dfyblogs.live Open in urlscan Pro
35.240.1.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dfyblogs.live/
Effective URL:
https://dfyblogs.live/
Submission: On April 28 via api (April 28th 2023, 6:11:05 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 29 domains to perform 130 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is dfyblogs.live.
TLS certificate: Issued by R3 on April 18th 2023. Valid for: 3 months.

This is the only time dfyblogs.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.240.1.10 35.240.1.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
9	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
7	2400:52e0:1e0... 2400:52e0:1e00::1077:1	200325 (BUNNYCDN) (BUNNYCDN)
18	2606:4700:20:... 2606:4700:20::681a:85d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	104.26.5.97 104.26.5.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
3 4	2606:4700:20:... 2606:4700:20::ac43:4549	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 22	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2600:9000:211... 2600:9000:211e:6800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.5.29.177 3.5.29.177	14618 (AMAZON-AES) (AMAZON-AES)
1	3.213.227.16 3.213.227.16	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.241.49.120 34.241.49.120	16509 (AMAZON-02) (AMAZON-02)
4	54.175.250.157 54.175.250.157	14618 (AMAZON-AES) (AMAZON-AES)
2	3.216.191.214 3.216.191.214	14618 (AMAZON-AES) (AMAZON-AES)
1	3.229.139.19 3.229.139.19	14618 (AMAZON-AES) (AMAZON-AES)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	54.185.111.51 54.185.111.51	16509 (AMAZON-02) (AMAZON-02)
4 8	52.50.252.9 52.50.252.9	16509 (AMAZON-02) (AMAZON-02)
4 4	34.204.163.0 34.204.163.0	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 4	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	3.126.64.212 3.126.64.212	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.34 18.66.122.34	16509 (AMAZON-02) (AMAZON-02)
130	33

2 35.240.1.10 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.1.240.35.bc.googleusercontent.com

dfyblogs.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

convertri.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2400:52e0:1e00::1077:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.convertri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:85d (United States)

ASN13335 (CLOUDFLARENET, US)

w2.countingdownto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-sprites.countingdownto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.5.97 (None, )

ASN13335 (CLOUDFLARENET, US)

warriorplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4549 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::681a:832 (United States) 13 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:211e:6800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.5.29.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

provely-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.227.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-227-16.compute-1.amazonaws.com

snowplow.convertri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.49.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-49-120.eu-west-1.compute.amazonaws.com

wurfl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.175.250.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-250-157.compute-1.amazonaws.com

app.provely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.216.191.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-191-214.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.139.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-139-19.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.185.111.51 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-111-51.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.50.252.9 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-252-9.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.204.163.0 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-163-0.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.153 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.64.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-64-212.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-34.fra60.r.cloudfront.net

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	wistia.com fast.wistia.com — Cisco Umbrella Rank: 8041 embed-cloudfront.wistia.com pipedream.wistia.com — Cisco Umbrella Rank: 12083 distillery.wistia.com — Cisco Umbrella Rank: 12621	2 MB
22	clickcertain.com 13 redirects a.clickcertain.com — Cisco Umbrella Rank: 7314	14 KB
18	countingdownto.com w2.countingdownto.com — Cisco Umbrella Rank: 228663 static-sprites.countingdownto.com — Cisco Umbrella Rank: 366280	195 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	260 KB
9	imgix.net convertri.imgix.net — Cisco Umbrella Rank: 173193	28 KB
8	bidr.io 4 redirects match.prod.bidr.io — Cisco Umbrella Rank: 825	2 KB
8	convertri.com cdn.convertri.com — Cisco Umbrella Rank: 168621 snowplow.convertri.com — Cisco Umbrella Rank: 185152	520 KB
7	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 4332 i.vimeocdn.com — Cisco Umbrella Rank: 4534 fresnel.vimeocdn.com — Cisco Umbrella Rank: 4582	262 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
4	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 891	4 KB
4	usbrowserspeed.com 2 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 39558	780 B
4	provely.io app.provely.io — Cisco Umbrella Rank: 243445	3 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	99 KB
4	remarketstats.com 3 redirects a.remarketstats.com — Cisco Umbrella Rank: 44868	2 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	4 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1023 B
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 695	1 KB
3	amazonaws.com provely-public.s3.amazonaws.com — Cisco Umbrella Rank: 432018	157 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	182 KB
2	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 72265	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3425	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 16	563 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2499 vimeo.com — Cisco Umbrella Rank: 2224	10 KB
2	warriorplus.com warriorplus.com — Cisco Umbrella Rank: 253004	45 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	136 KB
2	dfyblogs.live 1 redirects dfyblogs.live	182 KB
1	wurfl.io wurfl.io — Cisco Umbrella Rank: 25332	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com Failed	30 KB
130	29

	Domain	Requested by
22	a.clickcertain.com	13 redirects dfyblogs.live a.remarketstats.com a.clickcertain.com tag.trovo-tag.com
12	fast.wistia.com	dfyblogs.live fast.wistia.com
10	fonts.gstatic.com	dfyblogs.live
9	static-sprites.countingdownto.com	w2.countingdownto.com
9	w2.countingdownto.com	dfyblogs.live
9	convertri.imgix.net	dfyblogs.live
8	match.prod.bidr.io	4 redirects a.clickcertain.com tag.trovo-tag.com
8	embed-cloudfront.wistia.com	fast.wistia.com
7	cdn.convertri.com	dfyblogs.live
4	secure.adnxs.com	4 redirects
4	i.liadm.com	4 redirects
4	a.usbrowserspeed.com	2 redirects tag.trovo-tag.com
4	app.provely.io	ajax.googleapis.com
4	cdnjs.cloudflare.com	provely-public.s3.amazonaws.com cdnjs.cloudflare.com
4	a.remarketstats.com	3 redirects tag.trovo-tag.com
4	f.vimeocdn.com	player.vimeo.com
3	x.bidswitch.net	1 redirects a.clickcertain.com
3	pixel.tapad.com	3 redirects
3	provely-public.s3.amazonaws.com	dfyblogs.live provely-public.s3.amazonaws.com
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	www.googletagmanager.com	dfyblogs.live www.googletagmanager.com
2	tag.trovo-tag.com	a.clickcertain.com
2	cm.g.doubleclick.net	2 redirects
2	pipedream.wistia.com	fast.wistia.com
2	i.vimeocdn.com	dfyblogs.live
2	www.google.de	dfyblogs.live
2	www.google.com	dfyblogs.live
2	www.facebook.com	dfyblogs.live
2	warriorplus.com	dfyblogs.live
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	dfyblogs.live connect.facebook.net
2	dfyblogs.live	1 redirects
1	distillery.wistia.com	fast.wistia.com
1	wurfl.io	provely-public.s3.amazonaws.com
1	ajax.googleapis.com	provely-public.s3.amazonaws.com
1	snowplow.convertri.com	dfyblogs.live
1	vimeo.com	f.vimeocdn.com
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	player.vimeo.com	dfyblogs.live
0	fonts.googleapis.com Failed	provely-public.s3.amazonaws.com
130	40

This site contains links to these domains. Also see Links.

Domain
warriorplus.com

Subject Issuer	Validity	Valid
dfyblogs.live R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.convertri.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-03-21` - `2023-06-20`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
snowplow.convertri.com Amazon RSA 2048 M01	`2023-01-25` - `2024-02-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
wurfl.io Amazon RSA 2048 M02	`2023-02-14` - `2023-07-09`	5 months	crt.sh
provely.io Amazon RSA 2048 M02	`2023-02-23` - `2023-09-29`	7 months	crt.sh
trovo-tag.com Amazon RSA 2048 M02	`2023-04-08` - `2024-05-07`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://dfyblogs.live/
Frame ID: 274B25F8FA1B1CF26225D1CD8A27C9CD
Requests: 83 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: A47A391F37F653AE87DD18965363CEAA
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: F2DA442C5ECD7491BDE4C9A5877E6D49
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: F24B44D6B7CBB064A0177B1EE4DB6420
Requests: 2 HTTP requests in this frame

Frame: https://player.vimeo.com/video/821398199?h=3b0849af28
Frame ID: E5263EAB3F615C2EF4CB65977F4EF369
Requests: 12 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: DFF2FACF0112DACE6C8F689DB9E0B52E
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: 4649B791BF92EEBF2360762EDC74CD26
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: 8872365E8717CBFA4A754A080C4D4EA6
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: 0495A1DC3424B1C05D68D76DE9FDF88E
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: FD1AC5DDA0306FA33A9856942D964004
Requests: 2 HTTP requests in this frame

Frame: https://w2.countingdownto.com/3153911
Frame ID: BC4414B827565066061C2E5A01991B88
Requests: 2 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE
Frame ID: 35549746ECCF76B4A21439C7C5C48AD1
Requests: 5 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE
Frame ID: 331A5E5DA858C753027D9F8E32D089AF
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 31965D4469F60C40D6D50B9ACBBC1E0A
Requests: 4 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 40CDD2AE03D4B910AC3871007FAFE4D1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Special Deal!

Page URL History Show full URLs

http://dfyblogs.live/ HTTP 307
https://dfyblogs.live/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

89 %
HTTPS

47 %
IPv6

29
Domains

40
Subdomains

33
IPs

5
Countries

4355 kB
Transfer

9901 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://warriorplus.com/o2/buy/rjdjx3/z0d3qc/cwhkjm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dfyblogs.live/ HTTP 307
https://dfyblogs.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://a.remarketstats.com/px/smart/?c=25400607a41a540&seg=home HTTP 302
https://a.clickcertain.com/px/smart/a/?c=25400607a41a540&seg=home HTTP 302
https://a.clickcertain.com/px/?c=25400607a41a540

Request Chain 44

https://a.remarketstats.com/px/smart/?c=25400607a41a540&seg=dfyblogs HTTP 302
https://a.clickcertain.com/px/smart/a/?c=25400607a41a540&seg=dfyblogs HTTP 302
https://a.clickcertain.com/px/?c=25400607a41a540

Request Chain 104

https://a.clickcertain.com/px/ta/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f

Request Chain 105

https://a.usbrowserspeed.com/cs?puid=25c40d2b-9e6c-5b0c-bb84-384b31216ab2&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=7460e77a-c03c-436b-921f-680418ed6b3b&hem=

Request Chain 106

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 108

https://a.clickcertain.com/px/r/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=c5dcacb2-c464-4743-8a32-8f26971b3af9&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dc5dcacb2%25252dc464%25252d4743%25252d8a32%25252d8f26971b3af9%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dc5dcacb2%25252dc464%25252d4743%25252d8a32%25252d8f26971b3af9%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=c5dcacb2-c464-4743-8a32-8f26971b3af9&_li_chk=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&previous_uuid=29e68b24f977416ba3d784f12244336f HTTP 303
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dc5dcacb2%25252dc464%25252d4743%25252d8a32%25252d8f26971b3af9%252526anx_uId%25253d%252524UID&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dc5dcacb2%2dc464%2d4743%2d8a32%2d8f26971b3af9%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2%2Dc464%2D4743%2D8a32%2D8f26971b3af9%26anx_uId%3D%24UID&google_gid=CAESEBkmsSQO4N9UqDqvzIsVkII&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2-c464-4743-8a32-8f26971b3af9%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=6060133843969884132 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0

Request Chain 111

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=076b17b0-e5f0-11ed-ab08-831033bef352 HTTP 302
https://a.clickcertain.com/px/smart/a/?type=img&partner_id=193f0456&c=24d1add2443e239&partner_rid=076b17b0-e5f0-11ed-ab08-831033bef352 HTTP 302
https://a.clickcertain.com/px/img/?c=24d1add2443e239

Request Chain 113

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 115

https://a.clickcertain.com/px/ta/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f

Request Chain 116

https://a.usbrowserspeed.com/cs?puid=25c40d2b-9e6c-5b0c-bb84-384b31216ab2&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=997f1ef3-deb9-44a8-9b52-80520b1ccf4b&hem=

