blog.orange.tw Open in urlscan Pro
2a00:1450:4001:811::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
Submission: On June 14 via manual (June 14th 2023, 5:27:09 pm UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 14 domains to perform 101 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is blog.orange.tw.
TLS certificate: Issued by GTS CA 1D4 on June 8th 2023. Valid for: 3 months.

This is the only time blog.orange.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:831::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2009	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
101	19

2 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blog.orange.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 12183 3.bp.blogspot.com — Cisco Umbrella Rank: 14298 4.bp.blogspot.com — Cisco Umbrella Rank: 14854 2.bp.blogspot.com — Cisco Umbrella Rank: 15434	5 MB
20	blogger.com www.blogger.com — Cisco Umbrella Rank: 9078	704 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	497 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 97	960 KB
8	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 18146 www.blogblog.com — Cisco Umbrella Rank: 39019	5 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 jnn-pa.googleapis.com — Cisco Umbrella Rank: 279	32 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	43 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 static.doubleclick.net — Cisco Umbrella Rank: 349	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
2	orange.tw blog.orange.tw	55 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 252	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	76 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 116	4 KB
101	14

	Domain	Requested by
21	1.bp.blogspot.com	blog.orange.tw
20	www.blogger.com	blog.orange.tw www.blogger.com
9	www.youtube.com	blog.orange.tw www.youtube.com
6	www.gstatic.com	www.youtube.com www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com www.google.com
6	resources.blogblog.com	blog.orange.tw www.blogger.com
5	3.bp.blogspot.com	blog.orange.tw
4	www.google.com	www.youtube.com www.blogger.com www.gstatic.com www.google.com
4	jnn-pa.googleapis.com	www.youtube.com
3	2.bp.blogspot.com	blog.orange.tw
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.blogblog.com	blog.orange.tw
2	www.google-analytics.com	blog.orange.tw www.google-analytics.com
2	4.bp.blogspot.com	blog.orange.tw
2	blog.orange.tw	blog.orange.tw
1	region1.google-analytics.com	www.googletagmanager.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	www.google-analytics.com
1	lh3.googleusercontent.com	blog.orange.tw
1	fonts.googleapis.com	blog.orange.tw
101	22

This site contains links to these domains. Also see Links.

Domain
twitter.com
devco.re
proxylogon.com
www.blackhat.com
www.defcon.org
pwnies.com
i.blackhat.com
www.youtube.com
msrc.microsoft.com
youtu.be
1.bp.blogspot.com
www.microsoft.com
msrc-blog.microsoft.com
www.wsj.com
en.wikipedia.org
www.zerodayinitiative.com
dirkjanm.io
docs.microsoft.com
www.blogger.com
www.netvibes.com
add.my.yahoo.com

Subject Issuer	Validity	Valid
blog.orange.tw GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
Frame ID: 4A86985275EC34C7CF3034C5295C3C45
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SvjGMo9aMwE
Frame ID: D42B2ADF02738486A466EE303ABA70F9
Requests: 21 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/2987759532072489303?po=674306214530021249&hl=zh-TW&blogspotRpcToken=5641045
Frame ID: 156A210CF36FF30CD3C26F7641342DB0
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/2987759532072489303?po=674306214530021249&hl=zh-TW&blogspotRpcToken=5641045
Frame ID: 60A2D0666E0790C7F67FCCE65274FFEF
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=invisible&cb=fews1srwrdej
Frame ID: D09AC46544E59CD3B11AEBF9AA209977
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: FA097545D9145CF24EF03E02ADD6B478
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orange: A New Attack Surface on MS Exchange Part 1 - ProxyLogon!

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

101
Requests

98 %
HTTPS

100 %
IPv6

14
Domains

22
Subdomains

19
IPs

2
Countries

7493 kB
Transfer

11448 kB
Size

6
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/orange_8361
Title: @orange_8361

Search URL Search Domain Scan URL

URL: https://devco.re/blog/2021/08/06/a-new-attack-surface-on-MS-exchange-part-1-ProxyLogon/
Title: DEVCORE

Search URL Search Domain Scan URL

URL: https://proxylogon.com/
Title: ProxyLogon

Search URL Search Domain Scan URL

URL: https://twitter.com/thezdi/status/1379467992862449664
Title: Pwn2Own 2021

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/us-21/briefings/schedule/index.html#proxylogon-is-just-the-tip-of-the-iceberg-a-new-attack-surface-on-microsoft-exchange-server-23442
Title: Black Hat USA

Search URL Search Domain Scan URL

URL: https://www.defcon.org/html/defcon-29/dc-29-speakers.html
Title: DEFCON

Search URL Search Domain Scan URL

URL: https://pwnies.com/winners/
Title: Pwnie Awards 2021

Search URL Search Domain Scan URL

URL: https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf
Title: [Slides]

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5mqid-7zp8k
Title: [Video]

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
Title: CVE-2021-26855

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27065
Title: CVE-2021-27065

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31196
Title: CVE-2021-31196

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31195
Title: CVE-2021-31195

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473
Title: CVE-2021-34473

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523
Title: CVE-2021-34523

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31207
Title: CVE-2021-31207

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33768
Title: CVE-2021-33768

Search URL Search Domain Scan URL

URL: https://twitter.com/orange_8361/status/1346401788811825153
Title: why I tweeted my worry

Search URL Search Domain Scan URL

URL: https://youtu.be/rB255D-wnw0?t=999
Title: public information

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-id353OXqfVg/YQ0BhxKuWTI/AAAAAAAAE4I/DpkYr0Vk7PQhlVkmxZktBQg0e7NOoq7UwCLcBGAsYHQ/s820/upload_8af9592af8f505e7d1a7a725d5193bd3.png

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/03/25/analyzing-attacks-taking-advantage-of-the-exchange-server-vulnerabilities/
Title: Microsoft Blog

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2012/03/16/proof-of-concept-code-available-for-ms12-020/
Title: not the first time that something like this happened to Microsoft

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/microsoft-probing-whether-leak-played-role-in-suspected-chinese-hack-11615575793
Title: interesting stories from here

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2017/07/20/englishmansdentist-exploit-analysis/
Title: arsenal

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Equation_Group
Title: Equation Group

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/blog/2018/12/19/an-insincere-form-of-flattery-impersonating-users-on-microsoft-exchange
Title: CVE-2018-8581

Search URL Search Domain Scan URL

URL: https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/
Title: something really fancy

Search URL Search Domain Scan URL

URL: https://www.zerodayinitiative.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys
Title: CVE-2020-0688

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-wScbyUIknn4/YQz_uetqMgI/AAAAAAAAE3A/mqWOfGF8OG8Td1vRoaOsGlO2YvzbLnQuwCLcBGAsYHQ/s586/ezgif-2-675605ebd4ca.gif

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-WXwr1k11T84/YQ0AR7BWSUI/AAAAAAAAE4A/NmbZV42zmZ8ortYMNq6N1F0b6qWBUps5gCLcBGAsYHQ/s1836/upload_6dd25fe5fd7416cd0b4baf6e9a61adfc.png

