clashroyal111111.blogspot.com Open in urlscan Pro
2a00:1450:4001:814::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Submission Tags: demotag1 demotag2 Search All
Submission: On November 07 via api (November 7th 2020, 4:14:30 am UTC) from US

Summary HTTP 56 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 56 HTTP transactions. The main IP is 2a00:1450:4001:814::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is clashroyal111111.blogspot.com.

This is the only time clashroyal111111.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 5	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
8	13.226.132.119 13.226.132.119	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::681a:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::2009	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:46e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	21

2 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

clashroyal111111.blogspot.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clashroyal111111.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.226.132.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-119.dus51.r.cloudfront.net

clashroyale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)

motefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e6 (United States)

ASN13335 (CLOUDFLARENET, US)

motifiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	motefiles.com motefiles.com	52 KB
8	clashroyale.com clashroyale.com	1 MB
8	blogger.com 1 redirects www.blogger.com	186 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	71 KB
5	traffdaq.com 1 redirects traffdaq.com	5 KB
4	blogspot.com clashroyal111111.blogspot.com 2.bp.blogspot.com	100 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	85 KB
2	blogblog.com resources.blogblog.com www.blogblog.com	48 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
2	speedflow.io speedflow.io	2 KB
1	motifiles.com motifiles.com	21 KB
1	googleusercontent.com lh3.googleusercontent.com	2 KB
1	google.com 1 redirects accounts.google.com	747 B
1	youtube.com www.youtube.com
1	blogspot.nl 1 redirects clashroyal111111.blogspot.nl	483 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
56	17

	Domain	Requested by
11	motefiles.com	clashroyal111111.blogspot.com motefiles.com
8	clashroyale.com	clashroyal111111.blogspot.com
8	www.blogger.com	1 redirects clashroyal111111.blogspot.com www.blogger.com
5	traffdaq.com	1 redirects speedflow.io traffdaq.com
4	fonts.gstatic.com	clashroyal111111.blogspot.com fonts.googleapis.com
3	www.gstatic.com	clashroyal111111.blogspot.com
3	clashroyal111111.blogspot.com	traffdaq.com clashroyal111111.blogspot.com
2	ajax.googleapis.com	clashroyal111111.blogspot.com
2	speedflow.io	speedflow.io
1	motifiles.com	clashroyal111111.blogspot.com
1	lh3.googleusercontent.com	clashroyal111111.blogspot.com
1	www.blogblog.com	clashroyal111111.blogspot.com
1	fonts.googleapis.com	motefiles.com
1	accounts.google.com	1 redirects
1	resources.blogblog.com	clashroyal111111.blogspot.com
1	www.youtube.com	clashroyal111111.blogspot.com
1	2.bp.blogspot.com	clashroyal111111.blogspot.com
1	clashroyal111111.blogspot.nl	1 redirects
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
56	22

This site contains links to these domains. Also see Links.

Domain
2.bp.blogspot.com
clashroyale.com
supr.cl
shop.supercell.com
supercell.helpshift.com
supercell.com
47428.measurementapi.com
www.blogger.com
cr.kunlun.com
www.facebook.com
twitter.com
instagram.com
youtube.com
forum.supercell.com
www.reddit.com
forum.supercell.net
maps.google.com
www.offset.com
motefiles.com

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
clashroyale.com Amazon	`2020-10-15` - `2021-11-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Frame ID: 899FC682A49745ACE48C1A5D91643757
Requests: 52 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604722447969&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 93E9D51B208166530D779D978214D6BF
Requests: 1 HTTP requests in this frame

Frame: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Frame ID: EC6E301DFBD128AA52F22E39C0B1C4CA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9Z5h3i75A4E
Frame ID: CD20F79ED210A5D145453516A2D5463E
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157&bpli=1
Frame ID: DA396C307B1D4023D6826B204888057A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsI... Page URL
https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6Ik1QK3hFazQzV2N4TSt6cXBHb25lWkE9PSIsI... Page URL
http://clashroyal111111.blogspot.nl/2017/08/about-game-faq-forum-shop-support.html HTTP 302
http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

56
Requests

82 %
HTTPS

77 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

1881 kB
Transfer

2786 kB
Size

3
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://2.bp.blogspot.com/-eZVVy4PYJZE/WZhA95e6aVI/AAAAAAAAAc4/fCnZiAUXBlQ0Q_TqSuD1wM6_83SiTXdfgCLcBGAs/s1600/p1bnr4dg7f1cdj1ci613qu8d51ltj3.jpg

Search URL Search Domain Scan URL

URL: https://clashroyale.com/

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news/about-the-game
Title: About the Game

Search URL Search Domain Scan URL

URL: https://clashroyale.com/#faq
Title: FAQ

Search URL Search Domain Scan URL

URL: http://supr.cl/ClashRoyaleForum
Title: Forum

Search URL Search Domain Scan URL

URL: http://shop.supercell.com/?utm_source=cr_nav
Title: Shop

Search URL Search Domain Scan URL

URL: https://supercell.helpshift.com/a/clash-royale/
Title: Support

Search URL Search Domain Scan URL

URL: http://supercell.com/en/parents/
Title: Parent's Guide

Search URL Search Domain Scan URL

URL: http://supercell.com/en/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://supercell.com/en/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://47428.measurementapi.com/serve?action=click&publisher_id=47428&site_id=115659&my_site=clash_website

Search URL Search Domain Scan URL

URL: https://47428.measurementapi.com/serve?action=click&publisher_id=47428&site_id=120233&my_site=clash_website

Search URL Search Domain Scan URL

URL: https://www.blogger.com/null

Search URL Search Domain Scan URL

URL: https://clashroyale.com/de
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://clashroyale.com/es
Title: Español

Search URL Search Domain Scan URL

URL: https://clashroyale.com/fr
Title: Français

Search URL Search Domain Scan URL

URL: https://clashroyale.com/it
Title: Italiano

Search URL Search Domain Scan URL

URL: https://clashroyale.com/nl
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://clashroyale.com/no
Title: Norwegian

Search URL Search Domain Scan URL

URL: https://clashroyale.com/pt
Title: Português

Search URL Search Domain Scan URL

URL: https://clashroyale.com/ru
Title: русский

Search URL Search Domain Scan URL

URL: https://clashroyale.com/tr
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://clashroyale.com/ar
Title: العربية

Search URL Search Domain Scan URL

URL: https://clashroyale.com/ja
Title: 日本語

Search URL Search Domain Scan URL

URL: https://cr.kunlun.com/
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://clashroyale.com/zh
Title: 繁體中文