Request Chain 117

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 118

https://a.clickcertain.com/px/r/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=c5dcacb2-c464-4743-8a32-8f26971b3af9&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dc5dcacb2%25252dc464%25252d4743%25252d8a32%25252d8f26971b3af9%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dc5dcacb2%25252dc464%25252d4743%25252d8a32%25252d8f26971b3af9%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=c5dcacb2-c464-4743-8a32-8f26971b3af9&_li_chk=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&previous_uuid=746501b6db2d4621b35aadd4d971e1b5 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253dc5dcacb2%25252dc464%25252d4743%25252d8a32%25252d8f26971b3af9%252526anx_uId%25253d%252524UID&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3dc5dcacb2%2dc464%2d4743%2d8a32%2d8f26971b3af9%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2%2Dc464%2D4743%2D8a32%2D8f26971b3af9%26anx_uId%3D%24UID&google_gid=CAESEDBXt5iaDmFv1tuGCesMei4&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2-c464-4743-8a32-8f26971b3af9%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=8969216167542951828 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0

Request Chain 122

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

130 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dfyblogs.live/
Redirect Chain

http://dfyblogs.live/
https://dfyblogs.live/

2 MB
181 KB

95ms
33ms

Document
text/html

35.240.1.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.1.240.35.bc.googleusercontent.com
Software: /
Resource Hash: c4594483b10f7abd457ff9afd95bc304926772b0f8b950b574a30afc997dea83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
vary: Accept-Encoding

Redirect headers

Content-Length: 58
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Apr 2023 18:10:54 GMT
Location: https://dfyblogs.live/
Vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 99ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 18:10:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jE263GbtdNO7zJnGzb8KoTgB2bFdmJB1xr46vOAsB/mTeQ/nLruGFnLTynacU1LlIDgw97tN9HXeWMsPNCrErQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 130ms
56ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-588820436

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c593ff98fe82f49b6a42da8d696f20b40e1ae7f70cba02e10e0820a59c1e6ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 18:10:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 109ms
35ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016766401

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19fa3866feddf86e539bf09dddb4ebe48b69ab83e8a1568dc7e6b8a1774ec9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 18:10:55 GMT

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fe6cdd7bfb22181036c916bb2e6b2f89a98dcc252%2Ffav.png
convertri.imgix.net/ 798 B
1 KB 119ms
18ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fe6cdd7bfb22181036c916bb2e6b2f89a98dcc252%2Ffav.png?w=18&h=18&fit=clip&auto=compress,format

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6f326539f10597cea12f1d443a4018ffb7c4dd07c12580bd69d16d592c27d2f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
x-content-type-options: nosniff
age: 150893
x-cache: HIT, HIT
x-imgix-id: f323f1ba2d49d9ace310c03b8d535bb1da9c9a7b
cross-origin-resource-policy: cross-origin
content-length: 798
x-served-by: cache-sjc1000089-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.9288
last-modified: Thu, 27 Apr 2023 00:16:02 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 130ms
67ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7c49ab264df288e272de8eada58f92d157590b44fa5d3a296803c2c72ec78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 00:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16476
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Apr 2024 00:43:53 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 127ms
64ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedb5c0eb2e55675ecd496c04f7780adeeadc2a0fef36c335a84724f29812628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 16:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16334
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 16:20:54 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 118ms
55ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0169e4dcdc172069ab64d72f8eb7a3ea2b9289efb71a8ba814ac4e2248963f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 13:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16510
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 13:05:53 GMT

GET
H2 200 font-awesome.woff2
cdn.convertri.com/font-awesome/ 75 KB
76 KB 152ms
51ms Font
font/woff2 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/font-awesome/font-awesome.woff2?v=4.7.0
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
cdn-edgestorageid: 1048
x-amz-request-id: 69QFBAZ03CWTA3VN
cdn-cachedat: 04/25/2023 08:50:44
cdn-pullzone: 408079
content-length: 77160
x-amz-id-2: NiJbI7ZKI6sA4qR3uErm+iq6pBgIJek+w8ezEkC07zKkkuErwpQqhl45WFJeU+ZxE4+kauLEGoM=
last-modified: Wed, 22 May 2019 08:26:20 GMT
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=604800
cdn-requestid: 87f395be4ada0df034a4c9b932c65d7d
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 111ms
48ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aX8.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab949d217aeb59201b46ce64934ff23a46fa4ce684db25002d88c15b59e72dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 07:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16638
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Apr 2024 07:11:06 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
16 KB 120ms
57ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aX8.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3549500032014880a5f26801042304db6abd5411a01749ba00c1896eebfe622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 17:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16601
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 17:43:39 GMT

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame A47A 30 KB
12 KB 554ms
480ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65377f9e4042ee2ee0d848ee1ccbecc0a0d53b38e5bf62e40377e887460e594e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 7bf143c7bbbb9006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
last-modified: Fri, 28 Apr 2023 17:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcQjzJWIb1Sg%2BqpY2rWdV7zpBMVap5AaGW5OrtZnUSUBagISty2rydxiST%2BxCP9Z3PIOArFej5mVHttDgMi4G%2Fc9gsUJrfPbsL6mLd9ZyTZgll%2FWCVZL%2BieDLXhd643l426ehV9VT8wtLi4O4cbbDGv8JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orslDo0AgeNxsAQpIx

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmdTQ3ig.ttf
fonts.gstatic.com/s/nunito/v25/ 32 KB
17 KB 30ms
28ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmdTQ3ig.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c998f5219b663098ac124bd7dfed50a709c46d363c721bf355bb42a9487561b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 07:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17770
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 07:04:17 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDOUhdTQ3ig.ttf
fonts.gstatic.com/s/nunito/v25/ 32 KB
18 KB 28ms
26ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDOUhdTQ3ig.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc66d35f7d05fc1e06e9b815a1598972eebff23e2d0a219c18e3f65d31e18e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17858
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 01:57:17 GMT

GET
H2 200 bv14u9hw8v.jsonp Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 135ms
59ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/bv14u9hw8v.jsonp

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

bacf9f9960613a50f1c9ad426b5a1c88ec691792361186ad39383e24b8f0bc81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 81856
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time: 40
content-length: 1725
x-request-id: 96bc29db-23e0-4eda-b9de-7c29af3adb34
x-served-by: cache-iad-kjyo7100049-IAD, cache-fra-eddf8230039-FRA
x-runtime: 0.038974
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 112
server: envoy
x-timer: S1682705455.394100,VS0,VE2
etag: W/"bacf9f9960613a50f1c9ad426b5a1c88"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 639 KB
117 KB 95ms
18ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd246173b2bd96e2c6c4de0507eb5935ec577f4abc9250eaefdcc936f235ccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 920
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 119392
x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-eddf8230039-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 22:54:47 GMT
server: AmazonS3
x-timer: S1682705455.394116,VS0,VE0
etag: "05aa653be635ac137b78cc4ae89ba394"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 89b1f71dbbfc74f798186d527b78a9dc6f8c4f90
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 47, 80

GET
H2 200 swatch
fast.wistia.com/embed/medias/bv14u9hw8v/ 3 KB
4 KB 133ms
58ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/bv14u9hw8v/swatch

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c3a576b4dd1a3a95e2a5eabc023fe864b8c2656e5fa87a89ab60e7de6c5342cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
access-control-request-method: *
via: 1.1 d1dad7d3c339d87d553c26a84c9ca5d2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD55-P4
age: 168398
edge-cache-tag: f0dea6e41fb4972085bbc7aa7eab5101
x-cache: Hit from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 37
content-disposition: inline
content-length: 3211
x-served-by: cache-iad-kcgs7200165-IAD, cache-fra-eddf8230039-FRA
x-browser-version: 112
last-modified: Wed, 26 Apr 2023 19:23:57 UTC
server: envoy
x-timer: S1682705455.394116,VS0,VE1
etag: 1ao0n4-DQ_xJOEDkKXGde_UQNbA=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JKfqsR5jIeGQ68g-FEH_gnADhE6A_TrJwpUlQiGpePPXc0bIc_l8zQ==
x-cache-hits: 82, 1

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame F2DA 30 KB
11 KB 485ms
484ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65377f9e4042ee2ee0d848ee1ccbecc0a0d53b38e5bf62e40377e887460e594e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 7bf143c7fbf99006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
last-modified: Fri, 28 Apr 2023 17:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvTSmnaHNR94NAGVQhbx4s8TFxmF%2Bk8JJlMpTAbnRchHDTpXnohpd0nKmT9TnpPrwIWIIH8qYl1kCkYXi3TqG8TO7KqbsxMUn6v8jADEnurOvnIjCE9dPBVPYnd0pOs4u0V0X8NEjXaPn5M9%2FFRr7g%2FDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orslNUvKwWNSMAQpJB

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame F24B 30 KB
11 KB 483ms
482ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a955d5934c75c58fc98bdbda9a9485cad44475b82c6422654d02faea7a25ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 7bf143c85c5a9006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
last-modified: Fri, 28 Apr 2023 17:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClWDyN0Mbdl1t%2BJNjcahpuXb6ToLvWJyM6c9wbZ2nmtl5a2lh6qbgljFM54m1fw3XRMiGNxyLbhT7IHr1mylVfxKLzxKVFgNeIPg9%2Bfn%2FfD3I1dTn49ib5z1%2BhCNcey1zagj5rTQvRxrhQVxiolDgtrV8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orslbU-FuGBzcACaHx

GET
H2 200 528223472622645 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 214ms
213ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528223472622645?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8065e9ad8dd60e884355609cd7b6696a5d2152beb834c8ddb17685b8c48f9aa5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 18:10:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: K9UVSfNjz69LZrfIsj9DBkbYZuId1cRbWYWZf9VePqArvlsd0Ni5XwFWjC5zJzuialxxbOOvJuVdFfHHMJvt1w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F55326eb1e18101f0e96450420074a4a72d2f7ee7%2F299110_check_sign_icon.png
convertri.imgix.net/ 824 B
966 B 32ms
19ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F55326eb1e18101f0e96450420074a4a72d2f7ee7%2F299110_check_sign_icon.png?w=20&h=20&fit=clip&auto=compress,format

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cf55e23c3e436c2b9258bd384d42fb0aa4cd74224652e0b7d598f634e04b13ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
x-content-type-options: nosniff
age: 1327086
x-cache: HIT, HIT
x-imgix-id: b2301db1c8acd06e4478ec3b870dab2dda025b60
cross-origin-resource-policy: cross-origin
content-length: 824
x-served-by: cache-sjc10049-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.8776
last-modified: Thu, 13 Apr 2023 09:32:49 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F10a396eaedf5b98d106e0cf751aea26af51e5837%2F299045_sign_error_icon.png
convertri.imgix.net/ 843 B
980 B 32ms
20ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F10a396eaedf5b98d106e0cf751aea26af51e5837%2F299045_sign_error_icon.png?w=20&h=20&fit=clip&auto=compress,format

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9bc5add49cebb5c829f1195a1a1ba0487fc5c9304413e4aa8f673eb05392baee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
x-content-type-options: nosniff
age: 1387336
x-cache: HIT, HIT
x-imgix-id: b67cfea5a399241f8967d62a5235b2b42e1b294d
cross-origin-resource-policy: cross-origin
content-length: 843
x-served-by: cache-sjc10020-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.9288
last-modified: Wed, 12 Apr 2023 16:48:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F9d895250e9ff9960fee3990c2c1c2b018fa10cad%2Ffavicon.png
convertri.imgix.net/ 853 B
989 B 33ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F9d895250e9ff9960fee3990c2c1c2b018fa10cad%2Ffavicon.png?w=20&h=20&fit=clip&auto=compress,format

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

160d77bc45fd9f224bc4db7312ce8ca35f71f0ac7e56ead13dee92a058e82a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
x-content-type-options: nosniff
age: 91958
x-cache: HIT, HIT
x-imgix-id: de7bcfa7effcc227201d7cffebb7775c8f9859f0
cross-origin-resource-policy: cross-origin
content-length: 853
x-served-by: cache-sjc1000085-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.9288
last-modified: Thu, 27 Apr 2023 16:38:17 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vm8vdRfvXFLG3OLnsO15WYS5DG74wNc.ttf
fonts.gstatic.com/s/kaushanscript/v14/ 101 KB
42 KB 36ms
19ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kaushanscript/v14/vm8vdRfvXFLG3OLnsO15WYS5DG74wNc.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ea5ea25e38c1dc365c5ba715e9149efaa93c5cdbfa0d2ec41c2997c6e04c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42783
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Apr 2024 19:34:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 67ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-588820436&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11016766401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4dc3afbb203cb94f813dbb3a0858faed09ba29356137bf28ec2ea4a4f34464c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 18:10:55 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11016766401/ 2 KB
1 KB 255ms
186ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11016766401/?random=1682705455453&cv=11&fst=1682705455453&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdfyblogs.live%2F&hn=www.googleadservices.com&frm=0&tiba=Special%20Deal!&auid=1954724705.1682705455&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11016766401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab14a4343b3081d4d5e6a8374e60de8fcf09138b259936df8e976daeaa250007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 347855
warriorplus.com/o2/btn/fn010011020/rjdjx3/z0d3qc/ 19 KB
20 KB 1404ms
1320ms Image
image/png 104.26.5.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warriorplus.com/o2/btn/fn010011020/rjdjx3/z0d3qc/347855?ct2=Click%20Here%20To%20Grab%20DFY%20Blogs!
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash: 41c8f3b83e9c15fbe7da02d35f97e8785d06a92815ae84c707300b77d854e479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:56 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 18:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLOhtKb0MwX632iiWb5JHJSyMOfjOzs3kRPRmtCwmhwjPrcYUj7oKUlcKLK5Ddgei%2Bal6se3nO7THIGbjofZH5ousxDru5LG0jdIHGEk%2BHrIEuMY11oWydPwo%2FnVfTF5uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bf143c9eed82bae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 821398199 Show response
player.vimeo.com/video/ Frame E526 21 KB
9 KB 349ms
272ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/821398199?h=3b0849af28