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/exchange/architecture/architecture?view=exchserver-2019
Title: official documentation from Microsoft

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-7LxTYplYKsM/YQz_3Jh2XqI/AAAAAAAAE38/HZGR7keS078KHjiEqhuFMawzMuxJItfWACPcBGAYYCw/s1158/upload_7a3f4330935bae8bb28c68eb18b0d41f.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-xz4cLjB1IVo/YQz_2uYLAhI/AAAAAAAAE38/Ky1Nv55hnSEzxfPtk7vg5gmOKXcsKuPMQCPcBGAYYCw/s1801/upload_1a67aedda0db742f739ce9458b1fccdd.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-SgNeF7lGmEk/YQz_4L11pvI/AAAAAAAAE34/-SnheuRiBjoCwpGCoEmHujG0EahYGMFKwCPcBGAYYCw/s1842/upload_bb52a1d73b4ba00ddfc1675f805fe6d6.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-4X3giQzKfvs/YQz_1wUzaFI/AAAAAAAAE34/li2BZysF-s8tvmOdBhrI5sOfLlvoiWIaACPcBGAYYCw/s1280/upload_0aa5c69e644b59186216c5a3aa1639a9.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-dkvEGz_8kNw/YQz_3ThRF2I/AAAAAAAAE3w/k4i09DiYNKQ7gFpku4IZDbJUc9uddTw8wCPcBGAYYCw/s1859/upload_8796d1b24d746c44f0f856c14da2cec1.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-IjK_2UYxBQU/YQz_3_yIZ6I/AAAAAAAAE30/Dq6CS7_djVkUWIYcMn66EFjro_zYnrYdQCPcBGAYYCw/s1739/upload_9e963dcd39c2c4d6b7035215ed4e3848.png

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
Title: manipulating a URL Parser

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-lKaIevvQO_g/YQz_2w5ixkI/AAAAAAAAE34/oR2AYGj9gtUQKb_0thrNChg3GYN6TkLaACPcBGAYYCw/s2013/upload_3a62aa183d134c3e540aa3aa56da0c86.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-FFb5p1z14TE/YQz_1xyoTNI/AAAAAAAAE3s/9mcld7lD76kPK_3OdE5cJeYIn0t_KcSowCPcBGAYYCw/s2048/upload_1a0b42f94b1e337c5937fc77ff058f0c.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-zYvcZuXWOU0/YQz_11CFXsI/AAAAAAAAE30/DKCsFKLqn9wL7I9gOgRIqD_MQAmKlPFNwCPcBGAYYCw/s1552/upload_1425afd691cdfb0d742d5adb624a6902.png

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=SvjGMo9aMwE
Title: demonstration video

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2987759532072489303&postID=674306214530021249&target=email
Title: 以電子郵件傳送這篇文章

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2987759532072489303&postID=674306214530021249&target=blog
Title: BlogThis！

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2987759532072489303&postID=674306214530021249&target=twitter
Title: 分享至 Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2987759532072489303&postID=674306214530021249&target=facebook
Title: 分享至 Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=2987759532072489303&postID=674306214530021249&target=pinterest
Title: 分享到 Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/06687865888186705643
Title: Unknown

Search URL Search Domain Scan URL

URL: https://www.blogger.com/delete-comment.g?blogID=2987759532072489303&postID=8629014421181425958
Title: 刪除

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/2987759532072489303?po=674306214530021249&hl=zh-TW&blogspotRpcToken=5641045

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/02779986309373771735

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?url=https%3A%2F%2Fblog.orange.tw%2Ffeeds%2Fposts%2Fdefault

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/content?url=https%3A%2F%2Fblog.orange.tw%2Ffeeds%2Fposts%2Fdefault

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?url=https%3A%2F%2Fblog.orange.tw%2Ffeeds%2F674306214530021249%2Fcomments%2Fdefault

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/content?url=https%3A%2F%2Fblog.orange.tw%2Ffeeds%2F674306214530021249%2Fcomments%2Fdefault

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html Show response
blog.orange.tw/2021/08/ 296 KB
53 KB 690ms
353ms Document
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc10d2a3817d56054cc0e57871e70ceefc8d11954fd4221e0f7ffb726a88bcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 53874
content-type: text/html; charset=UTF-8
date: Wed, 14 Jun 2023 17:27:03 GMT
etag: W/"56716f9f8d5cfc9d7a3a942afd0992a0a86963fffc039c60fc3315309f11fd52"
expires: Wed, 14 Jun 2023 17:27:03 GMT
last-modified: Mon, 12 Jun 2023 08:23:07 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 64ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 07:58:21 GMT
x-content-type-options: nosniff
age: 34122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35960
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 12:54:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 13 Jun 2024 07:58:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
980 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?kit=mW_CIZvkcW1i7Mw9mVo5P8tm9aE5B_cNHglMUm2VBiA

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22f9f53b2cbc7abcbb3ee7c7d4a96b5ea899deabaf7771e5856ec866f19b2fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Jun 2023 17:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 17:27:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Jun 2023 17:27:03 GMT

GET
H2 200 frame_009_delay-0.05s.png
1.bp.blogspot.com/-7FEGKl1ROUw/YQz574hloYI/AAAAAAAAE2w/j99SSgNWWFgBiGc71IL-1_uo_Mx98hQgwCLcBGAsYHQ/s586/ 60 KB
60 KB 57ms
29ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7FEGKl1ROUw/YQz574hloYI/AAAAAAAAE2w/j99SSgNWWFgBiGc71IL-1_uo_Mx98hQgwCLcBGAsYHQ/s586/frame_009_delay-0.05s.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e630de741ddac639491ce9a187c88e3f25a8be0cd2e3ba82e2ec985af9152baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="frame_009_delay-0.05s.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60943
x-xss-protection: 0
server: fife
etag: "v136d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_8af9592af8f505e7d1a7a725d5193bd3.png
1.bp.blogspot.com/-id353OXqfVg/YQ0BhxKuWTI/AAAAAAAAE4I/DpkYr0Vk7PQhlVkmxZktBQg0e7NOoq7UwCLcBGAsYHQ/s16000/ 37 KB
38 KB 49ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-id353OXqfVg/YQ0BhxKuWTI/AAAAAAAAE4I/DpkYr0Vk7PQhlVkmxZktBQg0e7NOoq7UwCLcBGAsYHQ/s16000/upload_8af9592af8f505e7d1a7a725d5193bd3.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d08e5ba7bc4c10a484989f560a14c2fcdbf261f12074383024c2976b9440507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_8af9592af8f505e7d1a7a725d5193bd3.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38378
x-xss-protection: 0
server: fife
etag: "v1383"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 ezgif-2-675605ebd4ca.gif
1.bp.blogspot.com/-wScbyUIknn4/YQz_uetqMgI/AAAAAAAAE3A/mqWOfGF8OG8Td1vRoaOsGlO2YvzbLnQuwCLcBGAsYHQ/s16000/ 3 MB
3 MB 597ms
570ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wScbyUIknn4/YQz_uetqMgI/AAAAAAAAE3A/mqWOfGF8OG8Td1vRoaOsGlO2YvzbLnQuwCLcBGAsYHQ/s16000/ezgif-2-675605ebd4ca.gif

