darartesphb.blogspot.com Open in urlscan Pro
2a00:1450:4001:82a::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Submission: On April 13 via manual (April 13th 2022, 6:25:22 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 19 domains to perform 42 HTTP transactions. The main IP is 2a00:1450:4001:82a::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is darartesphb.blogspot.com.

This is the only time darartesphb.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:828::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3 3	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
3	108.168.193.189 108.168.193.189	36351 (SOFTLAYER) (SOFTLAYER)
1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
2	209.99.64.52 209.99.64.52	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.72.25 192.0.72.25	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.248.148.254 13.248.148.254	16509 (AMAZON-02) (AMAZON-02)
2	188.42.208.43 188.42.208.43	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:801::200d	15169 (GOOGLE) (GOOGLE)
2	165.232.142.149 165.232.142.149	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
42	19

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

darartesphb.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googledrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.192.101.24 (Dallas, United States) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p208572.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com

mybetterck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.152.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

thespringmount6pack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.99.64.52 (United States)

ASN40034 (CONFLUENCE-NETWORK-INC, VG)
PTR: 209-99-64-52.fwd.datafoundry.com

www.djteddybear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

aubin330rta.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com

www.v-aline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.208.43 (Luxembourg)

ASN7979 (SERVERS-COM, US)

promo.propellerads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.232.142.149 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

p208572.intrev.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	blogger.com 1 redirects www.blogger.com — Cisco Umbrella Rank: 9202	257 KB
4	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 102 accounts.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 4	87 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 624 syndication.twitter.com — Cisco Umbrella Rank: 891	133 KB
3	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 69 themes.googleusercontent.com — Cisco Umbrella Rank: 9520	51 KB
3	mybetterck.com mybetterck.com — Cisco Umbrella Rank: 41245
3	clksite.com 3 redirects p208572.clksite.com	702 B
3	blogspot.com darartesphb.blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 11550	22 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16128 s4.histats.com — Cisco Umbrella Rank: 13577	5 KB
2	intrev.co p208572.intrev.co	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	83 KB
2	propellerads.com promo.propellerads.com — Cisco Umbrella Rank: 625177	105 KB
2	ggpht.com lh4.ggpht.com — Cisco Umbrella Rank: 10652	2 MB
2	djteddybear.com www.djteddybear.com
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 13731	274 B
1	v-aline.com www.v-aline.com	20 B
1	wordpress.com aubin330rta.files.wordpress.com	19 KB
1	thespringmount6pack.com thespringmount6pack.com
1	googledrive.com googledrive.com — Cisco Umbrella Rank: 56045
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282	30 KB
42	19

	Domain	Requested by
10	www.blogger.com	1 redirects darartesphb.blogspot.com www.blogger.com
3	mybetterck.com	darartesphb.blogspot.com
3	p208572.clksite.com	3 redirects
2	platform.twitter.com	darartesphb.blogspot.com platform.twitter.com
2	p208572.intrev.co	darartesphb.blogspot.com p208572.intrev.co
2	themes.googleusercontent.com	darartesphb.blogspot.com
2	connect.facebook.net	darartesphb.blogspot.com connect.facebook.net
2	apis.google.com	darartesphb.blogspot.com apis.google.com
2	promo.propellerads.com	darartesphb.blogspot.com
2	lh4.ggpht.com	darartesphb.blogspot.com
2	www.djteddybear.com	darartesphb.blogspot.com
2	darartesphb.blogspot.com	darartesphb.blogspot.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.com	www.blogger.com
1	resources.blogblog.com	www.blogger.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	darartesphb.blogspot.com
1	accounts.google.com	1 redirects
1	lh3.googleusercontent.com	darartesphb.blogspot.com
1	2.bp.blogspot.com	darartesphb.blogspot.com
1	www.v-aline.com	darartesphb.blogspot.com
1	aubin330rta.files.wordpress.com	darartesphb.blogspot.com
1	thespringmount6pack.com	darartesphb.blogspot.com
1	googledrive.com	darartesphb.blogspot.com
1	ajax.googleapis.com	darartesphb.blogspot.com
42	25