Search URL Search Domain Scan URL

URL: https://clashroyale.com/ko
Title: 한국어

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ClashRoyale

Search URL Search Domain Scan URL

URL: http://twitter.com/ClashRoyale

Search URL Search Domain Scan URL

URL: http://instagram.com/ClashRoyale

Search URL Search Domain Scan URL

URL: http://youtube.com/clashroyale

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/release-notes

Search URL Search Domain Scan URL

URL: https://forum.supercell.com/showthread.php/1581148-Balance-Update-Coming%21-%288-11%29
Title: forums

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/ClashRoyale/comments/6ssugp/balance_update_coming_811_were_taking_a_look_at/
Title: reddi

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/ClashRoyale/comments/6slcyj/2v2_looks_pretty_permanent_in_ojs_new_video/
Title: t

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news/crown-championship-challenge

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news/terms-of-service-privacy-policy-updated

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news/radio-royale-worldwide-royale-events

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news/is-the-2v2-button-coming-back

Search URL Search Domain Scan URL

URL: https://clashroyale.com/blog/news/the-summer-of-2v2-is-almost-here

Search URL Search Domain Scan URL

URL: https://supercell.helpshift.com/a/clash-royale/?p=web
Title: Support

Search URL Search Domain Scan URL

URL: http://forum.supercell.net/forumdisplay.php/107-Clash-Royale
Title: Forum

Search URL Search Domain Scan URL

URL: http://supercell.com/en/
Title: Supercell

Search URL Search Domain Scan URL

URL: http://supercell.com/en/fan-content-policy/
Title: Fan Content Policy

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?q=Co+Rd+105,+Grover,+CO+80729,+%C3%89tats-Unis@40.979898069620134,-104.0625&z=10
Title: Co Rd 105, Grover, CO 80729, États-Unis

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Fourni par Blogger

Search URL Search Domain Scan URL

URL: http://www.offset.com/photos/223311
Title: Matt Vince

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Signaler un abus

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://motefiles.com/show.php?cl=true&l=702432&u=87706&id=29082
Title: Holen Sie sich jetzt ein Jahr Disney Plus!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D Page URL
https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6Ik1QK3hFazQzV2N4TSt6cXBHb25lWkE9PSIsInZhbHVlIjoiWlptMlZlQlhmMmVpdTJVRU1kVSs0d0VweU9mN2tIOWd4YVNBcFBGUDViZll3OUJjaHpGbUdvRVo2ckg3aktCeExYcjZWOGdHMGxSZlg4M3pcL2hMNHJ2K0hJSTlueWhiTWhnS3M4dXdKTEtKMW05R1wvZUNiVldOZ0NHNXFiK1h3VWhGcWJLOHpLXC9xS3psdGR5KzczekdSaUVJaDkxa1dkb21sb1lzdkFUcjJENThWV3kxVm03eU9YY2xiaDA0dHVuRnhCSlZ6WE1Ma283UlNVVklLMklLXC92dTl6dURMTTZlS2R2RVBtM2o1V1JsRjRZelB0UmNTcWE4VmVnaDF1cjVEd3dSczNWS1hQek5LVnZQTTRhVytUMXJ4M3NPZzQ0N2g2OXQxMkdqYzNWNmxlWGp6MENhQnl5XC9QeElyUHgrZCIsIm1hYyI6ImYxZTdiZDVkYjcwZDUyNTEzMzJmMmEzNGMzMDNhZDc3OWE1YTYyNjVlODNjZTVmMWNlZDEyNTRiNzg1ZDg2MzMifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
http://clashroyal111111.blogspot.nl/2017/08/about-game-faq-forum-shop-support.html HTTP 302
http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://traffdaq.com/delivery/et/71463?category=women_dating HTTP 301
https://traffdaq.com/delivery/et/71463?category=women_dating

Request Chain 34

https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D5814313925658834103%26postID%3D3132146586278774290%26skin%3Dsoho%26blogspotRpcToken%3D5231157%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D5814313925658834103%26postID%3D3132146586278774290%26skin%3Dsoho%26blogspotRpcToken%3D5231157%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157&bpli=1

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 393ms
373ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: dc3e0ec3c8dd5631b5f8e2617b764f88bd326779a873e1b7a40575533f30e150

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 07 Nov 2020 04:14:07 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=67493; path=/ time_start=1604722447.8568; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=67493; path=/ ip=185.216.34.99 mobile=0 country=++ visits_todayi=0; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=67493; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 544
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 20ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:07 GMT
Content-Encoding: gzip
X-HW: 1604722447.dop235.fr8.shc,1604722447.dop235.fr8.t,1604722447.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1

200
OK

71463 Show response
traffdaq.com/delivery/et/
Redirect Chain

http://traffdaq.com/delivery/et/71463?category=women_dating
https://traffdaq.com/delivery/et/71463?category=women_dating

2 KB
1020 B

343ms
124ms

Script
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/et/71463?category=women_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: c388bf94cf09c576df3bd845d20512b6db5628ee8e478cd26dcf38ad4639ae1c

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:08 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://traffdaq.com/delivery/et/71463?category=women_dating
Connection: close
Content-length: 0

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 93E9 0
0 94ms
74ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604722447969&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 07 Nov 2020 04:14:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225fa61f100af1a6.09829983568999485%22%3B%7D; expires=Mon, 07 Nov 2022 04:14:08 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 404
Not Found %3C Show response
speedflow.io/adult/ Frame EC6E 315 B
460 B 200ms
199ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ip=185.216.34.99; mobile=0; country=++; visits_todaya=1; time_start=1604722447.8568; visits_todayi=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 04:14:08 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET 47382
traffdaq.com/delivery/dl/ 0
0

GET
H/1.1 200
OK 71463 Show response
traffdaq.com/delivery/directlink/ 3 KB
2 KB 498ms
279ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D
Requested by: Host: traffdaq.com
URL: http://traffdaq.com/delivery/et/71463?category=women_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 5990fe4dafe5e300e03c2e08f58d4f8fbfaa62d6b92c5476612a9c87544a4e71