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9e68bdc72b1dbe1b720afb7bb2bba23cca1ad4a88b5839469cc1d227f48db79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="ezgif-2-675605ebd4ca.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2876211
x-xss-protection: 0
server: fife
etag: "v137f"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:04 GMT

GET
H2 200 upload_6dd25fe5fd7416cd0b4baf6e9a61adfc.png
1.bp.blogspot.com/-WXwr1k11T84/YQ0AR7BWSUI/AAAAAAAAE4A/NmbZV42zmZ8ortYMNq6N1F0b6qWBUps5gCLcBGAsYHQ/s16000/ 34 KB
34 KB 63ms
36ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WXwr1k11T84/YQ0AR7BWSUI/AAAAAAAAE4A/NmbZV42zmZ8ortYMNq6N1F0b6qWBUps5gCLcBGAsYHQ/s16000/upload_6dd25fe5fd7416cd0b4baf6e9a61adfc.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

af5bbc41110b6d9a74158d0c0ae1a5d1f126eba6244baef1737070645c53b3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_6dd25fe5fd7416cd0b4baf6e9a61adfc.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34423
x-xss-protection: 0
server: fife
etag: "v1381"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_7a3f4330935bae8bb28c68eb18b0d41f.png
1.bp.blogspot.com/-7LxTYplYKsM/YQz_3Jh2XqI/AAAAAAAAE38/HZGR7keS078KHjiEqhuFMawzMuxJItfWACPcBGAYYCw/s16000/ 295 KB
295 KB 85ms
59ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7LxTYplYKsM/YQz_3Jh2XqI/AAAAAAAAE38/HZGR7keS078KHjiEqhuFMawzMuxJItfWACPcBGAYYCw/s16000/upload_7a3f4330935bae8bb28c68eb18b0d41f.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

904b8b91d92363304f4451357289270b77c77a750558af63b01345b9cff83fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_7a3f4330935bae8bb28c68eb18b0d41f.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 302185
x-xss-protection: 0
server: fife
etag: "v137f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_1a67aedda0db742f739ce9458b1fccdd.png
1.bp.blogspot.com/-xz4cLjB1IVo/YQz_2uYLAhI/AAAAAAAAE38/Ky1Nv55hnSEzxfPtk7vg5gmOKXcsKuPMQCPcBGAYYCw/s16000/ 530 KB
530 KB 94ms
67ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xz4cLjB1IVo/YQz_2uYLAhI/AAAAAAAAE38/Ky1Nv55hnSEzxfPtk7vg5gmOKXcsKuPMQCPcBGAYYCw/s16000/upload_1a67aedda0db742f739ce9458b1fccdd.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7597356a0a1cdd03d35b005b3fd45fee4cccd91d38de12661c8f2e87e968b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_1a67aedda0db742f739ce9458b1fccdd.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 542379
x-xss-protection: 0
server: fife
etag: "v137f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_bb52a1d73b4ba00ddfc1675f805fe6d6.png
1.bp.blogspot.com/-SgNeF7lGmEk/YQz_4L11pvI/AAAAAAAAE34/-SnheuRiBjoCwpGCoEmHujG0EahYGMFKwCPcBGAYYCw/s16000/ 99 KB
99 KB 222ms
220ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SgNeF7lGmEk/YQz_4L11pvI/AAAAAAAAE34/-SnheuRiBjoCwpGCoEmHujG0EahYGMFKwCPcBGAYYCw/s16000/upload_bb52a1d73b4ba00ddfc1675f805fe6d6.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f584f30bd5748d440c8b8ff7e2868076766639fcfc93fe26f856d92f162c1c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_bb52a1d73b4ba00ddfc1675f805fe6d6.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101324
x-xss-protection: 0
server: fife
etag: "v137e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_0aa5c69e644b59186216c5a3aa1639a9.png
1.bp.blogspot.com/-4X3giQzKfvs/YQz_1wUzaFI/AAAAAAAAE34/li2BZysF-s8tvmOdBhrI5sOfLlvoiWIaACPcBGAYYCw/s16000/ 100 KB
100 KB 61ms
59ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4X3giQzKfvs/YQz_1wUzaFI/AAAAAAAAE34/li2BZysF-s8tvmOdBhrI5sOfLlvoiWIaACPcBGAYYCw/s16000/upload_0aa5c69e644b59186216c5a3aa1639a9.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d532b1b840eedf7e04a4a9b360dfe7f70733b7a5e686bad7e7f289e0db28b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_0aa5c69e644b59186216c5a3aa1639a9.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102657
x-xss-protection: 0
server: fife
etag: "v137e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_8796d1b24d746c44f0f856c14da2cec1.png
1.bp.blogspot.com/-dkvEGz_8kNw/YQz_3ThRF2I/AAAAAAAAE3w/k4i09DiYNKQ7gFpku4IZDbJUc9uddTw8wCPcBGAYYCw/s16000/ 128 KB
128 KB 68ms
67ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dkvEGz_8kNw/YQz_3ThRF2I/AAAAAAAAE3w/k4i09DiYNKQ7gFpku4IZDbJUc9uddTw8wCPcBGAYYCw/s16000/upload_8796d1b24d746c44f0f856c14da2cec1.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79b6d1807f598d792f0c011767f5dc192f1d0e08463df9a2489f940ed2c3275c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_8796d1b24d746c44f0f856c14da2cec1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130923
x-xss-protection: 0
server: fife
etag: "v137c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_9e963dcd39c2c4d6b7035215ed4e3848.png
1.bp.blogspot.com/-IjK_2UYxBQU/YQz_3_yIZ6I/AAAAAAAAE30/Dq6CS7_djVkUWIYcMn66EFjro_zYnrYdQCPcBGAYYCw/s16000/ 201 KB
201 KB 105ms
103ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-IjK_2UYxBQU/YQz_3_yIZ6I/AAAAAAAAE30/Dq6CS7_djVkUWIYcMn66EFjro_zYnrYdQCPcBGAYYCw/s16000/upload_9e963dcd39c2c4d6b7035215ed4e3848.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f46edb69daca58420337f038f02017a7e2bca52642f4f2913fd4ef33e0a987ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_9e963dcd39c2c4d6b7035215ed4e3848.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206081
x-xss-protection: 0
server: fife
etag: "v137d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_3a62aa183d134c3e540aa3aa56da0c86.png
1.bp.blogspot.com/-lKaIevvQO_g/YQz_2w5ixkI/AAAAAAAAE34/oR2AYGj9gtUQKb_0thrNChg3GYN6TkLaACPcBGAYYCw/s16000/ 262 KB
262 KB 79ms
77ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lKaIevvQO_g/YQz_2w5ixkI/AAAAAAAAE34/oR2AYGj9gtUQKb_0thrNChg3GYN6TkLaACPcBGAYYCw/s16000/upload_3a62aa183d134c3e540aa3aa56da0c86.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ea65d59a8d91967204ed6f3be1e08bc719085f9662e253e782bcb7ab7715ce13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_3a62aa183d134c3e540aa3aa56da0c86.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268512
x-xss-protection: 0
server: fife
etag: "v137e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_1a0b42f94b1e337c5937fc77ff058f0c.png
1.bp.blogspot.com/-FFb5p1z14TE/YQz_1xyoTNI/AAAAAAAAE3s/9mcld7lD76kPK_3OdE5cJeYIn0t_KcSowCPcBGAYYCw/s16000/ 337 KB
338 KB 81ms
80ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FFb5p1z14TE/YQz_1xyoTNI/AAAAAAAAE3s/9mcld7lD76kPK_3OdE5cJeYIn0t_KcSowCPcBGAYYCw/s16000/upload_1a0b42f94b1e337c5937fc77ff058f0c.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f68f597788c5dd5c4c8c520ba4759d4bff7466997cb3242b98eaffd226ff3df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_1a0b42f94b1e337c5937fc77ff058f0c.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345464
x-xss-protection: 0
server: fife
etag: "v137b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 upload_1425afd691cdfb0d742d5adb624a6902.png
1.bp.blogspot.com/-zYvcZuXWOU0/YQz_11CFXsI/AAAAAAAAE30/DKCsFKLqn9wL7I9gOgRIqD_MQAmKlPFNwCPcBGAYYCw/s16000/ 93 KB
93 KB 69ms
67ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zYvcZuXWOU0/YQz_11CFXsI/AAAAAAAAE30/DKCsFKLqn9wL7I9gOgRIqD_MQAmKlPFNwCPcBGAYYCw/s16000/upload_1425afd691cdfb0d742d5adb624a6902.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fdc7d8d9be402e35b2dd049cbe9699910e1e59ecbabb9444651df2f3d2bcc10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="upload_1425afd691cdfb0d742d5adb624a6902.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95159
x-xss-protection: 0
server: fife
etag: "v137d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H3 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
2 KB 10ms
6ms Image
image/png 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 17:06:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 13:54:18 GMT
server: sffe
age: 433256
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Jun 2023 17:06:07 GMT