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
propellerads.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2023-01-28`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Frame ID: 6EDF62FEBFBF7D15C3B9F18813775025
Requests: 34 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1
Frame ID: 0AEC2FDCA360EDC5BAB9C7FF71586092
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=http%3A%2F%2Fdarartesphb.blogspot.com
Frame ID: 0AD7DE05F119E6DE2AD074A09D1AA639
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Foxwoods Casino Map - DARARTESPHB

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

55 %
HTTPS

48 %
IPv6

19
Domains

25
Subdomains

19
IPs

5
Countries

2783 kB
Transfer

3585 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038

Search URL Search Domain Scan URL

URL: http://propellerads.com/?rfd=LVV

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://p208572.clksite.com/adServe/banners?tid=208572_388053_0 HTTP 301
https://mybetterck.com/adServe/banners?tid=208572_388053_0

Request Chain 16

http://p208572.clksite.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60 HTTP 301
https://mybetterck.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60

Request Chain 21

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 27

https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038 HTTP 302
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3269022583618085600%26postID%3D179810118956783115%26blogspotRpcToken%3D2029038%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3269022583618085600%26postID%3D179810118956783115%26blogspotRpcToken%3D2029038%26bpli%3D1&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

Request Chain 28

http://p208572.clksite.com/adServe/banners?tid=208572_388053_0 HTTP 301
https://mybetterck.com/adServe/banners?tid=208572_388053_0

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request foxwoods-casino-map.html Show response
darartesphb.blogspot.com/2013/06/ 41 KB
12 KB 412ms
343ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e773152b5a088641bfa7d19d693f3cf6f00b4db89cc3a92589b9b7ebcc949b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 12150
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Apr 2022 18:25:15 GMT
ETag: W/"0554f5250e55b90d152f8aeba4a38a8eacd358edbd5a0ce5ee9e17ae66e21b08"
Expires: Wed, 13 Apr 2022 18:25:15 GMT
Last-Modified: Thu, 07 Apr 2022 19:11:20 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
30 KB 85ms
9ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 02:17:00 GMT
x-content-type-options: nosniff
age: 230895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30597
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 12:50:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 11 Apr 2023 02:17:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
30 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 11:57:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 23248
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29440
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 13 Apr 2023 11:57:47 GMT

GET
H2 404 0B8EMU-4w6NXSWFhCX0U2b0d3cDg
googledrive.com/host/ 0
0 53ms
7ms Script
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://googledrive.com/host/0B8EMU-4w6NXSWFhCX0U2b0d3cDg
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2

403

banners
mybetterck.com/adServe/
Redirect Chain

http://p208572.clksite.com/adServe/banners?tid=208572_388053_0
https://mybetterck.com/adServe/banners?tid=208572_388053_0

0
0

593ms
312ms

Script
text/html

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterck.com/adServe/banners?tid=208572_388053_0
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: H2
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://mybetterck.com/adServe/banners?tid=208572_388053_0
Date: Wed, 13 Apr 2022 18:25:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 404
Not Found Foxwoods-resort-casino-map.png
thespringmount6pack.com/wp-content/uploads/2014/09/ 0
0 220ms
38ms Image
text/html 3.33.152.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thespringmount6pack.com/wp-content/uploads/2014/09/Foxwoods-resort-casino-map.png
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 3.33.152.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK foxwoods_property_map.JPG
www.djteddybear.com/images/ 0
0 1658ms
208ms Image
text/html 209.99.64.52
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.djteddybear.com/images/foxwoods_property_map.JPG
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 209.99.64.52 , United States, ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS: 209-99-64-52.fwd.datafoundry.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 200
OK mohegan_sun_property_map.JPG
www.djteddybear.com/images/ 0
0 2049ms
600ms Image
text/html 209.99.64.52
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.djteddybear.com/images/mohegan_sun_property_map.JPG
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 209.99.64.52 , United States, ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS: 209-99-64-52.fwd.datafoundry.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 XWGMIkYm8UoqSnUVFf1tpU9PCTASTZ4wO_AH5ziFEoBF1Wz6vmTP8ZECGb2eHsFkIkk=h900
lh4.ggpht.com/ 824 KB
825 KB 674ms
636ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.ggpht.com/XWGMIkYm8UoqSnUVFf1tpU9PCTASTZ4wO_AH5ziFEoBF1Wz6vmTP8ZECGb2eHsFkIkk=h900