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1b4bf35f77022072145ea18f8d17a6fb42ba4691b70bd8502b26e1fa873c45

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://.hivestreaming.com/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7bf143c9e89a920e-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Apr 2023 18:10:55 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230042-FRA
X-Timer: S1682705456.677012,VS0,VE237
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-75f7d4c6d5-dnv59
x-content-type-options: nosniff
x-host: player-backend-75f7d4c6d5-dnv59
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0ow.ttf
fonts.gstatic.com/s/montserrat/v25/ 31 KB
17 KB 38ms
38ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0ow.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d72cd11b4a37a93c43757cf4deb1d8c648b86fa2093d72ecac0a4e6c1eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17007
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:59:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 20:55:25 GMT

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame DFF2 30 KB
11 KB 483ms
481ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a955d5934c75c58fc98bdbda9a9485cad44475b82c6422654d02faea7a25ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 7bf143c99d889006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:56 GMT
last-modified: Fri, 28 Apr 2023 17:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lga3BtABIYTZqpWF2E78m5hWSylyuB1nnhLXfmE1tiZhImsTqb%2BIYjxCzx%2BBk0ZmUrUraQU4f3pZC5Q9lBHaTmCj0kuCG%2BD3Q3Eys%2BqZQcFtluCw1BQAwXQL5lBjHUIUAfhzzNHVdHRxkrQMURGmwoaQcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orsmMBkwJrp9EABpCi

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/588820436/ 2 KB
2 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/588820436/?random=1682705455632&cv=11&fst=1682705455632&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdfyblogs.live%2F&hn=www.googleadservices.com&frm=0&tiba=Special%20Deal!&auid=1954724705.1682705455&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-588820436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8332e0c6fd7560a2321ab23e6cc9e5665eb7b194b343b568d2a18750d4fd5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame 4649 30 KB
11 KB 487ms
482ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34699c2743552dbdc419cfbf73901ff25d964156009a6cfa18b28d0e62935e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 7bf143ca4e259006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:56 GMT
last-modified: Fri, 28 Apr 2023 17:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRRo9xcKKdSiyt7MIX9e%2FwDGJ8cvS4TWr4a2bTC2gGltpsQryhY%2FKfN4BEJ%2FRJ4qa9xucvGjRvACUgPP1HNrrifjGEgCE2cfVdhTtUBY%2BYMVhF8nOyfCNCA6K%2Bt6t2zU1Q7HJU15IIwXvsMl1sRXk145Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orsmlKUDMG4oIAQpJh

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame 8872 30 KB
11 KB 480ms
476ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34699c2743552dbdc419cfbf73901ff25d964156009a6cfa18b28d0e62935e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 7bf143ca4e289006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:56 GMT
last-modified: Fri, 28 Apr 2023 17:12:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLiORLHHZh1ZIP64lw2%2Fy2d8lH5IwGUibExjjmhlu7GuT6DxwVtxg5PfPbjvi%2Fw87umBZ6EKsorPLwz1cneDBzmJxGz%2BKSbcXPMWwvBjf63T5nkncwbXJXtSLdF98mVs0FMukhY3eMJ1QGX%2FfSeVmoOfqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orsmicnZ-96-cAQpJR

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame 0495 30 KB
11 KB 35ms
34ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a955d5934c75c58fc98bdbda9a9485cad44475b82c6422654d02faea7a25ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 7bf143cb2eef9006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
last-modified: Fri, 28 Apr 2023 18:10:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FlD2UnvC12aMiGMhr78VZd7nTqgZcAK4qArre5gsJkxbFn8aa4j4lKoQElbvb7SHNeH%2FpA5lStIleua964XFaO3pI5BLdyaPGl%2Fl4wlW8dmYlXqp7DnIppVPYwGVepkoFrv%2BCoPU11Wx6Y6qtQk7pJmNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orslbU-FuGBzcACaHx

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame FD1A 30 KB
11 KB 37ms
27ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a955d5934c75c58fc98bdbda9a9485cad44475b82c6422654d02faea7a25ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 7bf143cbcf839006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
last-modified: Fri, 28 Apr 2023 18:10:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XQldxhg8QAgtCj31lmNNe22g8XIwm8lTYTp3estiAEaueM8GYA0%2BkFZIrHHykBHp%2BB0%2BLWEZU5Tjq%2BNQ8uV98yfvdBN3odqiZ7K%2BYmeQcpMkUNwy%2BpuIrMSYngRFhZCAxtK3%2FAlbkUfxU3v1r94A08cTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orslbU-FuGBzcACaHx

GET
H3 200 Yq6R-LCAWCX3-6Ky7FAFrOF6lw.ttf
fonts.gstatic.com/s/fjallaone/v15/ 101 KB
55 KB 30ms
29ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6lw.ttf

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db0a7fc73e53371a7ceb0d57cce0b575b15fea7f6b0687922d87e311be056a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56062
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:46:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 18:10:55 GMT

GET
H2 200 3153911 Show response
w2.countingdownto.com/ Frame BC44 30 KB
11 KB 33ms
30ms Document
text/html 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w2.countingdownto.com/3153911

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a955d5934c75c58fc98bdbda9a9485cad44475b82c6422654d02faea7a25ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dfyblogs.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 7bf143cbdf979006-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 18:10:55 GMT
last-modified: Fri, 28 Apr 2023 18:10:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWbL3ZlmWI3Ari77OL2PfeLaMlUq%2B8HC3Jr8cED3OpZDC1eZUvyOQyE%2BAHYSgE5KANQ0xBRk6TDU8ThvGpp3HHY7nlf6%2FDM2%2BqyHsOUAdAUSaQRFYT6et%2B7bdF5lcYpGRF6X114sy%2F8ywu1MbXK7S5pOTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: F1orslbU-FuGBzcACaHx

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528223472622645&ev=PageView&dl=https%3A%2F%2Fdfyblogs.live%2F&rl=&if=false&ts=1682705456002&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682705455989.1607010760&it=1682705455398&coo=false&rqm=GET

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Apr 2023 18:10:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame A47A 10 KB
11 KB 103ms
83ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMlR%2Bg38FprGuCWHYHZdXbZv32fuL7R67DNrtCNA6AH5lo6rVUDc%2BjIFBCvkfRvE8JZLy4T%2FwvOx384WRQNP1GI6HnjF%2BzOJyb1iUnaN39K3UqvToM7HGqeHoUnHTc1LVM1hHVtC%2Bg1aW73Uk0Bj%2BHxRVIKhYwz5ggvDMSy%2F4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cc58209006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.23.13/js/ Frame E526 492 KB
119 KB 82ms
21ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.13/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/821398199?h=3b0849af28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76e08b06570b6132904367e022feb05c110f8c637b0bb0f2d2d47e5dfc9c8fcd

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100172-IAD, cache-fra-eddf8230088-FRA
date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 175661
x-timer: S1682705456.125076,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 121892
x-cache-hits: 3, 75841

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.23.13/js/ Frame E526 389 KB
94 KB 91ms
30ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.13/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/821398199?h=3b0849af28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60e7d4a37ba6aed2b231cdeee8e9d081fb4cfeba5a1381cb46348309e5c48311

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100173-IAD, cache-fra-eddf8230088-FRA
date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 175661
x-timer: S1682705456.125175,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 95892
x-cache-hits: 3, 86533

GET
H2 200 player.css
f.vimeocdn.com/p/4.23.13/css/ Frame E526 211 KB
21 KB 83ms
22ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.13/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/821398199?h=3b0849af28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 285e5a779b78c940eb213bdb3ac220b3996d6192f2691e72853a58f4d2225e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100022-IAD, cache-fra-eddf8230029-FRA
date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 175661
x-timer: S1682705456.125468,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21697
x-cache-hits: 4, 87730

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame F2DA 10 KB
10 KB 93ms
92ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLDATNavBEvDzrzZHGgJhALRP6368DUxUANCEyc8%2B0WPCVpXDB9rCZyqnOEBB5ArBFrJ4kxFpeGQo2i90Q1wBYtsbsHavLq4mdWkiTut5Mwq%2BKCBHU3418VnLi4GN13haus8Y2bexbnaUdnQkA%2Byh%2Fo%2F%2BHJDEFR5lh5K3OgPlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cc68379006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 jquery-1.12.2.min.js Show response
cdn.convertri.com/ 382 KB
113 KB 131ms
75ms Script
text/javascript 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/jquery-1.12.2.min.js?v=2023-04-25-08-46-38
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 549d2df1c0ce2f9c36f567171ed3f0824c9b7e0c84ff30bef25dd1c5810b940d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
cdn-edgestorageid: 865
x-amz-request-id: NXF0WVMYEV5G4ZRV
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 08:55:00
cdn-pullzone: 408079
x-amz-id-2: tYY2otIyNgKqqSMmemeZ6Q60Io/J5zmpmi/8UQpZ4OjvnWWGwq8qs5+yvTAyCCROTbzqKuAdEP8=
last-modified: Tue, 25 Apr 2023 08:50:40 GMT
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"9449f3f98393aaec694dd2e9a884f118"
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: max-age=604800
cdn-requestid: 6d721b819e51b2930248db74820c97ef
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=25400607a41a540&seg=home
https://a.clickcertain.com/px/smart/a/?c=25400607a41a540&seg=home
https://a.clickcertain.com/px/?c=25400607a41a540

4 KB
2 KB

281ms
280ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=25400607a41a540
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23615d1c1269a775196e47d8cb493154182e83e68d00b1c4a50ce0d4de3a58b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:57 GMT
content-encoding: br
x-frontend: cc-nginx-7cb8d6d795-m6pt5:cc-nginx-7cb8d6d795-m6pt5
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: cac713a0-129d-4d4b-9a11-9cbc9071ff60
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBb0hTUQkLmduO7Y%2FtduheiQ2MWms1P8iCD04fQaJ1L9W%2BvC0hA5d52goSeG4tabyPqmksp6shJmHvkJS61UW0vREhitJVEoviWV7VFtUgz8agJ61tXAe5ERp%2Bv9cvqklRv8CaEKHE26OD6Nn5y3uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7bf143d13ab99b77-FRA

Redirect headers

date: Fri, 28 Apr 2023 18:10:56 GMT
x-frontend: cc-nginx-7cb8d6d795-x9mzn:cc-nginx-7cb8d6d795-x9mzn
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: e6279a99-4775-4441-8ca8-a7db2fb274c6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlT8NMC3UvdSJ%2B1xF2Ya4VvIHoGIRrUYer2rTj7MV3AKhZOo0nm6n567WB2oH6AQ97gw9f%2F9u838siWyUJIGGlPyKn%2FLIU%2F6FFX5ju7myG7fGi9d5fUqnG83Eh07ln7J6jKTuy%2BPBGOMPdyR2zVjog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=25400607a41a540
cf-ray: 7bf143ce6e3f9b77-FRA

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=25400607a41a540&seg=dfyblogs
https://a.clickcertain.com/px/smart/a/?c=25400607a41a540&seg=dfyblogs
https://a.clickcertain.com/px/?c=25400607a41a540