GET
H2 200 976584016-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
7 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/976584016-comment_from_post_iframe.js

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bba036d27948ede7fad38a33790a10fda10c36768cf985cebdaa6cc931636b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 13:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6756
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 10:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 09 Jun 2024 13:43:57 GMT

GET
H2 200 51669015a35abc139413dd56053d6baa.jpg%253Fsize%253D1024
3.bp.blogspot.com/-eC2GIrxvsCE/VyEXHqldY_I/AAAAAAAADmM/y4wuM9OvSVYXz0-HBDElBn91cJVmi-7xwCK4B/s80-r/ 2 KB
3 KB 50ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-eC2GIrxvsCE/VyEXHqldY_I/AAAAAAAADmM/y4wuM9OvSVYXz0-HBDElBn91cJVmi-7xwCK4B/s80-r/51669015a35abc139413dd56053d6baa.jpg%253Fsize%253D1024

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7fe4d83aa63b931b443010a18674850fd3ab92bfaaa447387cc6d2ab7cdff8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="51669015a35abc139413dd56053d6baa.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2459
x-xss-protection: 0
server: fife
etag: "ve6a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 arrow_dropdown.gif
resources.blogblog.com/img/widgets/ 141 B
239 B 37ms
9ms Image
image/gif 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/arrow_dropdown.gif

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 03:52:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 09:50:04 GMT
server: sffe
age: 394470
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 03:52:33 GMT

GET
H2 200 icon_feed12.png
resources.blogblog.com/img/ 500 B
925 B 36ms
8ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon_feed12.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 06:07:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 13:54:18 GMT
server: sffe
age: 386402
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 500
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 06:07:01 GMT

GET
H2 200 subscribe-netvibes.png
resources.blogblog.com/img/widgets/ 1 KB
2 KB 36ms
9ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/subscribe-netvibes.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 04:44:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 09:50:04 GMT
server: sffe
age: 391370
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1445
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 04:44:13 GMT

GET
H2 200 subscribe-yahoo.png
resources.blogblog.com/img/widgets/ 580 B
694 B 12ms
7ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/subscribe-yahoo.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 13:38:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Jun 2023 11:51:05 GMT
server: sffe
age: 359314
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 13:38:29 GMT

GET
H2 200 frame_009_delay-0.05s.png
1.bp.blogspot.com/-7FEGKl1ROUw/YQz574hloYI/AAAAAAAAE2w/j99SSgNWWFgBiGc71IL-1_uo_Mx98hQgwCLcBGAsYHQ/s72-c/ 4 KB
4 KB 32ms
28ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7FEGKl1ROUw/YQz574hloYI/AAAAAAAAE2w/j99SSgNWWFgBiGc71IL-1_uo_Mx98hQgwCLcBGAsYHQ/s72-c/frame_009_delay-0.05s.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79bb6b6e7ed95ad5253ebcf46c1f1e38384d1cee98add4295346a3d5effbc8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="frame_009_delay-0.05s.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4127
x-xss-protection: 0
server: fife
etag: "v136d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 frame_37_delay-0.1s.png
1.bp.blogspot.com/-Gp5q8pg7ucE/YQzyIOGl99I/AAAAAAAAE2o/VgRY91G7XWshcUYOCHAkoImIIpm0tizlACLcBGAsYHQ/s72-c/ 5 KB
5 KB 26ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Gp5q8pg7ucE/YQzyIOGl99I/AAAAAAAAE2o/VgRY91G7XWshcUYOCHAkoImIIpm0tizlACLcBGAsYHQ/s72-c/frame_37_delay-0.1s.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e9dd90adf1b67dcaee7b0e0bdaf745eab7967bbbe78aec01c7c41f654906a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="frame_37_delay-0.1s.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4961
x-xss-protection: 0
server: fife
etag: "v136b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 1599655683992.png
1.bp.blogspot.com/-eUefNirUsUI/X1twa4CL3DI/AAAAAAAAEoU/gDba_K06kDsum1KRLlw1GZ8JqGki7gu7wCPcBGAYYCw/s72-c/ 11 KB
11 KB 36ms
32ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eUefNirUsUI/X1twa4CL3DI/AAAAAAAAEoU/gDba_K06kDsum1KRLlw1GZ8JqGki7gu7wCPcBGAYYCw/s72-c/1599655683992.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