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 04:14:08 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK eyJpdiI6InRrUHUzNHBaMDRCS0w5WE9pRzdydGc9PSIsInZhbHVlIjoiajJTaWxUeERkcjJTUjRCTWJ5WDA0XC9TWWhZTERPQmNjTDB3WGdRTms4dDBBQ282ZnBhTTdcLzd3Y2ZFamx1ZmJLODI4K3AyK1hzV2F0MGhLZlNjN2doQT09IiwibWFjIjoiYTNmODY4N...
traffdaq.com/users/track/ 0
858 B 434ms
215ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6InRrUHUzNHBaMDRCS0w5WE9pRzdydGc9PSIsInZhbHVlIjoiajJTaWxUeERkcjJTUjRCTWJ5WDA0XC9TWWhZTERPQmNjTDB3WGdRTms4dDBBQ282ZnBhTTdcLzd3Y2ZFamx1ZmJLODI4K3AyK1hzV2F0MGhLZlNjN2doQT09IiwibWFjIjoiYTNmODY4Nzk0MTRkOGE1YWM2ZmY5OWNmNTU0ZTZiZjdlZGE5NTYxNzk2NTFiZjAwZDQwNDljN2U1NGQ4ZDNlMyJ9
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:09 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 126ms
49ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa61f10744ef&p=TDQ71463&a=71463&cmp=71463&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 04:14:09 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 806437
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4056-HHN
date: Sat, 07 Nov 2020 04:14:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 71463
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2366ms
2147ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6Ik1QK3hFazQzV2N4TSt6cXBHb25lWkE9PSIsInZhbHVlIjoiWlptMlZlQlhmMmVpdTJVRU1kVSs0d0VweU9mN2tIOWd4YVNBcFBGUDViZll3OUJjaHpGbUdvRVo2ckg3aktCeExYcjZWOGdHMGxSZlg4M3pcL2hMNHJ2K0hJSTlueWhiTWhnS3M4dXdKTEtKMW05R1wvZUNiVldOZ0NHNXFiK1h3VWhGcWJLOHpLXC9xS3psdGR5KzczekdSaUVJaDkxa1dkb21sb1lzdkFUcjJENThWV3kxVm03eU9YY2xiaDA0dHVuRnhCSlZ6WE1Ma283UlNVVklLMklLXC92dTl6dURMTTZlS2R2RVBtM2o1V1JsRjRZelB0UmNTcWE4VmVnaDF1cjVEd3dSczNWS1hQek5LVnZQTTRhVytUMXJ4M3NPZzQ0N2g2OXQxMkdqYzNWNmxlWGp6MENhQnl5XC9QeElyUHgrZCIsIm1hYyI6ImYxZTdiZDVkYjcwZDUyNTEzMzJmMmEzNGMzMDNhZDc3OWE1YTYyNjVlODNjZTVmMWNlZDEyNTRiNzg1ZDg2MzMifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6IncxQVZFUHNiU0ZXc05VcEx1aEswbHc9PSIsInZhbHVlIjoiXC9DMnFLcnVSbWhaa1hqQ3dYblp2Um9IYW1CY0pwZU4ybW1EWlVKankxV25NTkd4aGxzbXY0NVZnaXkrayt0M1hiME1mN3dHZ2xIMjdodTIyN0ZQb3loTTU2UFpqZVE4dlNJXC9XeEJ1WDNldWl4cXNWM2RqU2FYbVBGN2YwOWlGMzV4Rmpuc3hDNmtnWEZTOGdITitlUE8wK1lYU3Jpd1JoOUd0UkFqb2p2M1lHb25WVXMwdXZzblRNS2ViN0hGUmVDeVpKb0I0MWp0dzBPc1JzODZaUUJyalBCTTdPbjZSUlwvOTlncVFRWWQ2ST0iLCJtYWMiOiJiYTg2NGM1NmEyNTk4YmI2ZjcyOTA5OGJkNDJhNjAxOWQwYTdlZWExODEwMjRiNGQzYmFmZTM0MzJhMDdhMjM1In0%3D

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 04:14:11 GMT
Content-Encoding: gzip

GET
H/1.1

200
OK

Primary Request about-game-faq-forum-shop-support.html Show response
clashroyal111111.blogspot.com/2017/08/
Redirect Chain

http://clashroyal111111.blogspot.nl/2017/08/about-game-faq-forum-shop-support.html
http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

159 KB
27 KB

475ms
456ms

Document
text/html

2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6Ik1QK3hFazQzV2N4TSt6cXBHb25lWkE9PSIsInZhbHVlIjoiWlptMlZlQlhmMmVpdTJVRU1kVSs0d0VweU9mN2tIOWd4YVNBcFBGUDViZll3OUJjaHpGbUdvRVo2ckg3aktCeExYcjZWOGdHMGxSZlg4M3pcL2hMNHJ2K0hJSTlueWhiTWhnS3M4dXdKTEtKMW05R1wvZUNiVldOZ0NHNXFiK1h3VWhGcWJLOHpLXC9xS3psdGR5KzczekdSaUVJaDkxa1dkb21sb1lzdkFUcjJENThWV3kxVm03eU9YY2xiaDA0dHVuRnhCSlZ6WE1Ma283UlNVVklLMklLXC92dTl6dURMTTZlS2R2RVBtM2o1V1JsRjRZelB0UmNTcWE4VmVnaDF1cjVEd3dSczNWS1hQek5LVnZQTTRhVytUMXJ4M3NPZzQ0N2g2OXQxMkdqYzNWNmxlWGp6MENhQnl5XC9QeElyUHgrZCIsIm1hYyI6ImYxZTdiZDVkYjcwZDUyNTEzMzJmMmEzNGMzMDNhZDc3OWE1YTYyNjVlODNjZTVmMWNlZDEyNTRiNzg1ZDg2MzMifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

15e930305ecce8a8f86ebfc3f4169e254f93bca0b3998a9f96ab92b881675739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: clashroyal111111.blogspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/71463?hash=eyJpdiI6Ik1QK3hFazQzV2N4TSt6cXBHb25lWkE9PSIsInZhbHVlIjoiWlptMlZlQlhmMmVpdTJVRU1kVSs0d0VweU9mN2tIOWd4YVNBcFBGUDViZll3OUJjaHpGbUdvRVo2ckg3aktCeExYcjZWOGdHMGxSZlg4M3pcL2hMNHJ2K0hJSTlueWhiTWhnS3M4dXdKTEtKMW05R1wvZUNiVldOZ0NHNXFiK1h3VWhGcWJLOHpLXC9xS3psdGR5KzczekdSaUVJaDkxa1dkb21sb1lzdkFUcjJENThWV3kxVm03eU9YY2xiaDA0dHVuRnhCSlZ6WE1Ma283UlNVVklLMklLXC92dTl6dURMTTZlS2R2RVBtM2o1V1JsRjRZelB0UmNTcWE4VmVnaDF1cjVEd3dSczNWS1hQek5LVnZQTTRhVytUMXJ4M3NPZzQ0N2g2OXQxMkdqYzNWNmxlWGp6MENhQnl5XC9QeElyUHgrZCIsIm1hYyI6ImYxZTdiZDVkYjcwZDUyNTEzMzJmMmEzNGMzMDNhZDc3OWE1YTYyNjVlODNjZTVmMWNlZDEyNTRiNzg1ZDg2MzMifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Sat, 07 Nov 2020 04:14:12 GMT
Date: Sat, 07 Nov 2020 04:14:12 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 29 Feb 2020 02:22:55 GMT
ETag: W/"2b0f257673166247a7621ff4f9e65cc7e70dfa71cd608a53e048b52f6099de7c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 26817
Server: GSE