4 KB
2 KB

504ms
504ms

Script
text/javascript

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=25400607a41a540
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6126b6b2debfef5868d98930b399ef32db888958cd4f6e37fa62afb77d56e0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
content-encoding: br
x-frontend: cc-nginx-7cb8d6d795-hqc6w:cc-nginx-7cb8d6d795-hqc6w
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 5d9c4076-9e50-4fdf-95a6-dd41cf925dcd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEDT2B8wgg8%2BiXfYWX571QGefcTC94vWb%2FPni6z35wBsW3PciyFby0wk56FxwO%2FiYXM7iVQop5H8TmLyaO2aWxD7dvUw0hex0n%2Fc6f%2BBtM4ake7ZRYi1XeNHgt6rlQCH4F%2BBC2ZR8WstH5N4NaGZjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7bf143d7bcfd9b77-FRA

Redirect headers

date: Fri, 28 Apr 2023 18:10:57 GMT
x-frontend: cc-nginx-7cb8d6d795-5n79z:cc-nginx-7cb8d6d795-5n79z
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 0c038201-415d-4a97-bb8a-873d8c5eabb1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK%2BiEjPVtcCW9gaVlfiPXp6%2BB%2BFjwmDj01dg%2B25AjbbSeHFruKnbU4AJ0JPh%2FCCvxFFnyHJQM%2FWfpwzo6B2DTtbJr4CQnzgtD9C%2BNZEd6tIhOPX06cg6w4HjzXgJ4JCb8TIe8WTmn%2FR%2BALK99ZK2MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=25400607a41a540
cf-ray: 7bf143ce6e3c9b77-FRA

GET
H2 200 347855
warriorplus.com/o2/btn/pn100011001/rjdjx3/z0d3qc/ 24 KB
25 KB 1182ms
1181ms Image
image/png 104.26.5.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warriorplus.com/o2/btn/pn100011001/rjdjx3/z0d3qc/347855
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash: 83650ad171454039e1344f4b86dfdaee4596df17c2f8aa2e2e36764953b407bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:57 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Apr 2023 18:10:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnHk1uRntv4dRJ8q46yob44pqOx9fjGPWZHceflIz8xq6SgNRSDqtmOOT2Fbif8cVfFMhWC2HCSyRInTDIsqNwEcaeqwBusLsdL%2BZWlCMtAZaVmWY%2FPMIwMpn09lZOA%2F%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7bf143cc8a562bae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/588820436/ 42 B
108 B 113ms
40ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/588820436/?random=1682705455632&cv=11&fst=1682704800000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdfyblogs.live%2F&frm=0&tiba=Special%20Deal!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1465501053&rmt_tld=0&ipr=y

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/588820436/ 42 B
455 B 114ms
41ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/588820436/?random=1682705455632&cv=11&fst=1682704800000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdfyblogs.live%2F&frm=0&tiba=Special%20Deal!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1465501053&rmt_tld=1&ipr=y

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11016766401/ 42 B
455 B 104ms
39ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11016766401/?random=1682705455453&cv=11&fst=1682704800000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdfyblogs.live%2F&frm=0&tiba=Special%20Deal!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=112698794&rmt_tld=0&ipr=y

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11016766401/ 42 B
108 B 106ms
41ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11016766401/?random=1682705455453&cv=11&fst=1682704800000&bg=ffffff&guid=ON&async=1&gtm=45be34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdfyblogs.live%2F&frm=0&tiba=Special%20Deal!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=112698794&rmt_tld=1&ipr=y

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 18:10:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame F24B 10 KB
10 KB 26ms
26ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jIhleilga8i2UXMcved%2BYYH1oMdCAgnSR24humeUTn5e2vrQaiON2H0yjQHTHtqWNHpLQ%2FTEornEbhQnD3YCC8%2FdRYWq%2Flqpq1caClQvsYqwGoOvJuWATwQvoRrY10UosMy%2BJY5jECVKYYPLI9AvhDzi52%2FaNpNiL8ni%2B5Peg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143ccb87e9006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame 0495 10 KB
10 KB 26ms
25ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AmluA80fmVGKUc6%2BsuGePa%2B8HSiwm0vRjdsbJ9L2tTEcnrCbJnbARFepDv%2BQZj9Uhgvz%2FSyLHNl0mdDaIN40zu3xs1De0g2OUg4fDKaFmm5xpeMnNTCJGg%2BgpomyGQKPpp%2BcI1SNJyEhVHyUzDP5zK1LSXaYBLBssscPRfGoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143ccc88b9006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 videoThumbnail.js Show response
fast.wistia.com/assets/external/ 72 KB
20 KB 43ms
34ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c32d4d8065d9f4a2422ec61ff4d359d8231c2ef010ae97db515bc45793904c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1297
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 20250
x-served-by: cache-iad-kjyo7100125-IAD, cache-fra-eddf8230039-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 22:54:48 GMT
server: AmazonS3
x-timer: S1682705456.165087,VS0,VE0
etag: "3b3053d46fab31332cd26ed3e98a6aae"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 89b1f71dbbfc74f798186d527b78a9dc6f8c4f90
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24, 9

GET
H2 200 cdn.min.css
cdn.convertri.com/ 64 KB
9 KB 73ms
68ms Stylesheet
text/css 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/cdn.min.css?v=2023-04-25-08-46-38
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
cdn-edgestorageid: 1054
x-amz-request-id: G6Z5C53TAHFQRAEN
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/25/2023 08:55:00
cdn-pullzone: 408079
x-amz-id-2: o8ddIRbsF5D8Z3JevWRQXr1oz9yP2HupFtEy3RaNz2kfTd6qumH8GDXM7LXZU672Qt/uqtILJ+Y=
last-modified: Tue, 25 Apr 2023 08:50:43 GMT
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"b0d55c9bb284b269b2781a94102dffbf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=604800
cdn-requestid: f2b9287891bdf2be2859d14232352aed
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame FD1A 10 KB
10 KB 31ms
31ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr9eHhMcYpkJAfyQEPXDZlQgPMV%2B8tzxcCrLslYaA1PJRt6NX6p2sw%2B88vjQnm5WD%2Fz20AEbNhHHuRjg2%2FxdT1X0SeviaxKke633FJH4YdfjMITLMIl7ni3gSkifgfePqZ7tiT%2FQOe8HkRN5hF1PpXOo92uz30obhu8PrFaQ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cd18db9006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame BC44 10 KB
11 KB 45ms
18ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbi%2FN34zv5VG7iePEXzOFEl4st9Bod1josGtFmeyZrYrwgg3Q2yzDzstXmaFPvZmXNQ5YzKcK5LmZHehbcK5aAV41lx8KNfSQ6VaufRuNPHQJnXZvm%2Fyn8Vd1fuBw7qwTXCrGzPPn0vgak8izEBGW1fukTJia7%2ByhxLtE9je5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cd69469006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 wistiaLogo.js Show response
fast.wistia.com/assets/external/ 68 KB
19 KB 46ms
17ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistiaLogo.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

009b9424acbc4bb3a0251540ae75b014016428276d6d1feba423f2e4f3f54051

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1354
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 19088
x-served-by: cache-iad-kcgs7200161-IAD, cache-fra-eddf8230039-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 22:54:48 GMT
server: AmazonS3
x-timer: S1682705456.244317,VS0,VE0
etag: "373206def4ff7a942ed11831d22b91c2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 89b1f71dbbfc74f798186d527b78a9dc6f8c4f90
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 2

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame DFF2 10 KB
10 KB 44ms
26ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phtRanx1mJvJsXVrZ73uTvi3BTka3%2BC7LkIwg7AUSuS38Yh9YiI0ZOmJekolr6%2BW60wwR2WK99WptCBVZHq9wv%2Fo%2BWYWI1T4wlHutjpaHWD80kUjmYt0UpyO%2F63QYqenXalspYncxo9gFjW%2BKGK74CkVXtaw1PacMUzrL4Z4aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cd896d9006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame 8872 10 KB
10 KB 26ms
26ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYk7YJJqpfZvB94GAjQO4rpixJTqph6lbb8ThIjqUVS3ESm164IVYWC8Up3oLF1BWTvyrl1qtcoKAINRfSvAGiNcjSfRyakt%2FppFlEi2zG%2F4AJxyEfqKuXOB%2FjR4D8E3wuR8njy8yiT2RxYeiUiuyAg3gWfbSF8wrPRTc%2BMBVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cd997f9006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 oc-sprite.png
static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/ Frame 4649 10 KB
10 KB 26ms
25ms Image
image/png 2606:4700:20::681a:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-sprites.countingdownto.com/production/cdt/widgets/sprites/image/3153911/oc-sprite.png?version=644c0aff-293402
Requested by: Host: w2.countingdownto.com
URL: https://w2.countingdownto.com/3153911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w2.countingdownto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P3
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10218
last-modified: Fri, 28 Apr 2023 18:05:52 GMT
server: cloudflare
etag: "4d5c51a50ac7fdfb92347442c9f0332d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTrxoK7BcOkTJ9byoG8Z67HHX8Gt5ZCTTYK5oXIlVJa0GihvD%2FKf9mqJCSPMPM9ieiwqK0ghru0wQ4UiYt%2B4euajvyKJyVu7qeR67VSnK7utF3USCMyNqUh6wG1kbYMxxamBD%2BHyqi9IlOH2602FFTCp%2FD53xkZwyWKGJnc%2Bhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bf143cdd9bd9006-FRA
x-amz-cf-id: DDy4nWV3_SJpsVJau_STvtgP4SZisfg26JDVSVaWfMWdxUK4MvMjQA==

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame E526 2 KB
1 KB 28ms
27ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/821398199?h=3b0849af28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230029-FRA
date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 992023
x-timer: S1682705456.367504,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 1, 299420

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E526 4 KB
2 KB 94ms
44ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.13/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 18:10:56 GMT

GET
H2 200 1661592051-727ef0fc60d6a918e1d07ecc9cdf082c92de34fb8617cd14912a409fa03e9e47-d
i.vimeocdn.com/video/ Frame E526 13 KB
13 KB 25ms
25ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1661592051-727ef0fc60d6a918e1d07ecc9cdf082c92de34fb8617cd14912a409fa03e9e47-d?mw=800&mh=450
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e578abb4711e892c5b3d6750ecaeddf796db0ec28e6c20a87a9d8930c8eb20e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 144357
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 13395
viewmaster-server: viewmaster-us-central1-q6js
x-served-by: cache-dfw-kdfw8210040-DFW, cache-fra-eddf8230029-FRA
x-timer: S1682705456.414487,VS0,VE1
etag: c308080bcf21d9ef5a4efdcfb3263c55
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 22, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame E526 0
142 B 166ms
121ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c666836710893d884c347d5c82516f1b18ca44ca1682705455
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.23.13/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528223472622645&ev=Microdata&dl=https%3A%2F%2Fdfyblogs.live%2F&rl=&if=false&ts=1682705456550&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Special%20Deal!%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdfyblogs.live%2F%22%2C%22og%3Atitle%22%3A%22Special%20Deal!%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682705455989.1607010760&it=1682705455398&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Apr 2023 18:10:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 472 KB
116 KB 83ms
20ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

638d5a072c5bc0d3ffbd2a9c8b3d2377dc7db23dcf0ed6bf23735390f21490a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1060
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117909
x-served-by: cache-iad-kiad7000128-IAD, cache-fra-eddf8230038-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 22:54:47 GMT
server: AmazonS3
x-timer: S1682705457.626364,VS0,VE1
etag: "5a2ec97cdb02d1330272d0ff50218ada"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 89b1f71dbbfc74f798186d527b78a9dc6f8c4f90
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41, 33

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame E526 0
902 B 223ms
166ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=c666836710893d884c347d5c82516f1b18ca44ca1682705455

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 28 Apr 2023 06:10:56 GMT
Date: Fri, 28 Apr 2023 18:10:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kiad7000120-IAD, cache-fra-eddf8230025-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1682705457.642559,VS0,VE124
x-backend-proxy: webproxy42
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-65d465d76-w9r7v
Accept-Ranges: bytes
CF-RAY: 7bf143cfeaf63813-FRA
X-Cache-Hits: 0, 0

GET
H2 200 1661592051-727ef0fc60d6a918e1d07ecc9cdf082c92de34fb8617cd14912a409fa03e9e47-d
i.vimeocdn.com/video/ Frame E526 13 KB
13 KB 28ms
27ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1661592051-727ef0fc60d6a918e1d07ecc9cdf082c92de34fb8617cd14912a409fa03e9e47-d?mw=800&mh=450
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e578abb4711e892c5b3d6750ecaeddf796db0ec28e6c20a87a9d8930c8eb20e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 144357
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 13395
viewmaster-server: viewmaster-us-central1-q6js
x-served-by: cache-dfw-kdfw8210040-DFW, cache-fra-eddf8230029-FRA
x-timer: S1682705457.607257,VS0,VE0
etag: c308080bcf21d9ef5a4efdcfb3263c55
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 22, 2