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3791ffaf4a92d76871c8ed8c7a81f90efea430d0f32ab07bfd47778ee54fe10f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:25:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 843830
x-xss-protection: 0
expires: Thu, 14 Apr 2022 18:25:16 GMT

GET
H2 200 foxwoods-map-e1400201253829.jpg
aubin330rta.files.wordpress.com/2014/05/ 19 KB
19 KB 284ms
222ms Image
image/webp 192.0.72.25
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aubin330rta.files.wordpress.com/2014/05/foxwoods-map-e1400201253829.jpg?w=355&h=277

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

baca703d64cedc8a7cc786520977543ae0037d749148ec8c12a232aca86fbd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: MISS hhn 25 np
date: Wed, 13 Apr 2022 18:25:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 May 2014 00:47:33 GMT
server: nginx
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://aubin330rta.wordpress.com
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 19056
access-control-allow-credentials: true
expires: Mon, 16 May 2022 16:28:57 GMT

GET
H/1.1 400
Bad Request foxwoods-resort-casino-map-6.jpeg
www.v-aline.com/thumbnail/f/ 20 B
20 B 841ms
144ms Image
text/html 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.v-aline.com/thumbnail/f/foxwoods-resort-casino-map-6.jpeg
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:16 GMT
X-Blocked: 11015.10
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 157798655-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
17 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/157798655-comment_from_post_iframe.js

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6b5c894d489613c09398c20e556e0dce8fedb036fb2760c0c6466423ef2f933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:59:18 GMT
x-content-type-options: nosniff
age: 577557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17303
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 01:02:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 07 Apr 2023 01:59:18 GMT

GET
H/1.1 200
OK 468x60-popads_1.gif
promo.propellerads.com/ 42 KB
43 KB 1350ms
21ms Image
image/gif 188.42.208.43
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://promo.propellerads.com/468x60-popads_1.gif
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 188.42.208.43 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 4654f729fd226a6cd6bd9d35fb82e3fa3a9c0effdea9970be63764f0ab0ea63f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:16 GMT
X-Openstack-Request-Id: txebe8b67a417c435e99ccc-006257158d
Last-Modified: Mon, 12 Oct 2015 11:18:29 GMT
Server: nginx
Etag: "11d747a83a25a25268fd11491ab17f17"
Content-Type: image/gif
X-Timestamp: 1444648708.83262
X-Object-Meta-Mtime: 1444648600.437900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43103
X-Trans-Id: txebe8b67a417c435e99ccc-006257158d

GET
H2 200 XWGMIkYm8UoqSnUVFf1tpU9PCTASTZ4wO_AH5ziFEoBF1Wz6vmTP8ZECGb2eHsFkIkk=s72-c-h900
lh4.ggpht.com/ 1 MB
1 MB 617ms
580ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.ggpht.com/XWGMIkYm8UoqSnUVFf1tpU9PCTASTZ4wO_AH5ziFEoBF1Wz6vmTP8ZECGb2eHsFkIkk=s72-c-h900

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ebc2d5085d0bb5037949cffa2a902df11b59ff9704b3b5a4be0f16469d8d0b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:25:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1189633
x-xss-protection: 0
expires: Thu, 14 Apr 2022 18:25:16 GMT

GET
H/1.1 200
OK Playitas+world+map.bmp
2.bp.blogspot.com/-uNHoZQ4UkIs/UUmlpy_UEgI/AAAAAAAAAco/e2n-gi3JjL4/s72-c/ 3 KB
3 KB 180ms
162ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-uNHoZQ4UkIs/UUmlpy_UEgI/AAAAAAAAAco/e2n-gi3JjL4/s72-c/Playitas+world+map.bmp

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c4159109449e2c4cb8716cf3043e1910fa8188d6bc0e86ab017c53cc1a9f9b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:15 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v1cb"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Playitas world map.jpg"
Timing-Allow-Origin: *
Content-Length: 2724
X-XSS-Protection: 0
Expires: Thu, 14 Apr 2022 18:25:15 GMT