53ebd506c17c26fa0f302ee8f33e6033bab611abf779cb4bc64f88f3f102492f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="1599655683992.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10954
x-xss-protection: 0
server: fife
etag: "v1285"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 cover.png
1.bp.blogspot.com/-YJGzmUoagFw/XckttfKmQzI/AAAAAAAAEdg/KkxFyqMqhxMZMa3gpS47EzXZPSChc4WJACEwYBhgL/s72-c/ 1 KB
2 KB 44ms
40ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YJGzmUoagFw/XckttfKmQzI/AAAAAAAAEdg/KkxFyqMqhxMZMa3gpS47EzXZPSChc4WJACEwYBhgL/s72-c/cover.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f328e6ecff58aad43792902cd70e45ecfb92cc00f38736a08a6f4c2a18d50664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="cover.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
server: fife
etag: "v11d8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 cover%255B1%255D.png
1.bp.blogspot.com/-HX_hF57XF1M/XW0e7DK7QLI/AAAAAAAAEXA/ZAjdCUeZXuAwtoF-o5-b3px59ysLSV8ngCLcBGAs/s72-c/ 10 KB
11 KB 26ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HX_hF57XF1M/XW0e7DK7QLI/AAAAAAAAEXA/ZAjdCUeZXuAwtoF-o5-b3px59ysLSV8ngCLcBGAs/s72-c/cover%255B1%255D.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e24ede2412324188136fae3632103b253f635a014b1d96f4afcc7fc434ff8e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="cover[1].png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10659
x-xss-protection: 0
server: fife
etag: "v1171"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 cover%255B1%255D.png
1.bp.blogspot.com/-SuOeaDliqgY/XU3oo_AFVlI/AAAAAAAAEVE/oGqrH9xK-G06kITI_xkVVigjJY56OOI0gCLcBGAs/s72-c/ 11 KB
11 KB 30ms
26ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SuOeaDliqgY/XU3oo_AFVlI/AAAAAAAAEVE/oGqrH9xK-G06kITI_xkVVigjJY56OOI0gCLcBGAs/s72-c/cover%255B1%255D.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

af63652eec76e17b35ed9553565ca82b6813fc555dc9bcefbe1b2b2fd32c83da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="cover[1].png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10889
x-xss-protection: 0
server: fife
etag: "v1152"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 2.png
1.bp.blogspot.com/-jWzVnyTzGqM/XS8Kk09jlLI/AAAAAAAAESU/jYbqtVbHJa0lbxSg41ydEftyhzuYDKZwQCEwYBhgL/s72-c/ 5 KB
5 KB 27ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jWzVnyTzGqM/XS8Kk09jlLI/AAAAAAAAESU/jYbqtVbHJa0lbxSg41ydEftyhzuYDKZwQCEwYBhgL/s72-c/2.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

acbab549598e79df8356833641f7641c5900636fbbae215125117cdf4f2413d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5129
x-xss-protection: 0
server: fife
etag: "v1125"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 pic3.png
4.bp.blogspot.com/-Ed_CDX8SmaI/XGrfUNLTTSI/AAAAAAAAEMI/CMxfhgwMTg4bE6JNKZFTFp7Szr7AjnIEQCLcBGAs/s72-c/ 8 KB
8 KB 94ms
90ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Ed_CDX8SmaI/XGrfUNLTTSI/AAAAAAAAEMI/CMxfhgwMTg4bE6JNKZFTFp7Szr7AjnIEQCLcBGAs/s72-c/pic3.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bdc1caeccde92a828ad0ecda8b0b2cdf6c7706d0c3b55b66defd384406d30c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pic3.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: fife
etag: "v10c4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 2018-10-23_200848.png
1.bp.blogspot.com/-XP4R39yNMwo/W88PZmxjPnI/AAAAAAAAEIM/CS3jRTT4CBQFG5QWmKTs4XHafmo6Wib9QCLcBGAs/s72-c/ 1 KB
1 KB 35ms
31ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XP4R39yNMwo/W88PZmxjPnI/AAAAAAAAEIM/CS3jRTT4CBQFG5QWmKTs4XHafmo6Wib9QCLcBGAs/s72-c/2018-10-23_200848.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6668ee2750d3410f5e96342d2d7b464cdae0c93ae72ac7d9275446fdb498fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:18:37 GMT
x-content-type-options: nosniff
age: 11306
content-disposition: inline;filename="2018-10-23_200848.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1241
x-xss-protection: 0
server: fife
etag: "v1084"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:18:37 GMT

GET
H2 200 2018-08-04_030230.png
4.bp.blogspot.com/-zb45XiRL6Ds/W2SnNJI3IBI/AAAAAAAAEFw/l1OlYscFgW8jYK20l1vQn5QhkKND91n_wCLcBGAs/s72-c/ 5 KB
5 KB 94ms
90ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-zb45XiRL6Ds/W2SnNJI3IBI/AAAAAAAAEFw/l1OlYscFgW8jYK20l1vQn5QhkKND91n_wCLcBGAs/s72-c/2018-08-04_030230.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

142f5651ef93527c9ade5836471283013f6bcaf5aa319e041d44b1724fe3fdc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2018-08-04_030230.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4719
x-xss-protection: 0
server: fife
etag: "v105d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 final%255B1%255D.png
3.bp.blogspot.com/-v4zylR98B_4/WXt7flRIbVI/AAAAAAAAD30/ho1WSQ3WQQkZCa7SCarnOHy1eD9VEtINgCLcBGAs/s72-c/ 7 KB
7 KB 38ms
34ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-v4zylR98B_4/WXt7flRIbVI/AAAAAAAAD30/ho1WSQ3WQQkZCa7SCarnOHy1eD9VEtINgCLcBGAs/s72-c/final%255B1%255D.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d7b43754476d1c6a6849d64651d02b1dff9158c10609153eb80b58b860091f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="final[1].png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6760
x-xss-protection: 0
server: fife
etag: "vf82"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 51669015a35abc139413dd56053d6baa.jpeg
3.bp.blogspot.com/-FVxVOqZksiA/WXHXP8FLm0I/AAAAAAAAD3I/B9-73kYwQFYDGqNGCBnlhwi2IgLYi5M9wCLcBGAs/s72-c/ 2 KB
2 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-FVxVOqZksiA/WXHXP8FLm0I/AAAAAAAAD3I/B9-73kYwQFYDGqNGCBnlhwi2IgLYi5M9wCLcBGAs/s72-c/51669015a35abc139413dd56053d6baa.jpeg

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9074463b706a5ea62cb477640ab1eb283442e834e5623f66be2e6b32d51e4463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="51669015a35abc139413dd56053d6baa.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2270
x-xss-protection: 0
server: fife
etag: "vf73"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 16-04-21-03-30-52-511_deco.jpg
3.bp.blogspot.com/--y85_wX_ylM/VxhKEnRrwFI/AAAAAAAADkk/SlNo_1QnG5U6W7J512EFeRW549p53g-dwCLcB/s72-c/ 4 KB
4 KB 23ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/--y85_wX_ylM/VxhKEnRrwFI/AAAAAAAADkk/SlNo_1QnG5U6W7J512EFeRW549p53g-dwCLcB/s72-c/16-04-21-03-30-52-511_deco.jpg