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame E526 35 KB
12 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Fri, 28 Apr 2023 18:10:56 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/112/ Frame E526 50 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/112/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 09:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 16:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 29 Apr 2023 09:44:02 GMT

GET
H2 200 bv14u9hw8v.m3u8 Show response
fast.wistia.com/embed/medias/ 941 B
1 KB 114ms
108ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/bv14u9hw8v.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f43f86151cde6945c5cbb98d05569fb294c5970090a84faab64c7bdbe9dacfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time: 47
content-length: 941
x-request-id: 7d74d2d4-e2e1-435a-b5fb-ee62cb1adf70
x-served-by: cache-iad-kcgs7200056-IAD, cache-fra-eddf8230038-FRA
x-runtime: 0.044737
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 112
server: envoy
x-timer: S1682705457.796637,VS0,VE88
etag: W/"f43f86151cde6945c5cbb98d05569fb2"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 32ms
26ms Image
image/gif 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 16, 2865
date: Fri, 28 Apr 2023 18:10:56 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 69349
x-cache: HIT, HIT
x-envoy-upstream-service-time: 0
content-length: 1214
x-served-by: cache-iad-kiad7000052-IAD, cache-fra-eddf8230038-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 19:29:52 GMT
server: envoy
x-timer: S1682705457.796624,VS0,VE0
etag: "644acd30-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000,public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 6 KB
6 KB 116ms
19ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b741edf2230f24d6b78fff43ae04db67d7dfffe480a6d2f9a000a99962e843cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:21 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164316
edge-cache-tag: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 200
content-length: 5912
surrogate-key: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DFo-OEuxihh5OR0U1xZ5cXDGXoU4J2i_3UOw17pAV5cYW8LKfDo5EA==
expires: Thu, 25 Apr 2024 20:32:21 GMT

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8/ 726 KB
727 KB 42ms
18ms XHR
video/mp2t 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: f5d42289c14d80ad4f8f60ffa106a36769bc41b2b3fbdf7933a92ec0eb285755

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:22 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164315
edge-cache-tag: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 99
content-length: 743352
surrogate-key: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LXuyngR0cQ9xFeIMdN6DqWYJi8SOzTtQeblWJNJd9l9G5Zn9Zw6zUA==
expires: Thu, 25 Apr 2024 20:32:22 GMT

GET
H2 200 8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 6 KB
6 KB 19ms
19ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1d65a03c2eb67ac9c9a9932ad7ece9b2abbc8b8dd016cb0e3c1f4b5326c2ea4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:24 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164313
edge-cache-tag: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 227
content-length: 5912
surrogate-key: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4HWiArlc7M8T8Rby-FmqYdXT-vPhUHNCs9LXcdOvCoIw4L6Dov7nyA==
expires: Thu, 25 Apr 2024 20:32:24 GMT

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 44 KB
18 KB 20ms
20ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e3701d2d6ce1fd1e7078be9d9430ed21bb9f7230a1ba500167f2a8817a88c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:57 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1118
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18115
x-served-by: cache-iad-kcgs7200095-IAD, cache-fra-eddf8230038-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 22:54:47 GMT
server: AmazonS3
x-timer: S1682705457.299875,VS0,VE0
etag: "ef9af6fee44b8c27c82e0bcb192f71c4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 89b1f71dbbfc74f798186d527b78a9dc6f8c4f90
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26, 24

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8/ 197 KB
198 KB 20ms
19ms XHR
video/mp2t 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 63605d84898933b062ad56edc6ef0783b8c9b55e6bdae1447b9142260870dae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:25 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164312
edge-cache-tag: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 118
content-length: 201912
surrogate-key: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: D5ki4tLSNRrqYiqOHMYQBnLLLgTp-vw6dvwVby3m84f9ov1PQh9HrA==
expires: Thu, 25 Apr 2024 20:32:25 GMT

GET
H/1.1 200
OK provely.js Show response
provely-public.s3.amazonaws.com/scripts/ 56 KB
57 KB 430ms
131ms Script
application/javascript 3.5.29.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://provely-public.s3.amazonaws.com/scripts/provely.js
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 03502bcd727a95eda3b57ee5a55dff790f6c9ce573db753e6b04acdcf3808fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:10:59 GMT
Last-Modified: Fri, 21 Apr 2023 17:25:02 GMT
Server: AmazonS3
x-amz-request-id: 5JQ0CMNRSF7B9ZGK
ETag: "03c7dbc0d7636c74e5401f23e09fc851"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 57560
x-amz-id-2: 3LctRmzy6cq5OrbYEwr3HrWGXOIIF+rrhJAuPykyI79vP1oRbqg0YYjlgxK7xEHlxKL657gJYZhJMnOWNHv4S/Vs+L/hrMqL7JqLWwcLXvk=

GET
H2 200 i
snowplow.convertri.com/ 43 B
336 B 408ms
115ms Image
image/gif 3.213.227.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snowplow.convertri.com/i?stm=1682705458449&e=pv&url=https%3A%2F%2Fdfyblogs.live%2F&page=Special%20Deal!&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=a4447a7a-5981-4894-8bfa-1ca5e01d10fa&dtm=1682705458448&vp=1600x1200&ds=1600x67334&vid=1&sid=bb2c6452-b3ff-446c-8825-c3feb347b6a6&duid=9b97a8d5-0bde-4c83-adf3-108b801c51fb&fp=792662924
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.227.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-227-16.compute-1.amazonaws.com
Software: spray-can/1.3.3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 18:10:58 GMT
access-control-allow-credentials: true
content-type: image/gif
server: spray-can/1.3.3
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fb2f2df5001d7409219ab5ddd79f9e8fab366ea42%2FDFY-Blogs_Logowhitetext.png
convertri.imgix.net/ 4 KB
4 KB 25ms
24ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fb2f2df5001d7409219ab5ddd79f9e8fab366ea42%2FDFY-Blogs_Logowhitetext.png?auto=compress,format&fit=scale&w=262&h=76

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c8b16b1d612de44c7fc25166e73606ecf058ae4512018ab719cd72e876cb0831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-content-type-options: nosniff
age: 352819
x-cache: HIT, HIT
x-imgix-id: 780a9c125795ee0821dc4d99b7d06bda8b91bd52
cross-origin-resource-policy: cross-origin
content-length: 3609
x-served-by: cache-sjc10057-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.8776
last-modified: Mon, 24 Apr 2023 16:10:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F782b66ec32227cdc337095c37455881c294cbc61%2Fbrush-1.png
cdn.convertri.com/ 11 KB
11 KB 44ms
43ms Image
image/png 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F782b66ec32227cdc337095c37455881c294cbc61%2Fbrush-1.png
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: e5f2a31e0aa141a814781a8fbe86ff664004b17482cf7473e70cdd3df5c603c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-downloadsize: 10798
cdn-edgestorageid: 1078
x-bo-processingtime: 1
cdn-cachedat: 04/26/2023 21:39:30
cdn-pullzone: 408079
x-bo-server: ASB-208
last-modified: Tue, 25 Apr 2023 10:46:06 GMT
server: BunnyCDN-DE1-1077
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 35
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: 3fb86c7e55b6860cbbe52238a8a75937
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F8fad59103159d5ead1a9bcd5387ae5c5390d8d78%2Fbrush-2.png
cdn.convertri.com/ 4 KB
4 KB 42ms
41ms Image
image/png 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F8fad59103159d5ead1a9bcd5387ae5c5390d8d78%2Fbrush-2.png
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: d00d49f981373bcec0085b90ea4e70412173cbb53e38b965f5a353627d83216c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-downloadsize: 3643
cdn-edgestorageid: 1054
x-bo-processingtime: 0
cdn-cachedat: 04/26/2023 21:39:30
cdn-pullzone: 408079
x-bo-server: ASB-210
last-modified: Tue, 25 Apr 2023 23:32:24 GMT
server: BunnyCDN-DE1-1077
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 61
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: 33d94855338547d163a6c18d4e64ca7e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F6319fde9bd7b0ea35843b95ad4fadc31ea9c314c%2Fu-1.png
convertri.imgix.net/ 1 KB
1 KB 23ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F6319fde9bd7b0ea35843b95ad4fadc31ea9c314c%2Fu-1.png?auto=compress,format&fit=scale&w=488&h=9

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ace6e16ccfff9b8f74445f196655f1315a1205680ec975f2cac8cdd40f17d782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-content-type-options: nosniff
age: 352819
x-cache: HIT, HIT
x-imgix-id: d1e78563b2822ded8bde51bad597db32296ab77a
cross-origin-resource-policy: cross-origin
content-length: 1028
x-served-by: cache-sjc1000093-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.8776
last-modified: Mon, 24 Apr 2023 16:10:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F7bd908d71d535cf9fd1dc30b7b81a4e4be5bb676%2Fheade-dfy1.png
cdn.convertri.com/ 204 KB
204 KB 60ms
59ms Image
image/png 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F7bd908d71d535cf9fd1dc30b7b81a4e4be5bb676%2Fheade-dfy1.png
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: 638156f1f876d4f40e0b4a4c288fc9cd9368337adae6b7d1748c3b6b48fc5409

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-downloadsize: 208690
cdn-edgestorageid: 1081
x-bo-processingtime: 33
cdn-cachedat: 04/26/2023 21:39:29
cdn-pullzone: 408079
x-bo-server: ASB-196
last-modified: Tue, 25 Apr 2023 10:46:06 GMT
server: BunnyCDN-DE1-1077
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 117
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: 2d1eba15cfac0520516eaa2dfcab476f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fdaf28b3be05349d9e603211cee84fc5547411de3%2Fu-2.png
convertri.imgix.net/ 1 KB
1 KB 85ms
19ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fdaf28b3be05349d9e603211cee84fc5547411de3%2Fu-2.png?auto=compress,format&fit=scale&w=610&h=9

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1e2b0a4957093078e7823f6d5307fde01d58168e259a64e5960e899412c0b881

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-content-type-options: nosniff
age: 352819
x-cache: HIT, HIT
x-imgix-id: 2784526823300291d88b02149588a0a7ac18e299
cross-origin-resource-policy: cross-origin
content-length: 1079
x-served-by: cache-sjc10037-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.8776
last-modified: Mon, 24 Apr 2023 16:10:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2F5bf5427b7746af4895267aeb51459684d11f4c08%2Ftxt_brush2.png
cdn.convertri.com/ 101 KB
102 KB 92ms
27ms Image
image/png 2400:52e0:1e00::1077:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.convertri.com/1aadb758-89fa-11e9-99fe-0697e5ca793e%2F5bf5427b7746af4895267aeb51459684d11f4c08%2Ftxt_brush2.png
Requested by: Host: dfyblogs.live
URL: https://dfyblogs.live/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1077:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1077 /
Resource Hash: df5a624e0ae2b9295723e10239343f43798b5b2569e8f3340be0ad9b55e7c7df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-downloadsize: 103864
cdn-edgestorageid: 1078
x-bo-processingtime: 3
cdn-cachedat: 04/28/2023 15:23:30
cdn-pullzone: 408079
x-bo-server: ASB-204
last-modified: Fri, 28 Apr 2023 15:20:04 GMT
server: BunnyCDN-DE1-1077
cdn-requestpullcode: 200
cdn-proxyver: 1.03
x-bo-origindownloadtime: 33
content-type: image/png
cdn-cache: HIT
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control: public, max-age=2592000
cdn-requestid: e2362618aebf57ac0585930497fc31eb
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 header.png
convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e/8390fc51ec9e33dfecf0dc9f69f6ff2c127ded83/ 15 KB
15 KB 88ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e/8390fc51ec9e33dfecf0dc9f69f6ff2c127ded83/header.png?auto=compress,format&fit=clip&w=1600

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5084f2d404666af680c98103aa32d65f39d40eddf1afcda54105dde52f7e2293