GET
H2 200 ABLy4EyfXJYR-ZF3MXMwWHAE1N3CLO9akzF3lcZ5iaw3xNdWbt2kr8l_wHEyePph5R2ruo8kSkJcifzRTXRfJ3Dog6H8p934CiUZEYsNaDO14cTJKA
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
3 KB 46ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EyfXJYR-ZF3MXMwWHAE1N3CLO9akzF3lcZ5iaw3xNdWbt2kr8l_wHEyePph5R2ruo8kSkJcifzRTXRfJ3Dog6H8p934CiUZEYsNaDO14cTJKA

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db127d9f12f9d058ac16028bc230fe6cc84777e67c5dd37c2e2128d03adf4dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:25:15 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2203
x-xss-protection: 0
expires: Thu, 14 Apr 2022 18:25:15 GMT

GET
H/1.1 200
OK 160x600-popads_1.gif
promo.propellerads.com/ 62 KB
62 KB 1136ms
27ms Image
image/gif 188.42.208.43
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://promo.propellerads.com/160x600-popads_1.gif
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 188.42.208.43 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 01dd9697f490039c3998ae94402c2b6d927a772289faff025d9ffecfe3ec9174

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:16 GMT
X-Openstack-Request-Id: tx4bf1ca69abb041069ee24-006257158d
Last-Modified: Mon, 12 Oct 2015 11:18:29 GMT
Server: nginx
Etag: "6772f963b98fe40edf834224592d5add"
Content-Type: image/gif
X-Timestamp: 1444648708.69372
X-Object-Meta-Mtime: 1444648600.074898
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63345
X-Trans-Id: tx4bf1ca69abb041069ee24-006257158d

GET
H2

403

banners
mybetterck.com/adServe/
Redirect Chain

http://p208572.clksite.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60
https://mybetterck.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60

0
0

498ms
313ms

Script
text/html

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterck.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: H2
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://mybetterck.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60
Date: Wed, 13 Apr 2022 18:25:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK cookienotice.js Show response
darartesphb.blogspot.com/js/ 6 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://darartesphb.blogspot.com/js/cookienotice.js

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 21:41:19 GMT
X-Content-Type-Options: nosniff
Age: 506636
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 6513
X-XSS-Protection: 0
Last-Modified: Thu, 07 Apr 2022 20:10:02 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Thu, 14 Apr 2022 21:41:19 GMT

GET
H2 200 1699748815-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
155 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1699748815-widgets.js

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72bf5888f5929c5c158dd551cc83d19ba4d77fd678e96999aeff7c7d5ccb69f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 01:54:09 GMT
x-content-type-options: nosniff
age: 232266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158939
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:50:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 11 Apr 2023 01:54:09 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 53 KB
21 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

346eb51a85654fe57845fd7e63e39451f6ab3e0f739667656b879a0e72fbc84c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20541
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 13 Apr 2022 18:25:15 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "f67b6ccd9d7c6616"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Apr 2022 18:25:15 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 105ms
102ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3269022583618085600&zx=78e34b4d-edab-462e-a6d2-bb21004fcb81

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 18:25:15 GMT
server: GSE
date: Wed, 13 Apr 2022 18:25:15 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

34ms
7ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18389538138f3725f1bc6579fe86402379c11f79ebb5c432008a2b6238b15355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UU2Rx0ONP5tx8vHJ7xaY1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 13 Apr 2022 18:29:23 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: c/w0FcuoKSUNq2fWjK6XdFNmatF71tvppclbwvFhtplVOBtaRAZRXiJDZH+XqSZpoFrJBwnllnkZKimji64zGg==
x-fb-trip-id: 686109401
x-fb-content-md5: 95a2ec2267e8a4d8a4ce5f1090879549
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 13 Apr 2022 18:25:16 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "70ff41477b769b822c0139fa5aae9179"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
themes.googleusercontent.com/static/fonts/opensans/v8/ 20 KB
21 KB 30ms
13ms Font
font/woff 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://themes.googleusercontent.com/static/fonts/opensans/v8/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://darartesphb.blogspot.com/
Origin: http://darartesphb.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 12 Apr 2022 17:31:11 GMT
X-Content-Type-Options: nosniff
Age: 89644
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20544
X-XSS-Protection: 0
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Wed, 12 Apr 2023 17:31:11 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 102ms
101ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3269022583618085600&zx=78e34b4d-edab-462e-a6d2-bb21004fcb81