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a8bff80f3adec38e8a892898418ab14ba14d53880428e103192552083e1b6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="16-04-21-03-30-52-511_deco.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3731
x-xss-protection: 0
server: fife
etag: "ve4e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 2016-03-25_215550.jpg
2.bp.blogspot.com/-R2CitOXPoEM/Vvjk-0yS15I/AAAAAAAADjw/371EszZq-IMWE73c8LWWxyNYbHuatnOaQ/s72-c/ 4 KB
4 KB 93ms
89ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-R2CitOXPoEM/Vvjk-0yS15I/AAAAAAAADjw/371EszZq-IMWE73c8LWWxyNYbHuatnOaQ/s72-c/2016-03-25_215550.jpg

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f437b845a30ec1171591717818ace0bc468f89342684482c7c1c9f0054d517be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2016-03-25_215550.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3839
x-xss-protection: 0
server: fife
etag: "ve3c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 slide_0%255B1%255D.jpg
3.bp.blogspot.com/-KQE6QlEfXVQ/V_4LawIeezI/AAAAAAAADso/7Eus7F530KkfDV5aT81uISSvCCLKQ3gSwCLcB/s72-c/ 2 KB
2 KB 37ms
33ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-KQE6QlEfXVQ/V_4LawIeezI/AAAAAAAADso/7Eus7F530KkfDV5aT81uISSvCCLKQ3gSwCLcB/s72-c/slide_0%255B1%255D.jpg

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6bc59309906bc4d8400964bd98d9429dc3f6507320958c5ea71c61366413797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="slide_0[1].jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1676
x-xss-protection: 0
server: fife
etag: "vecc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 15826310_1553744114640382_453020543574430330_n%255B1%255D.jpg
2.bp.blogspot.com/-oFUmuiyNlpA/WG9B5qsxAtI/AAAAAAAADwc/niqsWzjX5kISpwR0v3adPbFibyxBD91OQCLcB/s72-c/ 4 KB
4 KB 105ms
104ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-oFUmuiyNlpA/WG9B5qsxAtI/AAAAAAAADwc/niqsWzjX5kISpwR0v3adPbFibyxBD91OQCLcB/s72-c/15826310_1553744114640382_453020543574430330_n%255B1%255D.jpg

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c6d726a501309c581c4884988d6567f85cf30a48afb62b274b972fc7d5c8327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="15826310_1553744114640382_453020543574430330_n[1].jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4281
x-xss-protection: 0
server: fife
etag: "vf08"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 %25E8%259E%25A2%25E5%25B9%2595%25E5%25BF%25AB%25E7%2585%25A7+2013-10-04+%25E4%25B8%258A%25E5%258D%25883.51.36.png
2.bp.blogspot.com/-srX937uPAio/UmVBnumi0LI/AAAAAAAACZY/TWT9x1zKT-M/s72-c/ 3 KB
4 KB 102ms
102ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-srX937uPAio/UmVBnumi0LI/AAAAAAAACZY/TWT9x1zKT-M/s72-c/%25E8%259E%25A2%25E5%25B9%2595%25E5%25BF%25AB%25E7%2585%25A7+2013-10-04+%25E4%25B8%258A%25E5%258D%25883.51.36.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

817a2ebab12c97ca7a97ce330704a1f073795822c52a61ece07fc46d5d34af1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="____ 2013-10-04 __3.51.36.png";filename*=UTF-8''%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202013-10-04%20%E4%B8%8A%E5%8D%883.51.36.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3485
x-xss-protection: 0
server: fife
etag: "v996"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:03 GMT

GET
H2 200 image.png
lh3.googleusercontent.com/-qlV9CK1eezE/YDX3uvqO6uI/AAAAAAAAEtU/RePKcDFss1gY38OHhSdcZTZ7zObOKM3_ACLcBGAsYHQ/s72-c/ 3 KB
4 KB 61ms
11ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-qlV9CK1eezE/YDX3uvqO6uI/AAAAAAAAEtU/RePKcDFss1gY38OHhSdcZTZ7zObOKM3_ACLcBGAsYHQ/s72-c/image.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5aa8b2740e1e5f73a02fa378e7a47174c37858e104365bbabf69268a265febb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:28:06 GMT
x-content-type-options: nosniff
age: 3537
content-disposition: inline;filename="image.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3520
x-xss-protection: 0
server: fife
etag: "v12d6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 16:28:06 GMT

GET
H2 200 cookienotice.js Show response
blog.orange.tw/js/ 6 KB
2 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.orange.tw/js/cookienotice.js

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 14:53:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 21 Jun 2023 17:27:03 GMT

GET
H2 200 254827068-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
55 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/254827068-widgets.js

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a337b8bc0c11d1ced27beeb0ae2b1b1401b954af412b19604e801937ea64b7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 07:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56565
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 21:55:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 13 Jun 2024 07:59:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 42ms
11ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 17:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1335
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 14 Jun 2023 19:04:48 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 106ms
104ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2987759532072489303&zx=bba08626-ac29-47a0-a008-a69514d0416e

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 14 Jun 2023 17:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 17:27:03 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SvjGMo9aMwE Show response
www.youtube.com/embed/ Frame D42B 74 KB
32 KB 108ms
84ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SvjGMo9aMwE

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2765f91facd6737b955dbe9804fe4bc4562c06ca5f582ce49d21545384496b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.orange.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 17:27:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gradients_light.png
www.blogblog.com/1kt/simple/ 403 B
517 B 43ms
10ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogblog.com/1kt/simple/gradients_light.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 23:57:05 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 13:54:18 GMT
server: sffe
age: 408598
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Jun 2023 23:57:05 GMT

GET
H2 200 body_gradient_tile_light.png
www.blogblog.com/1kt/simple/ 95 B
520 B 61ms
10ms Image
image/png 2a00:1450:4001:80e::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogblog.com/1kt/simple/body_gradient_tile_light.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 06:27:43 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Jun 2023 05:51:36 GMT
server: sffe
age: 385160
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 06:27:43 GMT

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:47:29 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 09:50:04 GMT
server: sffe
age: 369574
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 10:47:29 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 32ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?kit=mW_CIZvkcW1i7Mw9mVo5P8tm9aE5B_cNHglMUm2VBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.orange.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:40:30 GMT
x-content-type-options: nosniff
age: 344793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:40:30 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 37ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?kit=mW_CIZvkcW1i7Mw9mVo5P8tm9aE5B_cNHglMUm2VBiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.orange.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:00:13 GMT
x-content-type-options: nosniff
age: 325610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 23:00:13 GMT

GET
H3 200 2987759532072489303
www.blogger.com/comment/frame/ Frame 156A 54 KB
0 73ms
63ms Document
text/html 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/2987759532072489303?po=674306214530021249&hl=zh-TW&blogspotRpcToken=5641045

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/976584016-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VtT0BBxSiH-JS1OOUwav0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.orange.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VtT0BBxSiH-JS1OOUwav0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 14 Jun 2023 17:27:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 logo-16.png
www.blogger.com/img/ 279 B
302 B 25ms
16ms Image
image/png 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 02:30:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 21:52:27 GMT
server: sffe
age: 399416
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 02:30:07 GMT

GET
H3 200 s_top.png
resources.blogblog.com/img/widgets/ 335 B
358 B 26ms
17ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/s_top.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:49:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 09:50:04 GMT
server: sffe
age: 369461
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 17 Jun 2023 10:49:22 GMT