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-content-type-options: nosniff
age: 270434
x-cache: HIT, HIT
x-imgix-id: 41def2e3f43f9cbfb8eacb80a7620d4db8815ffc
cross-origin-resource-policy: cross-origin
content-length: 15021
x-served-by: cache-sjc10062-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.9288
last-modified: Tue, 25 Apr 2023 15:03:44 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fb2f2df5001d7409219ab5ddd79f9e8fab366ea42%2FDFY-Blogs_Logowhitetext.png
convertri.imgix.net/ 3 KB
3 KB 84ms
18ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/1aadb758-89fa-11e9-99fe-0697e5ca793e%2Fb2f2df5001d7409219ab5ddd79f9e8fab366ea42%2FDFY-Blogs_Logowhitetext.png?auto=compress,format&fit=scale&w=204&h=59

Requested by

Host: dfyblogs.live
URL: https://dfyblogs.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

efc87bbcc4b19348ff55f3a23ffd8791f2fc5da8dab14bca64668779c0da9c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:58 GMT
x-content-type-options: nosniff
age: 88464
x-cache: HIT, HIT
x-imgix-id: b6b4fd8528087945238a8c255388c9484cde7779
cross-origin-resource-policy: cross-origin
content-length: 2932
x-served-by: cache-sjc10069-SJC, cache-fra-eddf8230042-FRA
x-imgix-render-farm: 01.8776
last-modified: Thu, 27 Apr 2023 17:36:33 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 86ms
19ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: provely-public.s3.amazonaws.com
URL: https://provely-public.s3.amazonaws.com/scripts/provely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Apr 2024 08:44:29 GMT

GET
H/1.1 200
OK provely.css
provely-public.s3.amazonaws.com/css/ 95 KB
96 KB 124ms
123ms Stylesheet
text/css 3.5.29.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://provely-public.s3.amazonaws.com/css/provely.css
Requested by: Host: provely-public.s3.amazonaws.com
URL: https://provely-public.s3.amazonaws.com/scripts/provely.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9b6a639022c359676a0dcdd6f49af8dca7017f6496af95c3da33bbc6200031b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:11:00 GMT
Last-Modified: Fri, 21 Apr 2023 17:25:02 GMT
Server: AmazonS3
x-amz-request-id: 4VFMZXQ97PVA1D18
ETag: "15ff57324a29ba94aa38e3b617262cb7"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 97503
x-amz-id-2: UMxcVRshY98kYLNhP1T6s4Mv5DUPFW4WwXIjnKSsSRk/jBwpbKc37FVuWKiVoG9UgaEsBjE8Qtz0wTYCPccDB2IKa+dvOSRIWPjQKxaFhwk=

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 92ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: provely-public.s3.amazonaws.com
URL: https://provely-public.s3.amazonaws.com/scripts/provely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 90691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR8CBurdfcoU4x6XsFrSSLFO9mjno85D3GKJDWYa8ojZqPkz8EWAO4QzMPcIrsgBHc8TQMdR6d4%2Bt0ClSUxfpNf3JqSffQs1%2Fgql5tWmpC3afWJvCQ2focHDoQNTkDDLi9hHro6Un9NhhD8pINn2PXBp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bf143e039a61c22-FRA
expires: Wed, 17 Apr 2024 18:10:59 GMT

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/css/ 25 KB
2 KB 96ms
42ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/css/intlTelInput.css

Requested by

Host: provely-public.s3.amazonaws.com
URL: https://provely-public.s3.amazonaws.com/scripts/provely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 45195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1970
last-modified: Tue, 30 Nov 2021 03:08:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61a59596-7b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdhCgVzyByRdSQIWgC%2Bc%2Bi6T%2F%2BWKW3pFIDuP5Io194dG7EsOA3FD1GHtt793plJFrxgnBlVEIG2DUMJswgWGic9HwawYtf4EJTldwXneO5Za7FIPFitNDxRo1rcX1tcqgw%2Bi4Eag6z%2FVWhtaN1z%2Bt2NO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bf143e039a81c22-FRA
expires: Wed, 17 Apr 2024 18:10:59 GMT

GET
H/1.1 200
OK wurfl.js Show response
wurfl.io/ 4 KB
2 KB 214ms
46ms Script
application/javascript 34.241.49.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wurfl.io/wurfl.js
Requested by: Host: provely-public.s3.amazonaws.com
URL: https://provely-public.s3.amazonaws.com/scripts/provely.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.49.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-49-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d83dca202a4e9e03f699c025878763187e6fe4c79553bab5022474c03b65b5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:10:59 GMT
Content-Encoding: br
Accept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
Access-Control-Max-Age: 28800
Access-Control-Allow-Methods: HEAD, GET, POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: origin, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version
Connection: keep-alive
Content-Length: 1443

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/ 29 KB
9 KB 95ms
41ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/intlTelInput.min.js

Requested by

Host: provely-public.s3.amazonaws.com
URL: https://provely-public.s3.amazonaws.com/scripts/provely.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

046cf965cfbc0b45899a27b617d15995e04b211b80bf21d9f0e85d5630972e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 47399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8933
last-modified: Tue, 30 Nov 2021 03:08:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61a59596-22e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCpT0wQzNVLWrucn6h8pP%2BJ8bbF%2Fp0PFVbjXEB0AqdxCuR8CcuGCI3gM6fKNiQ006yhG8ALfJ0YHnxPwRxzoSiIt2dgReQDMusI8rySLLuHXl1eiyJHbZ%2F4ZVIYnDNxL61xxd%2BdfAQE4laLNpyVTom58"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bf143e039ab1c22-FRA
expires: Wed, 17 Apr 2024 18:10:59 GMT

GET
H2 200 notification Show response
app.provely.io/api/widget/5e4c989a-22d0-41f9-afdc-32a5486a2e19/ 2 KB
1 KB 456ms
194ms XHR
application/json 54.175.250.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.provely.io/api/widget/5e4c989a-22d0-41f9-afdc-32a5486a2e19/notification?domain=dfyblogs.live&page_url=%2F&translate=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.250.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-250-157.compute-1.amazonaws.com

Software

nginx /

Resource Hash

979384d108eaa2d364c11876140135a0704562096b1f266dfc2fa3d35aa82a94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:59 GMT
content-encoding: gzip
server: nginx
x-ratelimit-remaining: 59
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://dfyblogs.live
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
vary: Origin

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 78 KB
21 KB 29ms
18ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7060522f3a8860967c65cf83fdb402c20715914136eea1a21f7bf4925e39ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:59 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1020
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21034
x-served-by: cache-iad-kiad7000149-IAD, cache-fra-eddf8230038-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 22:54:47 GMT
server: AmazonS3
x-timer: S1682705459.440481,VS0,VE0
etag: "eae77a9a9c4d08f0531d7b2b19ae797c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 89b1f71dbbfc74f798186d527b78a9dc6f8c4f90
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 38, 52

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 881ms
113ms XHR
text/plain 3.216.191.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.191.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-191-214.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 18:11:00 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 3554 1 KB
929 B 712ms
707ms Document
text/html 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=25400607a41a540&seg=home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c58835fdeed615c23c7603d0200362af02ad0e51eed0de3aff42be6160188b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7bf143e18d179b77-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Apr 2023 18:11:00 GMT
etag: W/"YzVkY2FjYjJnYzQ2NGc0NzQzZzhhMzJnOGYyNjk3MWIzYWY5LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzQ5xUlA9tQtVY05fx7met6dkJ99WJtdMivLsHQ8FjkdmNaL49EGa0vgQSTMPdMNx45XjZBw8iIq1h8VXEXUCYJlF18dESHjPdwsN0OymxmQ0Jmdfx9KgA1RE5ZICFlICiXZEhD2pCvCKY7pYTt1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-7cb8d6d795-5n79z:cc-nginx-7cb8d6d795-5n79z
x-requestid: 5a78ac16-448a-4859-b783-f4579df3bbac

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 401ms
120ms XHR
text/plain 3.229.139.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.139.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-139-19.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 18:10:59 GMT
cache-control: max-age=0, private, must-revalidate

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 331A 1 KB
1 KB 142ms
141ms Document
text/html 2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=25400607a41a540&seg=dfyblogs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c58835fdeed615c23c7603d0200362af02ad0e51eed0de3aff42be6160188b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7bf143e18d189b77-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Apr 2023 18:10:59 GMT
etag: W/"YzVkY2FjYjJnYzQ2NGc0NzQzZzhhMzJnOGYyNjk3MWIzYWY5LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZm86jEhOhSpoC7lc%2Fnt%2FW8qK4Q5WOO6GV4%2FV1mVoSNMpfs94Coq8fq3tHm11qRqzpjd2YPCnyd3jaaEGXvjRfAi43nYPwt%2BMSPbkrxAkgKxqQWyRx7InJdDvfQ52ZiZC88yJcUSW8yO8T7fvUinQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-7cb8d6d795-m6pt5:cc-nginx-7cb8d6d795-m6pt5
x-requestid: 97c91297-6896-4db3-930c-8c4c3a32313e

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 21ms
20ms Image
image/gif 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://dfyblogs.live/
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 16, 2866
date: Fri, 28 Apr 2023 18:10:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 69352
x-cache: HIT, HIT
x-envoy-upstream-service-time: 0
content-length: 1214
x-served-by: cache-iad-kiad7000052-IAD, cache-fra-eddf8230038-FRA
x-browser-version: 112
last-modified: Thu, 27 Apr 2023 19:29:52 GMT
server: envoy
x-timer: S1682705460.525119,VS0,VE0
etag: "644acd30-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000,public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bv14u9hw8v.m3u8 Show response
fast.wistia.com/embed/medias/ 941 B
1 KB 20ms
20ms XHR
application/x-mpegurl 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/bv14u9hw8v.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

f43f86151cde6945c5cbb98d05569fb294c5970090a84faab64c7bdbe9dacfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:10:59 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 3
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time: 47
content-length: 941
x-request-id: 7d74d2d4-e2e1-435a-b5fb-ee62cb1adf70
x-served-by: cache-iad-kcgs7200056-IAD, cache-fra-eddf8230038-FRA
x-runtime: 0.044737
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 112
server: envoy
x-timer: S1682705460.529420,VS0,VE0
etag: W/"f43f86151cde6945c5cbb98d05569fb2"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 2

GET
H2 200 9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 6 KB
6 KB 28ms
23ms XHR
application/vnd.apple.mpegurl 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b741edf2230f24d6b78fff43ae04db67d7dfffe480a6d2f9a000a99962e843cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:21 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164318
edge-cache-tag: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 200
content-length: 5912
surrogate-key: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jva35ZFGYasUcvjaEakrfWn-nedlJVcPyzWMUYrV84SP7uuF-EhUqA==
expires: Thu, 25 Apr 2024 20:32:21 GMT

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 331A
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f

0
293 B

402ms
401ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
x-frontend: cc-nginx-7cb8d6d795-x9mzn:cc-nginx-7cb8d6d795-x9mzn
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: d423781f-6553-4883-a34f-0adc186da6d9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwoqIHlS%2F7TwTsXWuDba2AFLsyGev8mN%2BsoOLdFq9CfNU3IByQ7mxiTjryuK3JBnYMxPAIZSvDvhkEv%2F5uUj1xrqAG07O60chvvlbgoHsS2Ot3JymG1PwCh447Q0vS0dQySR19n880H965AL52Zo%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bf143e6cd6c9b77-FRA

Redirect headers

date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 331A
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=25c40d2b-9e6c-5b0c-bb84-384b31216ab2&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=7460e77a-c03c-436b-921f-680418ed6b3b&hem=

0
464 B

137ms
137ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=7460e77a-c03c-436b-921f-680418ed6b3b&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
x-frontend: cc-nginx-7cb8d6d795-x9mzn:cc-nginx-7cb8d6d795-x9mzn
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: f9bcb680-0fd9-4687-bf8f-b1116c1b1dee
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bb3DuE00MTstjjl%2BE5%2Fq9XTqpuVpQODI4rhzITqL09AO%2FuYDc96XymYrVoDM%2Fp9dM3K%2BoRTAJWYjslpIgk%2F2wowdRgt0AjQto1PQx4pP7MloK%2FrzKIAwIOlAXCP3Gk%2BgVCthGiNF75QMNc%2Be2mQDTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bf143e7bf039b77-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=7460e77a-c03c-436b-921f-680418ed6b3b&hem=
date: Fri, 28 Apr 2023 18:11:00 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 331A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

64ms
49ms

Image
text/plain

52.50.252.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE

Protocol

HTTP/1.1

Server

52.50.252.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-252-9.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8/ 726 KB
727 KB 24ms
24ms XHR
video/mp2t 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/9a9a885d2b484abe46fb3195df02d6c726160b02.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: f5d42289c14d80ad4f8f60ffa106a36769bc41b2b3fbdf7933a92ec0eb285755