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 18:25:15 GMT
server: GSE
date: Wed, 13 Apr 2022 18:25:15 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 149 KB
51 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 09:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52401
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 09:18:22 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 284 KB
81 KB 49ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=09b3761e43ae65aed2f7e9903029b4db

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7496ed29038b3a406f87447c49b266fcb236ae599c1d89968d6edcd803b4710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://darartesphb.blogspot.com/
Origin: http://darartesphb.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rgwlyOv7OaGi4Qi3jI/CNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82858
x-fb-rlafr: 0
x-fb-debug: 7cUv4ZHjZ0Ic8cj2IGwzsZ008ji1QbQB+9aycgyKBETU+eLKGvriKZYgqQQyLz2plvA1g5VUA4oJl13G20TwcA==
x-fb-content-md5: 4f63be31f7a93ac8300f2525421f9e22
x-frame-options: DENY
date: Wed, 13 Apr 2022 18:25:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a190c787a04c83aec921455360acee80"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 13 Apr 2023 17:14:18 GMT

GET
H/1.1 200
OK -_Ctzj9b56b8RgXW8FAriRsxEYwM7FgeyaSgU71cLG0.woff
themes.googleusercontent.com/static/fonts/raleway/v7/ 27 KB
28 KB 10ms
9ms Font
font/woff 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://themes.googleusercontent.com/static/fonts/raleway/v7/-_Ctzj9b56b8RgXW8FAriRsxEYwM7FgeyaSgU71cLG0.woff

Requested by

Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d3b364407c9f47417781793b9e1fce236338cc3c9bc1b09c3f7db4c215a993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://darartesphb.blogspot.com/
Origin: http://darartesphb.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 12 Apr 2022 00:00:24 GMT
X-Content-Type-Options: nosniff
Age: 152692
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 27552
X-XSS-Protection: 0
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Wed, 12 Apr 2023 00:00:24 GMT

GET
H3

200

comment-iframe.g Show response
www.blogger.com/ Frame 0AEC
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038
https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3269022583618085600%26postID%3D179810118956783115%26blogspotRpcToken%3D2029038%26bpl...
https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

5 KB
2 KB

471ms
470ms

Document
text/html

2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/157798655-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dc7d47b51e8aa1874ea6c5e0afaa459d05f31aa1fe954eb98832fe63ed86011

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1753
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 18:25:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 256
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce-EUF7bSklNpDDfX1COCuIpg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
date: Wed, 13 Apr 2022 18:25:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1
pragma: no-cache
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server: GSE
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2

403

banners
mybetterck.com/adServe/
Redirect Chain

http://p208572.clksite.com/adServe/banners?tid=208572_388053_0
https://mybetterck.com/adServe/banners?tid=208572_388053_0

0
0

135ms
134ms

Script
text/html

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://mybetterck.com/adServe/banners?tid=208572_388053_0
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: H2
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Location: https://mybetterck.com/adServe/banners?tid=208572_388053_0
Date: Wed, 13 Apr 2022 18:25:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK absd.js Show response
p208572.intrev.co/ 4 KB
5 KB 353ms
161ms Script
application/javascript 165.232.142.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://p208572.intrev.co/absd.js
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 165.232.142.149 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 9724f97d9e80761502d6be675a8c8459ab66efd044066198142746be8a56e4f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:17 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"115b-uw0DHDPgDcyn1NAZZQel5MD86rk"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 4443

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 63ms
9ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:17:24 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 42472
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: C11B0E24:B28E_2E69C9F0:0050_6257158C_F112:2B575
content-length: 4547
x-request-id: 339411130