GET
H3 200 s_bottom.png
resources.blogblog.com/img/widgets/ 172 B
195 B 25ms
17ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/widgets/s_bottom.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 09 Jun 2023 15:33:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 21:52:27 GMT
server: sffe
age: 438814
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Jun 2023 15:33:29 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/8c7583ff/ Frame D42B 409 KB
48 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adcf7fb00447abb34826c3ca3cf2ad3be4516cfab88ad23b65e35b0c304f9170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49230
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Jun 2024 17:25:36 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/ Frame D42B 307 KB
92 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67dbfdd99ccb28a4a3c9e81045fb6c245cbc3bed2889a754653df96054f9e736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94356
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Jun 2024 16:52:04 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/ Frame D42B 2 MB
744 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80efc9f4573b3f2018ea2fb84c9398edfc12aa89aac8550c3d39368a0742c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 15:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761147
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Jun 2024 15:10:47 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8c7583ff/fetch-polyfill.vflset/ Frame D42B 9 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Jun 2024 16:09:06 GMT

GET m=_b,_tp,_r
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/am=oOYeAAE/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP1024nMx26R21YzFVQ3xMOX... Frame 156A 0
0

GET
H3 200 2987759532072489303 Show response
www.blogger.com/comment/frame/ Frame 60A2 54 KB
16 KB 36ms
35ms Document
text/html 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/2987759532072489303?po=674306214530021249&hl=zh-TW&blogspotRpcToken=5641045

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/254827068-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6ba5a0a4a9fe81e0ce32aed1d9d6a1926051a139328c972a7e2358aa2df09a6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-rAK37XOzKNnRfydKsyYXng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.orange.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-rAK37XOzKNnRfydKsyYXng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 14 Jun 2023 17:27:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 225ms
224ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2987759532072489303&zx=bba08626-ac29-47a0-a008-a69514d0416e

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 17:27:04 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D42B 15 KB
15 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 323909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D42B 15 KB
15 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 344359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:45 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1719413119&t=pageview&_s=1&dl=https%3A%2F%2Fblog.orange.tw%2F2021%2F08%2Fproxylogon-a-new-attack-surface-on-ms-exchange-part-1.html&ul=en-us&de=UTF-8&dt=Orange%3A%20A%20New%20Attack%20Surface%20on%20MS%20Exchange%20Part%201%20-%20ProxyLogon!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=889774201&gjid=1679512174&cid=1106575020.1686763624&tid=UA-13047966-1&_gid=1736591191.1686763624&_r=1&_slc=1&z=15943124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

759259099bf536a554932eb35090d0b4f576823a144cb9bbc3d4c57150ccb7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.orange.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 17:27:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.orange.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/am=oOYeAAE/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP1024nMx26R21YzFVQ3xMOX... Frame 60A2 184 KB
65 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/am=oOYeAAE/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP1024nMx26R21YzFVQ3xMOXORvNAA/m=_b,_tp,_r

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/2987759532072489303?po=674306214530021249&hl=zh-TW&blogspotRpcToken=5641045

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed49b08dc0e46950c340d81138113811c50e5343389217a047fd56f0f38a020c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66515
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 07:09:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 03:29:37 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 60A2 0
26 B 27ms
27ms Other
text/html 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-Eip1Im8q5iehBKc_bBcf8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-Eip1Im8q5iehBKc_bBcf8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 51ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WXCGGS1XH5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39941bb666221a876d2944ba9dc115514da8be0468f6bfbab730a6dd74d903e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77040
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Jun 2023 17:27:04 GMT

GET
H3 200 m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentfo... Frame 60A2 285 KB
102 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0g-fLBgi7lhmZ5sltJ1l5VF42M1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,I6YDgd,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,ZDqTJc,Uas9Hd,eD1YLc,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/am=oOYeAAE/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP1024nMx26R21YzFVQ3xMOXORvNAA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4be8c3094e3be82294e6e89a5f172beaba708300402f7091c892846c1f9c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103901
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 07:09:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 03:29:37 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,... Frame 60A2 6 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0g-fLBgi7lhmZ5sltJ1l5VF42M1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca1cd0738eaf7c22ea13013b12e91f603820074c0a96ed3a8a891ed2a1108dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2788
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 07:09:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 03:48:21 GMT

GET
H3 200 m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,... Frame 60A2 73 KB
25 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0g-fLBgi7lhmZ5sltJ1l5VF42M1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae77ccbe595357b4fe1b9ebcbc961bbdf6a55202a808158a2636539f6d3a9370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25650
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 07:09:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 03:48:22 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D42B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

18ms
17ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3f80f6d5aad0be38748b9a4dd6ef1931a854abafbaf42ee7ef28e4c389a23ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 14 Jun 2023 17:27:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D42B 29 B
495 B 31ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:12:32 GMT
x-content-type-options: nosniff
age: 872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Jun 2023 17:27:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 59ms
16ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 14 Jun 2023 17:27:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D42B 68 KB
31 KB 24ms
24ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

141b134ef7bf76eb25e8837b80bec1e9a17a359813ea2305ed9ea70ccc82dc9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31621
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/ Frame D42B 116 KB
33 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c75a5f88d1f8410c8d505f7fa1c25b7936c0da3d814d4a95eabcacc820c3c4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33603
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Jun 2024 18:29:42 GMT

GET
H2 200 Lj5lmey1qHOFmMbfuxy9CdMOseEmwpJKbtoBBKxW9PI.js Show response
www.google.com/js/th/ Frame D42B 37 KB
15 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Lj5lmey1qHOFmMbfuxy9CdMOseEmwpJKbtoBBKxW9PI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3e6599ecb5a8738598c6dfbb1cbd09d30eb1e126c2924a6eda0104ac56f4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14538
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 05:10:48 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/SvjGMo9aMwE/ Frame D42B 13 KB
14 KB 47ms
20ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/SvjGMo9aMwE/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eabc265e382abaa48b1d67cf77a594ae2dd42cda14a27d0e47731f942f5c7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13438
x-xss-protection: 0
server: sffe
etag: "1613299156"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Jun 2023 19:27:04 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/ Frame D42B 29 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82ad782a1be43b6b4a615ae52fcbefb25630f4a6559afb80e48f7c2f133b2712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 13:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8260
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 02:05:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Jun 2024 13:50:04 GMT