Redirect headers

Location: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 07 Nov 2020 04:14:11 GMT
Expires: Sat, 07 Nov 2020 04:14:11 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 218
Server: GSE

GET
H2 200 imagesloaded-3.1.8.min.js Show response
www.gstatic.com/external_hosted/imagesloaded/ 7 KB
3 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/imagesloaded/imagesloaded-3.1.8.min.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0ddd5f84226a630de4cfacb523cc1a0821f50434466a8898d0ef6aecad3dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 0
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2314
x-xss-protection: 0
expires: Sat, 07 Nov 2020 04:14:12 GMT

GET
H2 200 masonry.pkgd.min.js Show response
www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/ 25 KB
8 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/masonry.pkgd.min.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7630
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
expires: Sat, 07 Nov 2020 04:14:12 GMT

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 0
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4096
x-xss-protection: 0
expires: Sat, 07 Nov 2020 04:14:12 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
665 B 135ms
115ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5814313925658834103&zx=0ac50a3f-e7f2-40a7-9e40-0047bd041547

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Nov 2020 04:14:12 GMT
server: GSE
date: Sat, 07 Nov 2020 04:14:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sprite_v1_6.css.svg
clashroyal111111.blogspot.com/responsive/ 7 KB
3 KB 19ms
14ms Other
image/svg+xml 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://clashroyal111111.blogspot.com/responsive/sprite_v1_6.css.svg

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Nov 2020 19:15:31 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2244
X-XSS-Protection: 0
Expires: Sat, 14 Nov 2020 04:14:12 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clashroyal111111.blogspot.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 11:23:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:12:59 GMT
Server: sffe
Age: 60639
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14044
X-XSS-Protection: 0
Expires: Sat, 06 Nov 2021 11:23:33 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clashroyal111111.blogspot.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 11:32:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:14 GMT
Server: sffe
Age: 60111
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13912
X-XSS-Protection: 0
Expires: Sat, 06 Nov 2021 11:32:21 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clashroyal111111.blogspot.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 11:21:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:12:25 GMT
Server: sffe
Age: 60789
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14176
X-XSS-Protection: 0
Expires: Sat, 06 Nov 2021 11:21:03 GMT

GET
H2 200 p1bnr4dg7f1cdj1ci613qu8d51ltj3.jpg
2.bp.blogspot.com/-eZVVy4PYJZE/WZhA95e6aVI/AAAAAAAAAc4/fCnZiAUXBlQ0Q_TqSuD1wM6_83SiTXdfgCLcBGAs/s640/ 68 KB
68 KB 664ms
662ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-eZVVy4PYJZE/WZhA95e6aVI/AAAAAAAAAc4/fCnZiAUXBlQ0Q_TqSuD1wM6_83SiTXdfgCLcBGAs/s640/p1bnr4dg7f1cdj1ci613qu8d51ltj3.jpg

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61c24804013cccbcaffafb79767105878a7b9bc59c653cc0e9d608223890c1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:14:13 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="p1bnr4dg7f1cdj1ci613qu8d51ltj3.jpg"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69964
x-xss-protection: 0
server: fife
etag: "v1cf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 08 Nov 2020 04:14:13 GMT

GET
H/1.1 200
OK logo.png
clashroyale.com/uploaded-images/_232x109_crop_center-center_90/ 50 KB
51 KB 164ms
51ms Image
image/png 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/_232x109_crop_center-center_90/logo.png?mtime=20160225113328
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2068725f2347705767b15d618473fdfd74ffbabd32e067bfe9d20385143559ed

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 05 Nov 2020 09:14:25 GMT
Via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 02 Mar 2016 23:24:24 GMT
Server: AmazonS3
Age: 154788
ETag: "0ea8309f79773cbe97ab962244800569"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Cache-Control: max-age=604800
X-Amz-Cf-Pop: DUS51-C1
Content-Type: image/png
Content-Length: 51444
X-Amz-Cf-Id: Py3tQ8f-LjTTradcZyMZ_LfnPXP8FB0aCDaZxwmRvwfhZQTNGxXVUg==

GET
H/1.1 200
OK en_apple.png
clashroyale.com/uploaded-images/ 26 KB
27 KB 161ms
49ms Image
image/png 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/en_apple.png?mtime=20160302085608
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f3d0bc37911005c53f9ce1bf6b46d09d845c0be514b707c1bb9b82970a3e8eb

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 04:35:00 GMT
Via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 02 Mar 2016 23:24:44 GMT
Server: AmazonS3
Age: 344353
ETag: "dd4a9910c38e910c97b91f7720d56df1"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Cache-Control: max-age=604800
X-Amz-Cf-Pop: DUS51-C1
Content-Type: image/png
Content-Length: 26797
X-Amz-Cf-Id: O0b-J51qS-IMfoFg17HcCtE736VSXXb8MGHYpXlHa3oNFUVA-oAG4g==

GET
H/1.1 200
OK en_google.png
clashroyale.com/uploaded-images/ 27 KB
28 KB 156ms
44ms Image
image/png 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/en_google.png?mtime=20160302085609
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 185b33f4111c29f9658558cfcad210bdf2218d88e717c4c03beb5a65bab80e6d

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 13:59:17 GMT
Via: 1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 02 Mar 2016 23:24:44 GMT
Server: AmazonS3
Age: 51296
ETag: "e9e9d269780507f8b1849931d0b7b5ab"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Cache-Control: max-age=604800
X-Amz-Cf-Pop: DUS51-C1
Content-Type: image/png
Content-Length: 28151
X-Amz-Cf-Id: L01wQr544ug5_-M034ayiC6ESvBukxblcJnSNMpu3RjAYr-69I0cRQ==

GET
H/1.1 200
OK crown-championship-challenge-blog.jpg
clashroyale.com/uploaded-images/ 144 KB
145 KB 435ms
323ms Image
image/jpeg 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/crown-championship-challenge-blog.jpg?mtime=20170810132225
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 123483f95249a6e75bf3256dfe250dbb862cdafa468712a51552556bd597c403