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 158ms
39ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: darartesphb.blogspot.com
URL: http://darartesphb.blogspot.com/2013/06/foxwoods-casino-map.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE5) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:16 GMT
Content-Encoding: gzip
Age: 787
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:38:34 GMT
Server: ECS (mil/6CE5)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 349ms
93ms Script
text/html 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3793343&@f16&@g1&@h1&@i1&@j1649874316814&@k0&@l1&@mFoxwoods%20Casino%20Map%20-%20DARARTESPHB&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-184564987&@b3:1649874317&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fdarartesphb.blogspot.com%2F2013%2F06%2Ffoxwoods-casino-map.html&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: ec41615c5280c96b8f88feed9e5ce9023016b8550ccbba8eac8e84151cb9d5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://darartesphb.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 18:25:17 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame 0AD7 319 KB
104 KB 39ms
39ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=http%3A%2F%2Fdarartesphb.blogspot.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: http://darartesphb.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 12789
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Apr 2022 18:25:17 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 13 Apr 2022 12:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF8)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H/1.1 200
OK gstats Show response
p208572.intrev.co/f/ 0
287 B 330ms
167ms XHR
application/javascript 165.232.142.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://p208572.intrev.co/f/gstats
Requested by: Host: p208572.intrev.co
URL: http://p208572.intrev.co/absd.js
Protocol: HTTP/1.1
Server: 165.232.142.149 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://darartesphb.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 13 Apr 2022 18:25:17 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache
Connection: keep-alive

GET
H3 200 2621646369-cmtfp.css
www.blogger.com/static/v1/v-css/ Frame 0AEC 13 KB
4 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3701
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 13:51:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 11 Apr 2023 15:43:22 GMT

GET
H3 200 507242078-cmt.js Show response
www.blogger.com/static/v1/jsbin/ Frame 0AEC 105 KB
36 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/507242078-cmt.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e1b584f606d16d15c02c3937205f0516025aa65df0ae817ea1f0383f3ab553d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37323
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 01:02:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 07 Apr 2023 01:51:37 GMT

GET
H2 200 blank.gif
resources.blogblog.com/img/ Frame 0AEC 43 B
274 B 51ms
8ms Image
image/gif 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/blank.gif

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 08:25:30 GMT
x-content-type-options: nosniff
age: 295187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 01:52:22 GMT
server: sffe
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 17 Apr 2022 08:25:30 GMT

GET
H2 200 yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js Show response
www.google.com/js/bg/ Frame 0AEC 35 KB
14 KB 170ms
8ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 18:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 18:28:19 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0AD7 243 B
455 B 208ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=239f7f948d15231e954d0def8fd1bb59614f16b0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=http%3A%2F%2Fdarartesphb.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

16681d2db4a981cc18f92c35241cf94cf76fa588f3e6c64126fbdc927c776fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 13 Apr 2022 18:25:17 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 18:25:17 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 480bb233cf7efec92e60e69ae5aef93a986e52c5e72c7fbc1f39ad66ecceb672
content-length: 174

GET
H3 200 comment-iframe-bg.g Show response
www.blogger.com/ Frame 0AEC 15 KB
11 KB 110ms
109ms XHR
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/507242078-cmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b26e1d74ba0de892016c20d559d9bc313e5ed8c69e9720f3644319b998c8d208

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/comment-iframe.g?blogID=3269022583618085600&postID=179810118956783115&blogspotRpcToken=2029038&bpli=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Wed, 13 Apr 2022 18:25:17 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11404
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstCfa3793343 Value: 1649874316814
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstCla3793343 Value: 1649874316814
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstCmu3793343 Value: 1649874316814
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstPn3793343 Value: 1
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstPt3793343 Value: 1
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstCnv3793343 Value: 1
darartesphb.blogspot.com/	1970-01-20 11:03:30	Name: HstCns3793343 Value: 1
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=vunr-40kDCwNyCeoeRHO8MNu-YvzrtBqIVvCjSW5yeI