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:22 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164317
edge-cache-tag: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 99
content-length: 743352
surrogate-key: 9a9a885d2b484abe46fb3195df02d6c726160b02-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QjXgLNMzyI6iJDMMPNo8b25nqrGNjm5CNsYLna1NHrxhvWIF24uTPg==
expires: Thu, 25 Apr 2024 20:32:22 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 331A
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=c5dcacb2-c464-4743-8a32-8f26971b3af9&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2%2Dc464%2D474...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=$UID
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2-c464-4743-8a32-8f26971b3af9%26anx_uId%3D%24UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=6060133843969884132
https://x.bidswitch.net/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0

43 B
344 B

29ms
27ms

Image
image/gif

3.126.64.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE
Protocol: H2
Server: 3.126.64.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-64-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0
date: Fri, 28 Apr 2023 18:11:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 3196 490 B
760 B 165ms
63ms Document
text/html 18.66.122.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-34.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 08e11987f9827439c65f7e77bf0935781b3fed0026058a9ce17c91458ef57bd6

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Fri, 28 Apr 2023 18:10:59 GMT
server: CloudFront
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-id: TwP5eOLm8ewG1gDQxZen5fEwSZC8MhjI4lAHcYkxH5GA7RTUiftPbg==
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1d65a03c2eb67ac9c9a9932ad7ece9b2abbc8b8dd016cb0e3c1f4b5326c2ea4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:24 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164315
edge-cache-tag: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 227
content-length: 5912
surrogate-key: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uOMQwLGKLPjoxFfntedUpDyHgT9DphTU8gs5SU6VmWB-k7IRzGsvHg==
expires: Thu, 25 Apr 2024 20:32:24 GMT

GET
H2

503

/
a.clickcertain.com/px/img/ Frame 3196
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=076b17b0-e5f0-11ed-ab08-831033bef352
https://a.clickcertain.com/px/smart/a/?type=img&partner_id=193f0456&c=24d1add2443e239&partner_rid=076b17b0-e5f0-11ed-ab08-831033bef352
https://a.clickcertain.com/px/img/?c=24d1add2443e239

0
377 B

279ms
279ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/?c=24d1add2443e239
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU1LH5FP8yV9rz7N1m%2BjhcWzJwBf1GHT8UL5KWUvhu8%2FfvycxP%2F0NWIbHHiqpumANbjW4gL3qDtOSzfoVpeyP6YiPxBxJTB7NbDH2SjiAd7jBa33d1GYRcvhq9srI1m4q1ttFCPNIZVxOER8P8jJiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bf143e59ba59b77-FRA
content-length: 0
l5d-proxy-error: client 192.168.32.248:51916: server: 192.168.33.192:80: server 192.168.33.192:80: service a.clickcertain.com:80: service unavailable

Redirect headers

date: Fri, 28 Apr 2023 18:11:00 GMT
x-frontend: cc-nginx-7cb8d6d795-m6pt5:cc-nginx-7cb8d6d795-m6pt5
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 2f256bde-2468-48bc-a511-a276a2c23c97
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5ak5hjL1RtOY8CWPHh1PTGGtJBQTQVHk10PNUbA3shKunwFvGh4WDx0iNA1D6DCLzMmp%2FOkvh7C424sRRqlJ4M0ONBOAVRHUYfMP%2FgUbeA3K1tsbL16bHcQrJ2XnynapG%2FOvzM1CBNV%2FPSPrgk3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
location: https://a.clickcertain.com/px/img/?c=24d1add2443e239
cf-ray: 7bf143e4ba709b77-FRA

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 3196 0
148 B 616ms
253ms Image
text/plain 54.185.111.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.111.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-111-51.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
server: awselb/2.0

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 3196
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

78ms
43ms

Image
text/plain

52.50.252.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Server

52.50.252.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-252-9.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
135 B 150ms
114ms XHR
text/plain 3.216.191.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.191.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-191-214.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 28 Apr 2023 18:11:00 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 3554
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f

0
336 B

179ms
179ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
x-frontend: cc-nginx-7cb8d6d795-m6pt5:cc-nginx-7cb8d6d795-m6pt5
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 5a3c1b3f-1169-40a5-919c-a6f1688b17a9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mbh%2BlcNaT%2BxoXzhxGzX%2BUqIOYUmmjmVUuq7t2AfzYdEA0DJ6jZ%2Fu%2BYxTGTXcAFGMXbqfIkJ6c9b4AqR1owvBj1UObGV9t3EpSjEQPQ6956GNgeQfVs3hACyq4IY33oN93rQHiMI1gwTlJ6Xuw2xsMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bf143e79ed79b77-FRA

Redirect headers

date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=0ce66b2f-36b6-40cc-9050-55e097d7f81f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 3554
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=25c40d2b-9e6c-5b0c-bb84-384b31216ab2&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=997f1ef3-deb9-44a8-9b52-80520b1ccf4b&hem=

0
297 B

391ms
391ms

Image
text/plain

2606:4700:20::681a:832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=997f1ef3-deb9-44a8-9b52-80520b1ccf4b&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE
Protocol: H2
Server: 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
x-frontend: cc-nginx-7cb8d6d795-hqc6w:cc-nginx-7cb8d6d795-hqc6w
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: da12991e-7cf1-4505-9934-de87bd0cce5d
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8SkLQ91MTF1oMDcrJ4i%2BKdo%2BWchuMZUbWOeofA8Y0Y77e6sbzwMEqfhGAbldGnUVCH57ub%2B%2Fz6dyzi9o9AcLULACnYMTWEP55ebGRFhyRVWfLIyNVfzk3NxKn%2FJZICz21gvTTuWsrzcXCkjhV%2Bl7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7bf143e7aee59b77-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=997f1ef3-deb9-44a8-9b52-80520b1ccf4b&hem=
date: Fri, 28 Apr 2023 18:11:00 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 3554
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

60ms
46ms

Image
text/plain

52.50.252.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE

Protocol

HTTP/1.1

Server

52.50.252.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-252-9.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
x.bidswitch.net/ Frame 3554
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=c5dcacb2-c464-4743-8a32-8f26971b3af9&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2%2Dc464%2D474...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=$UID
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3Dc5dcacb2-c464-4743-8a32-8f26971b3af9%26anx_uId%3D%24UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=c5dcacb2-c464-4743-8a32-8f26971b3af9&anx_uId=8969216167542951828
https://x.bidswitch.net/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0

43 B
145 B

21ms
21ms

Image
image/gif

3.126.64.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE
Protocol: H2
Server: 3.126.64.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-64-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Fri, 28 Apr 2023 18:11:03 GMT
x-frontend: cc-nginx-7cb8d6d795-5n79z:cc-nginx-7cb8d6d795-5n79z
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 8a579cc1-8b27-4945-9187-5dabbc6ac509
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSffHnxSHXbkn8krPjGHH93TQ4w3CdtC2kdoeeR8s89e3iBLeNBMgkgym93%2FmOI62p6AAY2WYyRmkBEzlB%2FBbLpc%2Bh%2FuLv8dxTW0b8zfS1nA6ctgtnLD4RIHX9I2yzYmfGcNVR3gWCYNfkBgp2iMKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=c5dcacb2-c464-4743-8a32-8f26971b3af9&expires=5&user_group=0
cf-ray: 7bf143eec91d9b77-FRA

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 40CD 490 B
760 B 38ms
38ms Document
text/html 18.66.122.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=25400607a41a540&ccid=5ab63d27-7940-445e-a6d7-201c3f642a4b&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-34.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: ef47008558766b8dc8e89b1626ebc459a56f8b92f625e4eecd2e4904e9eb7857

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Fri, 28 Apr 2023 18:11:00 GMT
server: CloudFront
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-amz-cf-id: D3rKANxpruKghXV4yES-RJCFi-dthwPZxOQr3CjpfweQ4jFRdKKQ-Q==
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 500 /
a.remarketstats.com/px/smart/ Frame 40CD 0
285 B 118ms
116ms Image
text/plain 2606:4700:20::ac43:4549
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=07b0c8a3-e5f0-11ed-98dc-831033bef352
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4549 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7bf143e6a9b9377b-FRA
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HAGyJelMQdas%2BWqXR3rpl9ixKsMa9usqkMxsRf9lM0rNN2T0q0LFukFTS8K3Ct9569leDhgo33f9wpg1C%2F7nmddacEbp1WZpKhUlrdQ2fNQ6%2FwuQNoZXPVHXNQJ7CNkjRMZArPpZYymvqUtwckaiCc%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 40CD 0
147 B 223ms
221ms Image
text/plain 54.185.111.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.111.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-111-51.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:00 GMT
server: awselb/2.0

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 40CD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

50ms
50ms

Image
text/plain

52.50.252.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Server

52.50.252.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-252-9.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Fri, 28 Apr 2023 18:11:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8/ 227 KB
227 KB 19ms
19ms XHR
video/mp2t 2600:9000:211e:6800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8a245e7a4fc92388029d52ab5696c83d598d0ed4.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 1177b5ce33e6ab23b9d68da2113c5ad842168264ce6628177ea99e8242df9fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:32:27 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA56-C2
age: 164313
edge-cache-tag: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 68
content-length: 231992
surrogate-key: 8a245e7a4fc92388029d52ab5696c83d598d0ed4-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1UubVIa2gGvHcvIL5LRhkJNDEOsttZQvDkTSMGSMqu5Gofe9zwMVcw==
expires: Thu, 25 Apr 2024 20:32:27 GMT

POST
H2 200 5e4c989a-22d0-41f9-afdc-32a5486a2e19
app.provely.io/api/activities/ 6 KB
1 KB 175ms
174ms XHR
application/json 54.175.250.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.provely.io/api/activities/5e4c989a-22d0-41f9-afdc-32a5486a2e19

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.250.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-250-157.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 18:11:05 GMT
content-encoding: gzip
server: nginx
x-ratelimit-remaining: 58
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://dfyblogs.live
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
vary: Origin

POST
H2 400 visitor
app.provely.io/api/collect/5e4c989a-22d0-41f9-afdc-32a5486a2e19/ 89 B
328 B 206ms
206ms XHR
application/json 54.175.250.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.provely.io/api/collect/5e4c989a-22d0-41f9-afdc-32a5486a2e19/visitor?type=unique

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.250.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-250-157.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:05 GMT
server: nginx
x-ratelimit-remaining: 57
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://dfyblogs.live
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
vary: Origin

POST
H2 200 impression
app.provely.io/api/collect/5e4c989a-22d0-41f9-afdc-32a5486a2e19/ 72 B
340 B 361ms
361ms XHR
application/json 54.175.250.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.provely.io/api/collect/5e4c989a-22d0-41f9-afdc-32a5486a2e19/impression

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.250.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-250-157.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://dfyblogs.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:05 GMT
content-encoding: gzip
server: nginx
x-ratelimit-remaining: 56
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://dfyblogs.live
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
vary: Origin

GET css2
fonts.googleapis.com/ 0
0

GET
H/1.1 200
OK 304d6a1f37cfcf6181987deb2120d7d9.jpg
provely-public.s3.amazonaws.com/images/maps/ 5 KB
5 KB 123ms
123ms Image
image/png 3.5.29.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provely-public.s3.amazonaws.com/images/maps/304d6a1f37cfcf6181987deb2120d7d9.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.29.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfyblogs.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 18:11:06 GMT
Last-Modified: Wed, 27 Apr 2022 14:13:45 GMT
Server: AmazonS3
x-amz-request-id: 1DXGQKMJ4GB95HM1
ETag: "4195656fbd3e61f0356f1c668071deea"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4678
x-amz-id-2: QVjrqBz20Z3ZXbH/W0c1+h/7oUVecEzYF9VrhYkrDXALRqg5wXTnTtZREW8uhoYk2bz1R4Jr2FpANnrhcVPa3V69S4lGCoPWPqbwiZ23MQk=

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 366ms
25ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://dfyblogs.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 18:11:05 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 951681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9ObRNZg0qYt2cXTFS3mrZQrvfAkwdfzBdMxFHs0xnLeenb3RWaIPY7UZUFeT2YCcX0tVUv2r5EL%2Bmkka0%2F6y4HFV1CPh%2Bmcl7bqGCMONgHSsCwDqTSiXp9VmjL83cCBdkQV4A9uJgy3rINVKxXOO%2FDQ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bf14406d9a7198d-FRA
expires: Wed, 17 Apr 2024 18:11:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;600&display=swap