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
Last-Modified: Thu, 10 Aug 2017 20:22:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "449aec6c227931570d94d0fa35edba17"
X-Cache: Miss from cloudfront
x-amz-version-id: p.8sGM3th8HmSUFfjQHbosWg_MFRLQRP
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 147952
X-Amz-Cf-Id: XUhVQUgdLq5CF1JNdjOzDSC3CMvQlfD_r4X7I80c2vW0HCykNPPCJA==

GET
H/1.1 200
OK August-thumb.jpg
clashroyale.com/uploaded-images/ 216 KB
217 KB 385ms
273ms Image
image/jpeg 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/August-thumb.jpg?mtime=20170714095257
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c4de4d65138169731796d6b4bb49069fd296949a5ace1ad8601ddb7e5ae88f3

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
Last-Modified: Fri, 14 Jul 2017 16:53:01 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "ca323858719bd02fc7927f7b7a327a45"
X-Cache: Miss from cloudfront
x-amz-version-id: aGbpbYvfkdecOqmUGaLSUwMhLoA2ETqR
Cache-Control: max-age=31536000, must-revalidate
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 221306
X-Amz-Cf-Id: _NCTnggai24V7OwkAcZwBvEma1acVuFIjaaUgQA_CwD3UoLupdgZ2w==

GET
H/1.1 200
OK radio-royal-ep4-socialmedia.jpg
clashroyale.com/uploaded-images/ 309 KB
309 KB 338ms
221ms Image
image/jpeg 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/radio-royal-ep4-socialmedia.jpg?mtime=20170629040619
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29056049fece0e4b4808d0e6bf08c7702fbdd8a75d721c7f937ec3bdd794f4b9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Jun 2017 11:06:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "2d49e66513c411840007dfc8738dbb29"
X-Cache: Miss from cloudfront
x-amz-version-id: X1lW0syxBG6PPn5sYtDpqCtVv_pUZYL_
Cache-Control: max-age=604800, must-revalidate
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 316026
X-Amz-Cf-Id: WR_5nmWvlVcfu0imIVFX5UJ9jfv9T4fYICsYE8issNOx8W1ZMSqfMQ==

GET
H/1.1 200
OK 2v2-8h-blog.jpg
clashroyale.com/uploaded-images/ 260 KB
260 KB 216ms
214ms Image
image/jpeg 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/2v2-8h-blog.jpg?mtime=20170618120153
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e1ce8e8b06d0d2ca42162b098f6877ee3d026fa45c0a43bb1bf8c56cbefda4e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Via: 1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
Last-Modified: Sun, 18 Jun 2017 19:01:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "21a7b4630ae05753b5f12b9df9e9fe60"
X-Cache: Miss from cloudfront
x-amz-version-id: _g1ZDJfB2_3DQ8_9A0pSio1NEHCxaduw
Cache-Control: max-age=604800, must-revalidate
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 266174
X-Amz-Cf-Id: OMlZUos322-dniU-9TGPn7QAcVlODbugdYiP8DWqAwbA98_ndzAk6Q==

GET
H2 200 9Z5h3i75A4E
www.youtube.com/embed/ Frame CD20 0
0 110ms
109ms Document
text/html 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9Z5h3i75A4E

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/9Z5h3i75A4E
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 20480
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 07 Nov 2020 04:14:12 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=eByAb4O8hfk; path=/; domain=.youtube.com; secure; expires=Thu, 06-May-2021 04:14:12 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 07-Nov-2020 04:44:12 GMT YSC=kaHfI3nqUQI; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=eByAb4O8hfk; path=/; domain=.youtube.com; secure; expires=Thu, 06-May-2021 04:14:12 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 2v2-tour-dates-blog.jpg
clashroyale.com/uploaded-images/ 261 KB
262 KB 236ms
234ms Image
image/jpeg 13.226.132.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clashroyale.com/uploaded-images/2v2-tour-dates-blog.jpg?mtime=20170627050416
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2447d26d991f435f1398555a182d74ae84121e209eee1fcb10b40f992ccc5916

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Jun 2017 12:04:17 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "cdfb7b11e7298b493a9c79b03e38c5c6"
X-Cache: Miss from cloudfront
x-amz-version-id: skKaR4mDcDzRTrgtTQWo_pgEOd4bqhJC
Cache-Control: max-age=604800, must-revalidate
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 267658
X-Amz-Cf-Id: 843PT8gKw4cgEJ8D7VMzdgUyiwxZ_2clNacWXKgIWRscKW5_W2z-dg==

GET
H2 200 3167449408-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3167449408-comment_from_post_iframe.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cee8c2c35f46d267d35865d25e711b1e360e1c63f5ed69d27e4654ac66a0061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 04:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170916
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5107
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 17:30:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 04:45:36 GMT

GET
H/1.1 200
OK script_include.php Show response
motefiles.com/ 37 KB
8 KB 253ms
224ms Script
text/javascript 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://motefiles.com/script_include.php?id=702432
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e2805f5a182d7df066a3395e14ac270eaf6422f2eb3d22c4de260614af400f

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:12 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ahVMgNrxc6fj%2BQ%2FyhYeHKGmmuCWGpJn0OUYkIQ%2FjJVu2INCWOJ8ljDBbT7KaEbOi4%2BUaMzPXn%2F0AMdUZwDF%2FmUKIDKhlO1Cy3IA3aPLoxEg8kC0ORtg%2Bs0Ha"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 5ee439e04e552be9-FRA
cf-request-id: 064282802b00002be98d0bf000000001

GET
H2 200 1643804868-fancy_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 137 KB
47 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:819::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/1643804868-fancy_compiled.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14dd9acfb1caf53ae07c6ab99239049a8275bf6c996b623d88c4d55b2152e664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 05:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 05:19:43 GMT
server: sffe
age: 253720
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48021
x-xss-protection: 0
expires: Wed, 11 Nov 2020 05:45:32 GMT

GET
H/1.1 200
OK cookienotice.js Show response
clashroyal111111.blogspot.com/js/ 6 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://clashroyal111111.blogspot.com/js/cookienotice.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 07 Nov 2020 03:22:48 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Sat, 14 Nov 2020 04:14:12 GMT