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googledrive.com/host/0B8EMU-4w6NXSWFhCX0U2b0d3cDg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://thespringmount6pack.com/wp-content/uploads/2014/09/Foxwoods-resort-casino-map.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://mybetterck.com/adServe/banners?tid=208572_388053_0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mybetterck.com/adServe/banners?tid=208572_406431_1&type=footer&size=468x60 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: http://www.v-aline.com/thumbnail/f/foxwoods-resort-casino-map-6.jpeg Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://mybetterck.com/adServe/banners?tid=208572_388053_0 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
accounts.google.com
ajax.googleapis.com
apis.google.com
aubin330rta.files.wordpress.com
connect.facebook.net
darartesphb.blogspot.com
googledrive.com
lh3.googleusercontent.com
lh4.ggpht.com
mybetterck.com
p208572.clksite.com
p208572.intrev.co
platform.twitter.com
promo.propellerads.com
resources.blogblog.com
s10.histats.com
s4.histats.com
syndication.twitter.com
themes.googleusercontent.com
thespringmount6pack.com
www.blogger.com
www.djteddybear.com
www.google.com
www.v-aline.com
104.244.42.136
108.168.193.189
13.248.148.254
165.232.142.149
173.192.101.24
188.42.208.43
192.0.72.25
198.27.80.143
209.99.64.52
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:800::200a
2a00:1450:4001:801::200d
2a00:1450:4001:802::2001
2a00:1450:4001:810::200e
2a00:1450:4001:828::2009
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2001
2a03:2880:f01c:216:face:b00c:0:3
3.33.152.147
46.105.201.240
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01dd9697f490039c3998ae94402c2b6d927a772289faff025d9ffecfe3ec9174
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0e1b584f606d16d15c02c3937205f0516025aa65df0ae817ea1f0383f3ab553d
16681d2db4a981cc18f92c35241cf94cf76fa588f3e6c64126fbdc927c776fdb
18389538138f3725f1bc6579fe86402379c11f79ebb5c432008a2b6238b15355
19d3b364407c9f47417781793b9e1fce236338cc3c9bc1b09c3f7db4c215a993
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
1dc7d47b51e8aa1874ea6c5e0afaa459d05f31aa1fe954eb98832fe63ed86011
2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
346eb51a85654fe57845fd7e63e39451f6ab3e0f739667656b879a0e72fbc84c
3791ffaf4a92d76871c8ed8c7a81f90efea430d0f32ab07bfd47778ee54fe10f
4654f729fd226a6cd6bd9d35fb82e3fa3a9c0effdea9970be63764f0ab0ea63f
4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471
72bf5888f5929c5c158dd551cc83d19ba4d77fd678e96999aeff7c7d5ccb69f4
9724f97d9e80761502d6be675a8c8459ab66efd044066198142746be8a56e4f4
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26e1d74ba0de892016c20d559d9bc313e5ed8c69e9720f3644319b998c8d208
baca703d64cedc8a7cc786520977543ae0037d749148ec8c12a232aca86fbd3b
c4159109449e2c4cb8716cf3043e1910fa8188d6bc0e86ab017c53cc1a9f9b2a
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
d6b5c894d489613c09398c20e556e0dce8fedb036fb2760c0c6466423ef2f933
db127d9f12f9d058ac16028bc230fe6cc84777e67c5dd37c2e2128d03adf4dbd
df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e773152b5a088641bfa7d19d693f3cf6f00b4db89cc3a92589b9b7ebcc949b44
ebc2d5085d0bb5037949cffa2a902df11b59ff9704b3b5a4be0f16469d8d0b71
ec41615c5280c96b8f88feed9e5ce9023016b8550ccbba8eac8e84151cb9d5a3
f7496ed29038b3a406f87447c49b266fcb236ae599c1d89968d6edcd803b4710

darartesphb.blogspot.com Open in urlscan Pro 2a00:1450:4001:82a::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

55 %HTTPS

48 %IPv6

19 Domains

25 Subdomains

19 IPs

5 Countries

2783 kBTransfer

3585 kBSize

8 Cookies

3 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

darartesphb.blogspot.com Open in urlscan Pro
2a00:1450:4001:82a::2001 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

55 %
HTTPS

48 %
IPv6

19
Domains

25
Subdomains

19
IPs

5
Countries

2783 kB
Transfer

3585 kB
Size

8
Cookies

42 HTTP transactions
0 data transactions