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 12:08:17	Name: _li_ss Value: CgA
.dfyblogs.live/	1970-01-20 13:34:41	Name: _gcl_au Value: 1.1.1954724705.1682705455
.vimeo.com/	1970-01-20 11:25:07	Name: __cf_bm Value: XS2EvDJWHa7fed_bWzGaELqtU.tLA15TseO6_ifkkuk-1682705455-0-ASEFucc5HCKSvPbA0A2p8rFGI0QZ8PIi1QnxnQWkj6ZXjvnS5vjGMu7x6MRk8Wtkj7ISHxsaan0nxe8pQnL2DyI=
.dfyblogs.live/	1970-01-20 13:34:41	Name: _fbp Value: fb.1.1682705455989.1607010760
.vimeo.com/	1970-01-20 21:01:05	Name: vuid Value: pl1387301300.1047898713
a.clickcertain.com/	1970-01-20 20:10:41	Name: _ccpx Value: 25400607a41a540
a.clickcertain.com/	1970-01-20 20:10:41	Name: _ccpx_u Value: c5dcacb2%2dc464%2d4743%2d8a32%2d8f26971b3af9
a.clickcertain.com/	1970-01-20 20:10:41	Name: _ccpx_25400607a41a540 Value: 2
dfyblogs.live/	1970-01-20 11:25:07	Name: _sp_ses.1335 Value: *
dfyblogs.live/	1970-01-20 21:01:05	Name: _sp_id.1335 Value: 9b97a8d5-0bde-4c83-adf3-108b801c51fb.1682705458.1.1682705458.1682705458.bb2c6452-b3ff-446c-8825-c3feb347b6a6
.tapad.com/	1970-01-20 12:51:29	Name: TapAd_TS Value: 1682705460212
.tapad.com/	1970-01-20 12:51:29	Name: TapAd_DID Value: 0ce66b2f-36b6-40cc-9050-55e097d7f81f
.tapad.com/	1970-01-20 12:51:29	Name: TapAd_3WAY_SYNCS Value:
.bidr.io/	1970-01-20 20:53:39	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 20:53:39	Name: bito Value: AAA-V07ImBgAAA8wZ2EkhQ
.a.usbrowserspeed.com/	1970-01-20 20:10:41	Name: tuid Value: f36cddef-f553-4e92-bffc-90c9ea4b062e
.liadm.com/	1970-01-20 21:01:05	Name: lidid Value: 746501b6-db2d-4621-b35a-add4d971e1b5
.doubleclick.net/	1970-01-20 20:46:41	Name: IDE Value: AHWqTUkfQHgp3le8iSpVyCcSYafq7yFiM7sEVF5kEGn1Kf1KIgQedMPMpGbOZ9qjhmg
.adnxs.com/	1970-01-20 13:34:41	Name: uuid2 Value: 8969216167542951828
.bidswitch.net/	1970-01-20 20:10:41	Name: tuuid Value: de203f15-3bdd-4219-8936-9251f3496706
.bidswitch.net/	1970-01-20 20:10:41	Name: c Value: 1682705462
.bidswitch.net/	1970-01-20 20:10:41	Name: tuuid_lu Value: 1682705462

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dfyblogs.live/(Line 54) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://a.clickcertain.com/px/img/?c=24d1add2443e239 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=07b0c8a3-e5f0-11ed-98dc-831033bef352 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://app.provely.io/api/collect/5e4c989a-22d0-41f9-afdc-32a5486a2e19/visitor?type=unique Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
ajax.googleapis.com
app.provely.io
cdn.convertri.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
convertri.imgix.net
dfyblogs.live
distillery.wistia.com
embed-cloudfront.wistia.com
f.vimeocdn.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.liadm.com
i.vimeocdn.com
match.prod.bidr.io
pipedream.wistia.com
pixel.tapad.com
player.vimeo.com
provely-public.s3.amazonaws.com
secure.adnxs.com
snowplow.convertri.com
static-sprites.countingdownto.com
tag.trovo-tag.com
vimeo.com
w2.countingdownto.com
warriorplus.com
wurfl.io
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
fonts.googleapis.com
104.26.5.97
142.250.186.34
146.75.118.109
162.159.128.61
18.66.122.34
185.89.210.153
2400:52e0:1e00::1077:1
2600:9000:211e:6800:1e:c86:4140:93a1
2606:4700:20::681a:832
2606:4700:20::681a:85d
2606:4700:20::ac43:4549
2606:4700::6811:190e
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::622
2a04:4e42:8d::720
3.126.64.212
3.213.227.16
3.216.191.214
3.229.139.19
3.5.29.177
34.111.113.62
34.120.202.204
34.204.163.0
34.241.49.120
35.240.1.10
52.50.252.9
54.175.250.157
54.185.111.51
009b9424acbc4bb3a0251540ae75b014016428276d6d1feba423f2e4f3f54051
0169e4dcdc172069ab64d72f8eb7a3ea2b9289efb71a8ba814ac4e2248963f0b
03502bcd727a95eda3b57ee5a55dff790f6c9ce573db753e6b04acdcf3808fde
046cf965cfbc0b45899a27b617d15995e04b211b80bf21d9f0e85d5630972e41
08e11987f9827439c65f7e77bf0935781b3fed0026058a9ce17c91458ef57bd6
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
1177b5ce33e6ab23b9d68da2113c5ad842168264ce6628177ea99e8242df9fa4
160d77bc45fd9f224bc4db7312ce8ca35f71f0ac7e56ead13dee92a058e82a31
19fa3866feddf86e539bf09dddb4ebe48b69ab83e8a1568dc7e6b8a1774ec9b5
1d65a03c2eb67ac9c9a9932ad7ece9b2abbc8b8dd016cb0e3c1f4b5326c2ea4f
1e2b0a4957093078e7823f6d5307fde01d58168e259a64e5960e899412c0b881
23615d1c1269a775196e47d8cb493154182e83e68d00b1c4a50ce0d4de3a58b8
285e5a779b78c940eb213bdb3ac220b3996d6192f2691e72853a58f4d2225e80
2a955d5934c75c58fc98bdbda9a9485cad44475b82c6422654d02faea7a25ecc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3db0a7fc73e53371a7ceb0d57cce0b575b15fea7f6b0687922d87e311be056a4
41c8f3b83e9c15fbe7da02d35f97e8785d06a92815ae84c707300b77d854e479
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4dc3afbb203cb94f813dbb3a0858faed09ba29356137bf28ec2ea4a4f34464c6
5084f2d404666af680c98103aa32d65f39d40eddf1afcda54105dde52f7e2293
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549d2df1c0ce2f9c36f567171ed3f0824c9b7e0c84ff30bef25dd1c5810b940d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32
60e7d4a37ba6aed2b231cdeee8e9d081fb4cfeba5a1381cb46348309e5c48311
6126b6b2debfef5868d98930b399ef32db888958cd4f6e37fa62afb77d56e0ca
61ea5ea25e38c1dc365c5ba715e9149efaa93c5cdbfa0d2ec41c2997c6e04c9a
63605d84898933b062ad56edc6ef0783b8c9b55e6bdae1447b9142260870dae2
638156f1f876d4f40e0b4a4c288fc9cd9368337adae6b7d1748c3b6b48fc5409
638d5a072c5bc0d3ffbd2a9c8b3d2377dc7db23dcf0ed6bf23735390f21490a2
65377f9e4042ee2ee0d848ee1ccbecc0a0d53b38e5bf62e40377e887460e594e
6f326539f10597cea12f1d443a4018ffb7c4dd07c12580bd69d16d592c27d2f9
7060522f3a8860967c65cf83fdb402c20715914136eea1a21f7bf4925e39ebe6
76e08b06570b6132904367e022feb05c110f8c637b0bb0f2d2d47e5dfc9c8fcd
7c998f5219b663098ac124bd7dfed50a709c46d363c721bf355bb42a9487561b
8065e9ad8dd60e884355609cd7b6696a5d2152beb834c8ddb17685b8c48f9aa5
832d72cd11b4a37a93c43757cf4deb1d8c648b86fa2093d72ecac0a4e6c1eef2
83650ad171454039e1344f4b86dfdaee4596df17c2f8aa2e2e36764953b407bb
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c58835fdeed615c23c7603d0200362af02ad0e51eed0de3aff42be6160188b9
8e3701d2d6ce1fd1e7078be9d9430ed21bb9f7230a1ba500167f2a8817a88c3b
979384d108eaa2d364c11876140135a0704562096b1f266dfc2fa3d35aa82a94
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9bc5add49cebb5c829f1195a1a1ba0487fc5c9304413e4aa8f673eb05392baee
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ab14a4343b3081d4d5e6a8374e60de8fcf09138b259936df8e976daeaa250007
ab949d217aeb59201b46ce64934ff23a46fa4ce684db25002d88c15b59e72dff
ace6e16ccfff9b8f74445f196655f1315a1205680ec975f2cac8cdd40f17d782
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b741edf2230f24d6b78fff43ae04db67d7dfffe480a6d2f9a000a99962e843cc
b8332e0c6fd7560a2321ab23e6cc9e5665eb7b194b343b568d2a18750d4fd5c1
bacf9f9960613a50f1c9ad426b5a1c88ec691792361186ad39383e24b8f0bc81
bd246173b2bd96e2c6c4de0507eb5935ec577f4abc9250eaefdcc936f235ccd7
bdd51d7a1b440706a4a7b709854f2f859d38d4491c975364a703b55777ec4ef1
bedb5c0eb2e55675ecd496c04f7780adeeadc2a0fef36c335a84724f29812628
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c32d4d8065d9f4a2422ec61ff4d359d8231c2ef010ae97db515bc45793904c89
c3549500032014880a5f26801042304db6abd5411a01749ba00c1896eebfe622
c3a576b4dd1a3a95e2a5eabc023fe864b8c2656e5fa87a89ab60e7de6c5342cc
c4594483b10f7abd457ff9afd95bc304926772b0f8b950b574a30afc997dea83
c593ff98fe82f49b6a42da8d696f20b40e1ae7f70cba02e10e0820a59c1e6ae4
c8b16b1d612de44c7fc25166e73606ecf058ae4512018ab719cd72e876cb0831
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb7c49ab264df288e272de8eada58f92d157590b44fa5d3a296803c2c72ec78e
cc66d35f7d05fc1e06e9b815a1598972eebff23e2d0a219c18e3f65d31e18e51
cf55e23c3e436c2b9258bd384d42fb0aa4cd74224652e0b7d598f634e04b13ce
d00d49f981373bcec0085b90ea4e70412173cbb53e38b965f5a353627d83216c
d34699c2743552dbdc419cfbf73901ff25d964156009a6cfa18b28d0e62935e1
d83dca202a4e9e03f699c025878763187e6fe4c79553bab5022474c03b65b5be
de1b4bf35f77022072145ea18f8d17a6fb42ba4691b70bd8502b26e1fa873c45
df5a624e0ae2b9295723e10239343f43798b5b2569e8f3340be0ad9b55e7c7df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e578abb4711e892c5b3d6750ecaeddf796db0ec28e6c20a87a9d8930c8eb20e1
e5f2a31e0aa141a814781a8fbe86ff664004b17482cf7473e70cdd3df5c603c6
e9b6a639022c359676a0dcdd6f49af8dca7017f6496af95c3da33bbc6200031b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef47008558766b8dc8e89b1626ebc459a56f8b92f625e4eecd2e4904e9eb7857
efc87bbcc4b19348ff55f3a23ffd8791f2fc5da8dab14bca64668779c0da9c2d
f43f86151cde6945c5cbb98d05569fb294c5970090a84faab64c7bdbe9dacfab
f5d42289c14d80ad4f8f60ffa106a36769bc41b2b3fbdf7933a92ec0eb285755
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

dfyblogs.live Open in urlscan Pro 35.240.1.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

89 %HTTPS

47 %IPv6

29 Domains

40 Subdomains

33 IPs

5 Countries

4355 kBTransfer

9901 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dfyblogs.live Open in urlscan Pro
35.240.1.10 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

89 %
HTTPS

47 %
IPv6

29
Domains

40
Subdomains

33
IPs

5
Countries

4355 kB
Transfer

9901 kB
Size

22
Cookies

130 HTTP transactions
1 data transactions