GET
H2 200 3613744382-widgets.js Show response
www.blogger.com/static/v1/widgets/ 141 KB
51 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3613744382-widgets.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f926684fd770877ff27f536756a94061022d54e214aad1547e94ecd6e1651f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 04:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 04:19:16 GMT
server: sffe
age: 256523
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52520
x-xss-protection: 0
expires: Thu, 04 Nov 2021 04:58:49 GMT

GET
H3-Q050

200

comment-iframe.g
www.blogger.com/ Frame DA39
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D5814313925658834103%26postID%3D3132146586278774290%26skin%3Dsoho%26blogspotRpcToken%3D5231157%26b...
https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157&bpli=1

0
0

578ms
578ms

Document
text/html

2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3167449408-comment_from_post_iframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: about:blank

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 07 Nov 2020 04:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4680
server: GSE
set-cookie: S=blogger=qX6CHCnxxM6aia9Z7lD6mTSjwunOmH3yELooDBFeZSU; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 07 Nov 2020 04:14:12 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=5814313925658834103&postID=3132146586278774290&skin=soho&blogspotRpcToken=5231157&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-B6pYkYZDeD/PznURJjqMkQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 264
server: GSE
set-cookie: __Host-GAPS=1:gA1AEu569EvmdA7UJk25mhYd1bUiiw:YKwvfT14-rSs9BI6;Path=/;Expires=Mon, 07-Nov-2022 04:14:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
496 B 567ms
567ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5814313925658834103&zx=0ac50a3f-e7f2-40a7-9e40-0047bd041547

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Nov 2020 04:14:13 GMT
server: GSE
date: Sat, 07 Nov 2020 04:14:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK preload.php Show response
motefiles.com/common/ 381 B
1 KB 225ms
225ms Script
application/javascript 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://motefiles.com/common/preload.php?a=1&t=1604722452&lkt=1&dat=6a6d6c4141414170706c416f686b6b696e4169716d41696941706f7168694169686f71411f41412632322e726767312e232322242a2d3566272d671f22332a32671f753030416a6868
Requested by: Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e994650d892945e439a38710012a4d9a1a7cb810c14720ac61d9fe192d77274

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Connection: keep-alive
cf-request-id: 064282816d00002be91f9ad000000001
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Access-Control-Max-Age: 1000
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RlQKmszM%2FgwD5uH80cLzniiUPZ6EtxrRRTfD3oJgMmwH%2B8f57ybttuhJcWfuAuE3FmL4JXrmy42IlP92VlY9rAFXQkquKCHMEL5mJXAaN6XjcnjEB3HcceKw"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin
CF-RAY: 5ee439e248ab2be9-FRA
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK scriptcss.php
motefiles.com/common/boxes/plain/ 2 KB
2 KB 224ms
210ms Stylesheet
text/css 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://motefiles.com/common/boxes/plain/scriptcss.php?l=clh1gdv31y&s=rp4wv5s
Requested by: Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf98412c7358e7e401d7e6df0c5b2eb2e3eb31f1f636bbd23328f5c38d06045

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M%2FoEt9VDTME18fToA1WmqSe%2BRHK91Jvil2GNkUVOCifkiepKdYYHGHGtqombcXVeEZUj4mIFV0Gwm5z%2FIY8Snpv%2FPUlZbaaM5zfiwo%2F92oNuYd5IfYBspCt8"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Connection: keep-alive
CF-RAY: 5ee439e2597505d8-FRA
cf-request-id: 064282817b000005d82c960000000001

GET
H/1.1 200
OK ie_functions.js Show response
motefiles.com/common/ 4 KB
2 KB 236ms
222ms Script
application/javascript 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://motefiles.com/common/ie_functions.js
Requested by: Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4d7c12f9e05aff0d4b1050019d8d08ac408a5b42d92b218f7385458b80398f

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Content-Encoding: br
CF-Cache-Status: REVALIDATED
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 064282817c000005d84980b000000001
Last-Modified: Fri, 06 Mar 2020 00:23:30 GMT
Server: cloudflare
ETag: W/"e94-5a024a9bd7f56"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pSHoR%2BijZHYoIBurIhOetgzIVPKKBWb5D52rLzAlIQKQePjVDU8iT2ecT0ZUK2cfAs4tITELZKwXB5bGtDx7MsWvIc6SQymm1aR%2FVuucudUjINYIOc0h%2Fz2l"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 5ee439e2597605d8-FRA

GET
H2 200 css
fonts.googleapis.com/ 767 B
475 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Nov 2020 03:13:21 GMT
server: ESF
date: Sat, 07 Nov 2020 04:14:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Nov 2020 04:14:12 GMT

GET
H/1.1 200
OK back.png
motefiles.com/common/ 4 KB
5 KB 222ms
208ms Image
image/png 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motefiles.com/common/back.png
Requested by: Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c10b464a02589dd3755b4992a91e6a7a47d1bae064e0f53f100ca38cf6d82a4

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
CF-Cache-Status: REVALIDATED
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 4342
cf-request-id: 064282817c000016e661b97000000001
Last-Modified: Fri, 06 Mar 2020 00:23:29 GMT
Server: cloudflare
ETag: "10f6-5a024a9aabab5"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NHKJ15rl7xZTry2dkLqVMqNZelh1xzOzTKyvuiW8BdZ2IvZ8plc2ue8bTTT8MT85WApXpSSI%2B6iaG4oGUTY1MfZCUJCX0L4QGsKK%2FQHXm1TQsxM7rqFJLULv"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 5ee439e26be216e6-FRA

GET
H/1.1 200
OK search.gif
motefiles.com/common/ 11 KB
12 KB 223ms
209ms Image
image/gif 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motefiles.com/common/search.gif
Requested by: Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d63eff8a8983a8ce578f4dd2610ec07c4a6aa7ccab3edba5aba5bb4ff441cd

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
CF-Cache-Status: REVALIDATED
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 11075
cf-request-id: 064282817c0000d6c100313000000001
Last-Modified: Fri, 06 Mar 2020 00:23:26 GMT
Server: cloudflare
ETag: "2b43-5a024a97ea999"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HG%2BHGvO3n4ZW2w%2FayJYb8KH6RWW905Jt4zmTxpJ2exBNcaYj3xF6o28XHhmCSYgsdGAGRfWYoSXDApNUtGK42fXQCJ6p9nsteNXgtBI8UZYC0la1rmNDaoQ6"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 5ee439e25d90d6c1-FRA

GET
H/1.1 200
OK spinner.gif
motefiles.com/assets/images/ 664 B
2 KB 223ms
209ms Image
image/gif 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motefiles.com/assets/images/spinner.gif
Requested by: Host: motefiles.com
URL: https://motefiles.com/script_include.php?id=702432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a31c6c106edae3d89a940cb914b821edea7ae2d4d1000ba513f4c8a3e1be21d

