5ce8d2f7c2e9cf93d0f731685e1c77a9b289b4332b
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
37b3e7c1f583cc3076597c9e44c3286040d5c8724ff9c76ae358a3d605faff9a
37f0a3de4a1de3bcaa8b3d78a5bb67ba538944badde2ef6bdea7220aa8c1b88c
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
3f7754f8700cc03a16dd9ac1c35f4242c9c371e3db0fb6f0e972ece70e642f81
40e207cbf350f0c6c0b8747536e477b1415e021b461b5efc4160e61e9874ae0a
49c6ca26c2e3b18d1ef9f08f6f5eb5d3b26ebf13fd246e717072b9075df6fd2f
4a54ba70bc9d1619b3e2cea418310dfa909b5bc49f844fda171860299b6f3794
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4df6170b30c90952fbf40e4ed3830d49468089fecd9c5aab35ead90e8a746c1e
5097a1e87dd10258ef387bb10c64366bf5d5770780490110aff50d2ff67bfd50
50d38eb54612dc543e95657624c1cbe40536705ba150c85dafda13bf4ec36035
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b71972822a7605bedde2764d957839dd3d99cd3c3d6f3ac9c8980d07b46d17
580c3cc5729f226bbee2626a16e7882b8d4dd1bb75b116ba1f2b44d40a4766a0
592149e68b573c799f7e47db77923665157d9f5d4cda17b70fc596702854757b
5ae7034c2f87644982ff101ea77da1b22673603547bec9e5eadc2d49303e1118
5c96f77434894f8172429550ab7854232b4a8097a7ebb5228d59d7941b2bec13
6227c5e580bccf654a2c58c8d8bbb9f0d787984c56cb1c0065638fe3691ea3c2
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
69077024abfef4c2c486300977aa280341e597d1b10808a34240d0ecbe96d727
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7523d275a00f720a13a48a616600d35db58ec1339afa58f79261937a083f1da1
77bb22abab28fe9e0ac278454d4e45a47fcec044d92c65c511ee068a9b3843fd
7810a70b0a69c8483fdec333cc3b85b7b10799783a7569463e4770c05512b5db
7896a75d526524271e09699ad631832e7352d982cfc15697fa55aa62986c61c8
7e58d48a0c16a23fe8abb4fe36fb3452b5660532360f7df58bcfd591a6d4f255
82a388814c328df235eebe4ff44164a6bc2a54b778522e849a9bae0c9dba1eab
8ead09b519555de565f0d8de6b8826acabd5bd4f1afea6ac02242d4248efe2e7
909a47a95386ffd0420ff44c0f1278a3259b918b1bc8213afa97ad6a4bb5bb58
91fd42589c68f72e8a5df626a5b100e84bf19df4dfb25a7a64a6eefd04144a48
9e6ed92748268abd57ed026022eba9da32c4d231e9ff8b57175244ca5b46c077
9f39dc2df8f821541e216add4a158b0e0dd222fdbb40bc3761ea6e071da424d4
a84cbf99a599f762a5e8e1e58ff5430d7382d6c9c1797eacc12d20d9d7e1b6d6
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ad01a94ccf2c02ae377cb22af3fe66685de4023a14b168e159140edc2aada46d
bbd6c6bc5e9911c572f5d17dc3a2ce65305f14431a1f8bad6b5641bbe2083501
bd6bcd55f67b07a2271d5683cbf6de2c64d18571cd941a9555c587a688a7d8ab
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cc0cb306fe1e390475afb1f3767606fda03cfc0c2b4dd87bdc1c0704fd819927
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce06d33c5b19e521b0bd671e5b58e20568a7f1a3ea1678a4cf52d5889771bb0b
cfe8f4fc4586b90c0d0eaaa53a85ca6ac8465515bc33676d1de4f902ef87bdcf
d206d37f46b471524cc264a53d14f39844f9357480cb0100cd9a5c1df7a92482
d803a3fe4368ea79b92fbef8ad174e738c8592afcdbcba0823073a5c9f91e9d3
dbcb4b8e7dbaa9d09b7dbee23f9317eba8ae7933be22e798bc054c0c3b16f163
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
ded380bcde2d13d63b60bb804c90eda76a77a36612bff4b62fc68335048aa48a
df668089e2d6d7fca127a04b4a3be2e69f5cf5e09abcf08e2c50e65df96d708d
e14b1d9c3fe0343767431e38b7b8df7ee4c97a68b70b2035fbdea10fe90d610d
e38f9da12a1cc8370bd73b05e55fb8ccf0f6a48c93ee50acae9c7cd7ca694ce1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4552840fc0e763c8b48060ef681dea3684a7875a9ea494626941d3b1859fef1
e59717f22bd5b4b6ed44315254f259fdcf81c721eb221b928ca6c1a494159d33
e8e4020c724292474a0d81042ea11c11823c43ee65bd6f0df03b5c640642ebb7
ef014ce3479410d3e2607e62ac052b32f6067603948e39ca6d392ef3544bd013
f224363ebf18111fda804bb16c9bf2918478861f3b65db28a0819bf5fa7e799a
f360177e429362ddf85ba7d191b70e6a664963e4b51ed62ad2a754e52f25170a
f6b10dbc0c8ec50e1442806622d6bd78bf067ad1c1060fd0337d3410ce528020
f6edf555abeb62a65f50dc86d46963ef277e226374563dc61de1fd9b7b487ab2
fbee4e710c749c693a185bacfab172d8c2893d18ec073a3f520a59f48d3e2e5c
fcb4127a1d76b2ffc7f43cb629bce9d13d06d10499a0d4ccd12fb9ddf3ff705b
fcbd95a4bdc35145dfb88e1ab82fac2b2fab7ae54b7e629575d1aebbc0f13ec2