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
CF-Cache-Status: REVALIDATED
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 664
cf-request-id: 064282817d0000c2ae5d30a000000001
Last-Modified: Fri, 06 Mar 2020 00:23:22 GMT
Server: cloudflare
ETag: "298-5a024a945271f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xLdruugPLG4%2BmTC1o7JZvV6BlN9gfhQoOEMjqVEqy7QRSokBc4r%2FFxcGNAp6%2B8KWq%2B8gmmBI0vL8ZiZ00zBFxIbJrOg%2FeyIHF%2BXODSb7CMi7edHSg0f2%2B1xI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 5ee439e26d22c2ae-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 20:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28448
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Nov 2021 20:20:05 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clashroyal111111.blogspot.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 60816
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:20:37 GMT

GET
H2 200 mspin_black_large.svg
www.blogblog.com/indie/ 6 KB
1012 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogblog.com/indie/mspin_black_large.svg

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 01:10:58 GMT
server: sffe
age: 392590
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 870
x-xss-protection: 0
expires: Mon, 09 Nov 2020 15:11:03 GMT

GET
H2 200 zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35
lh3.googleusercontent.com/ 2 KB
2 KB 26ms
6ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 02:51:38 GMT
x-content-type-options: nosniff
age: 4955
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1766
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 07 Nov 2020 14:51:38 GMT

GET
H3-Q050 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.19/ 198 KB
51 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.19/jquery-ui.min.js

Requested by

Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82476fa2d1bb366936df648fc59ffcad435d90adbde4c5b5d8c8b9b01a91f29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 01:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269830
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51929
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Nov 2021 01:17:03 GMT

GET
H/1.1 200
OK jquery.tipsy.js Show response
motefiles.com/common/js/ 10 KB
3 KB 207ms
207ms Script
application/javascript 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://motefiles.com/common/js/jquery.tipsy.js
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20b6d7bb3534f8f6fde7683fca8bb047c534f436d30ccba816cbadf6f8fe54a

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Content-Encoding: br
CF-Cache-Status: REVALIDATED
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 06428282c8000005d8eb30f000000001
Last-Modified: Fri, 06 Mar 2020 00:23:31 GMT
Server: cloudflare
ETag: W/"268d-5a024a9c785b6"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c833FgLT%2B959P7OTNrIzN%2F%2BtyExOE9ybOjE47Ar198uImLhA6cYWmgVQiPiFfEu6DWqUdWsaGcvEjea0yY7X2xozGqqeuO%2F5sjrcvy4mQUDc4xu3KsKx2UfI"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 5ee439e47c5305d8-FRA

GET
H/1.1 200
OK scriptjs.php Show response
motefiles.com/common/ 9 KB
5 KB 212ms
211ms Script
text/javascript 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://motefiles.com/common/scriptjs.php?l=clh1gdv31y&s=rp4wv5s
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254a7b21d31e8873f99fcce5b889b77b7a32fb78e86577381e35843fa5010c7b

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2jAH8YnbJ2NUH%2B8g3C8Tk1aNMKO6FgoqIL3az1RVRps%2BkBM%2FRHAjUqQ3neOdf5E2Lj%2FVVPuQ9ZozDE7bss30VIMqQLaB0%2BnSVJm7o%2FRJUJfDn%2Br2x37kiCIN"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 5ee439e5ce3205d8-FRA
cf-request-id: 064282839e000005d803210000000001

GET
H2 200 xm-16-1.jpg
motifiles.com/assets/cl/ 21 KB
21 KB 235ms
207ms Image
image/jpeg 2606:4700:20::ac43:46e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motifiles.com/assets/cl/xm-16-1.jpg
Requested by: Host: clashroyal111111.blogspot.com
URL: http://clashroyal111111.blogspot.com/2017/08/about-game-faq-forum-shop-support.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:46e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7382543c4ccdf146f870156bf717b4eec49d93786cd1fa88d8ab3794bdbcaa

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:14:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 21201
cf-request-id: 064282848f000032582608d000000001
last-modified: Fri, 06 Mar 2020 00:23:17 GMT
server: cloudflare
etag: "52d1-5a024a8f71310"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BB%2FYAvHrPUyGm3BUfaZ%2BKCC3tVge2mbnliYlM8FTjcjXnrq%2F48CWdt2ACehscTF5dwGzXDc9%2FklwqCPDq5QjMEU%2FrDHoZFO48l7Jc5hOQ73sB1pqFUb8Zug2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=345600
accept-ranges: bytes
cf-ray: 5ee439e74e763258-FRA
cf-bgj: h2pri

GET
H/1.1 200
OK loading.gif
motefiles.com/common/boxes/plain/images/ 9 KB
10 KB 208ms
208ms Image
image/gif 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motefiles.com/common/boxes/plain/images/loading.gif
Requested by: Host: motefiles.com
URL: https://motefiles.com/common/boxes/plain/scriptcss.php?l=clh1gdv31y&s=rp4wv5s
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68da1f260e79b15d2d5ca9aee0b05e2243ee47cca9d732b3625f4bbb1b77b8bf

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
CF-Cache-Status: REVALIDATED
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 9427
cf-request-id: 0642828474000005d8e99f6000000001
Last-Modified: Fri, 06 Mar 2020 00:23:27 GMT
Server: cloudflare
ETag: "24d3-5a024a98dad4d"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=moMzr782ZBkLdC7o0sr0WdB60Jq6ZSYjsKEG257kQ%2BCbMs%2BLgZnFSfIViqHP335HfGMWJOMOOyr0qJg%2FzHqHEKOO00MmZx8aOopcTKXdTOImvmrUHY97t%2Fgj"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 5ee439e72ff605d8-FRA

GET
H/1.1 200
OK controls.png
motefiles.com/common/boxes/plain/images/ 2 KB
3 KB 211ms
211ms Image
image/png 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://motefiles.com/common/boxes/plain/images/controls.png
Requested by: Host: motefiles.com
URL: https://motefiles.com/common/boxes/plain/scriptcss.php?l=clh1gdv31y&s=rp4wv5s
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a74f8231760b80cd51dedb5c168f9be3d305d8930835add80566e788b6300892

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 04:14:13 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1633
cf-request-id: 06428284750000d6c14e09b000000001
Last-Modified: Fri, 06 Mar 2020 00:23:27 GMT
Server: cloudflare
ETag: "661-5a024a98cc2ed"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aVpvPaLqRLwAIFmx4GuF9JHCRX%2BOpV1QxpCCjp65AxGys%2FaSIL%2FGLXSadwdrT2HUD%2B6w8l2CU9pQedUS60KI0tXlC1%2F4M5e8wsFDX9%2BA%2BqNpaQd7H%2BY3v4uq"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 5ee439e729f3d6c1-FRA

GET
H3-Q050 200 368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3613744382-widgets.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 21:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 31 Oct 2020 20:13:49 GMT
server: sffe
age: 544153
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6541
x-xss-protection: 0
expires: Sun, 31 Oct 2021 21:05:00 GMT

GET
H3-Q050 200 584122164-lbx__fr.js Show response
www.blogger.com/static/v1/jsbin/ 375 KB
121 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/584122164-lbx__fr.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3613744382-widgets.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99dae306779361865b5ae6b833c5fc746a3c9655993fca10522862af60d5b7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 05:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 05:19:43 GMT
server: sffe
age: 254036
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123794
x-xss-protection: 0
expires: Thu, 04 Nov 2021 05:40:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffdaq.com
URL: http://traffdaq.com/delivery/dl/47382?category=women_dating

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kaHfI3nqUQI
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=qX6CHCnxxM6aia9Z7lD6mTSjwunOmH3yELooDBFeZSU
.youtube.com/	1970-01-19 18:04:34	Name: VISITOR_INFO1_LIVE Value: eByAb4O8hfk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
a.realsrv.com
accounts.google.com
ajax.googleapis.com
c.securepaths.com
cdn.jsdelivr.net
clashroyal111111.blogspot.com
clashroyal111111.blogspot.nl
clashroyale.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
motefiles.com
motifiles.com
resources.blogblog.com
speedflow.io
syndication.realsrv.com
traffdaq.com
www.blogblog.com
www.blogger.com
www.gstatic.com
www.youtube.com
traffdaq.com
107.170.39.103
13.226.132.119
198.54.116.135
2001:4de0:ac19::1:b:1a
2606:4700:20::681a:6ad
2606:4700:20::ac43:46e6
2a00:1450:4001:802::2009
2a00:1450:4001:802::200d
2a00:1450:4001:806::2001
2a00:1450:4001:814::2001
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:816::200a
2a00:1450:4001:818::2003
2a00:1450:4001:819::2009
2a00:1450:4001:81b::2001
2a00:1450:4001:81f::200a
2a00:1450:4001:820::200e
2a00:1450:4001:824::200a
2a04:4e42:1b::621
35.190.72.161
95.211.229.245
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f
0a31c6c106edae3d89a940cb914b821edea7ae2d4d1000ba513f4c8a3e1be21d
123483f95249a6e75bf3256dfe250dbb862cdafa468712a51552556bd597c403
14dd9acfb1caf53ae07c6ab99239049a8275bf6c996b623d88c4d55b2152e664
15e930305ecce8a8f86ebfc3f4169e254f93bca0b3998a9f96ab92b881675739
185b33f4111c29f9658558cfcad210bdf2218d88e717c4c03beb5a65bab80e6d
1e1ce8e8b06d0d2ca42162b098f6877ee3d026fa45c0a43bb1bf8c56cbefda4e
1e2c209346d02318a063c7ea2513498881c35f1525114c9b969b573384f54baf
2068725f2347705767b15d618473fdfd74ffbabd32e067bfe9d20385143559ed
2447d26d991f435f1398555a182d74ae84121e209eee1fcb10b40f992ccc5916
254a7b21d31e8873f99fcce5b889b77b7a32fb78e86577381e35843fa5010c7b
29056049fece0e4b4808d0e6bf08c7702fbdd8a75d721c7f937ec3bdd794f4b9
2cee8c2c35f46d267d35865d25e711b1e360e1c63f5ed69d27e4654ac66a0061
39e2805f5a182d7df066a3395e14ac270eaf6422f2eb3d22c4de260614af400f
3e994650d892945e439a38710012a4d9a1a7cb810c14720ac61d9fe192d77274
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4c0ddd5f84226a630de4cfacb523cc1a0821f50434466a8898d0ef6aecad3dd4
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
5990fe4dafe5e300e03c2e08f58d4f8fbfaa62d6b92c5476612a9c87544a4e71
61c24804013cccbcaffafb79767105878a7b9bc59c653cc0e9d608223890c1fd
68da1f260e79b15d2d5ca9aee0b05e2243ee47cca9d732b3625f4bbb1b77b8bf
6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13
6f3d0bc37911005c53f9ce1bf6b46d09d845c0be514b707c1bb9b82970a3e8eb
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
76d63eff8a8983a8ce578f4dd2610ec07c4a6aa7ccab3edba5aba5bb4ff441cd
7cf98412c7358e7e401d7e6df0c5b2eb2e3eb31f1f636bbd23328f5c38d06045
82476fa2d1bb366936df648fc59ffcad435d90adbde4c5b5d8c8b9b01a91f29b
99dae306779361865b5ae6b833c5fc746a3c9655993fca10522862af60d5b7e4
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c10b464a02589dd3755b4992a91e6a7a47d1bae064e0f53f100ca38cf6d82a4
9c4de4d65138169731796d6b4bb49069fd296949a5ace1ad8601ddb7e5ae88f3
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
a74f8231760b80cd51dedb5c168f9be3d305d8930835add80566e788b6300892
ab7382543c4ccdf146f870156bf717b4eec49d93786cd1fa88d8ab3794bdbcaa
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
be4d7c12f9e05aff0d4b1050019d8d08ac408a5b42d92b218f7385458b80398f
c388bf94cf09c576df3bd845d20512b6db5628ee8e478cd26dcf38ad4639ae1c
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dc3e0ec3c8dd5631b5f8e2617b764f88bd326779a873e1b7a40575533f30e150
e20b6d7bb3534f8f6fde7683fca8bb047c534f436d30ccba816cbadf6f8fe54a
f926684fd770877ff27f536756a94061022d54e214aad1547e94ecd6e1651f00
fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333

clashroyal111111.blogspot.com Open in urlscan Pro 2a00:1450:4001:814::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

82 %HTTPS

77 %IPv6

17 Domains

22 Subdomains

21 IPs

4 Countries

1881 kBTransfer

2786 kBSize

3 Cookies

52 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clashroyal111111.blogspot.com Open in urlscan Pro
2a00:1450:4001:814::2001 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

82 %
HTTPS

77 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

1881 kB
Transfer

2786 kB
Size

3
Cookies

56 HTTP transactions
0 data transactions