GET
DATA 200
OK truncated
/ Frame D42B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 WiyUwDEJ5eyf-nu2byupYkCF2e5wB_NjnR2WXT0l47R-CWjbbXSPRRKijAD7K-4SAIdC5dhm=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D42B 2 KB
2 KB 43ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/WiyUwDEJ5eyf-nu2byupYkCF2e5wB_NjnR2WXT0l47R-CWjbbXSPRRKijAD7K-4SAIdC5dhm=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SvjGMo9aMwE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a90949a4b8ef49519bcabd4f98d5ff87874596f20d494fa89d794d15cd5bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1984
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:27:04 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 44ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WXCGGS1XH5&gtm=45je36c0&_p=1719413119&ul=en-us&sr=1600x1200&cid=1106575020.1686763624&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fblog.orange.tw%2F2021%2F08%2Fproxylogon-a-new-attack-surface-on-ms-exchange-part-1.html&dt=Orange%3A%20A%20New%20Attack%20Surface%20on%20MS%20Exchange%20Part%201%20-%20ProxyLogon!&sid=1686763624&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WXCGGS1XH5&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 17:27:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.orange.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=RqjULd Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,... Frame 60A2 15 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0g-fLBgi7lhmZ5sltJ1l5VF42M1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7de302eb175f170096974523c8261886b93594176798d2824d5ef4e37c68ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5446
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 07:09:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 03:48:22 GMT

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,... Frame 60A2 1 KB
711 B 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0g-fLBgi7lhmZ5sltJ1l5VF42M1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435800c92ae463d96d36d2bdd407db1603196dd58c9719ec377ebdf7b4df9e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 682
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 07:09:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 03:48:22 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 17ms
16ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 14 Jun 2023 17:27:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D42B 90 B
134 B 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d32cbe47971710ba9f659fdf2fd43c7eee56fce03049aec0f27ec226ab1ab455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 60A2 1 KB
873 B 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/ck=boq-blogger.BloggerCommentUi.fGBXZg0-RBA.L.B1.O/am=oOYeAAE/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP0g-fLBgi7lhmZ5sltJ1l5VF42M1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,I6YDgd,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,ZDqTJc,Uas9Hd,eD1YLc,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af81f3e80668fbdfb8363938f7cfe55f8593f48af2d90c028d389d2b038f8a1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 1; mode=block
expires: Wed, 14 Jun 2023 17:27:04 GMT

GET
H3 200 3268905543-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/254827068-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 14:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6501
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 09:56:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 12 Jun 2024 14:21:51 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D42B 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?-E3E0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D42B 4 KB
2 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:27:04 GMT

GET
H3 200 4167778108-lbx__zh_tw.js Show response
www.blogger.com/static/v1/jsbin/ 376 KB
376 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/4167778108-lbx__zh_tw.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/254827068-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52874630bfeb80e6464edb02e8079d28c3ecf6fc35a4ddeba1f7558c5aeae099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.orange.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 02:21:08 GMT
x-content-type-options: nosniff
age: 227156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384911
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 22:51:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 11 Jun 2024 02:21:08 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame 60A2 410 KB
165 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167992
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 14:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 15:34:13 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame D42B 51 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 16:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 15 Jun 2023 16:14:52 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D09A 50 KB
27 KB 31ms
30ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=invisible&cb=fews1srwrdej

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b9769ab7b342b6d10961eb3d88a6ceeb9d767755e61e2b5e66df4934367300a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sUvODH3Jk5IxXALIREWIpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27581
content-security-policy: script-src 'report-sample' 'nonce-sUvODH3Jk5IxXALIREWIpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 17:27:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame D09A 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=invisible&cb=fews1srwrdej

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 14:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 14:13:37 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ Frame D09A 410 KB
164 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167992
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 14:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 15:34:13 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D09A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 326070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 17 Jun 2023 22:52:35 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D09A 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 323910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 23:28:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D09A 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 344360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D09A 102 B
134 B 18ms
16ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Xh5Zjh8Od10-SgxpI_tcSnHR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eeef487aba65683c2673a56a8c9aad308b20d13eb2f4b969ee6231bb87a2ba08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=Xh5Zjh8Od10-SgxpI_tcSnHR&size=invisible&cb=fews1srwrdej
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 14 Jun 2023 17:27:05 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame FA09 0
32 B 27ms
27ms Other
text/html 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: blog.orange.tw
URL: https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bhs3jLCl0Vu1G2f2XY7Syg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 14 Jun 2023 17:27:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-bhs3jLCl0Vu1G2f2XY7Syg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D42B 28 B
54 B 20ms
20ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8c7583ff/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Goog-Request-Time: 1686763626350
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/SvjGMo9aMwE
X-YouTube-Client-Version: 1.20230606.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtFd0Z1cTRFVkdqOCjn8KekBg%3D%3D
X-YouTube-Ad-Signals: dt=1686763624192&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 14 Jun 2023 17:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 14 Jun 2023 17:27:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.zh_TW.VMVE9Jgf95o.es5.O/am=oOYeAAE/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP1024nMx26R21YzFVQ3xMOXORvNAA/m=_b,_tp,_r

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nGHeXVTgV5s
.youtube.com/	1970-01-20 16:51:55	Name: VISITOR_INFO1_LIVE Value: EwFuq4EVGj8
.orange.tw/	1970-01-20 22:08:43	Name: _ga Value: GA1.2.1106575020.1686763624
.orange.tw/	1970-01-20 12:34:10	Name: _gid Value: GA1.2.1736591191.1686763624
.orange.tw/	1970-01-20 12:32:43	Name: _gat_blogger Value: 1
.orange.tw/	1970-01-20 22:08:43	Name: _ga_WXCGGS1XH5 Value: GS1.2.1686763624.1.0.1686763624.0.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
blog.orange.tw
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
region1.google-analytics.com
resources.blogblog.com
static.doubleclick.net
www.blogblog.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.blogger.com
2001:4860:4802:32::36
2a00:1450:4001:801::2009
2a00:1450:4001:808::200a
2a00:1450:4001:809::2016
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2009
2a00:1450:4001:810::2008
2a00:1450:4001:811::2006
2a00:1450:4001:811::2013
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:4001:831::2009
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
141b134ef7bf76eb25e8837b80bec1e9a17a359813ea2305ed9ea70ccc82dc9e
142f5651ef93527c9ade5836471283013f6bcaf5aa319e041d44b1724fe3fdc6
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d08e5ba7bc4c10a484989f560a14c2fcdbf261f12074383024c2976b9440507
22f9f53b2cbc7abcbb3ee7c7d4a96b5ea899deabaf7771e5856ec866f19b2fc4
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
2bba036d27948ede7fad38a33790a10fda10c36768cf985cebdaa6cc931636b6
2e3e6599ecb5a8738598c6dfbb1cbd09d30eb1e126c2924a6eda0104ac56f4f2
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
39941bb666221a876d2944ba9dc115514da8be0468f6bfbab730a6dd74d903e3
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
435800c92ae463d96d36d2bdd407db1603196dd58c9719ec377ebdf7b4df9e3e
4b9769ab7b342b6d10961eb3d88a6ceeb9d767755e61e2b5e66df4934367300a
4f68f597788c5dd5c4c8c520ba4759d4bff7466997cb3242b98eaffd226ff3df
52874630bfeb80e6464edb02e8079d28c3ecf6fc35a4ddeba1f7558c5aeae099
53ebd506c17c26fa0f302ee8f33e6033bab611abf779cb4bc64f88f3f102492f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
67dbfdd99ccb28a4a3c9e81045fb6c245cbc3bed2889a754653df96054f9e736
67e8970716778d87e9cdd2c6a8ed4fb82a56dadcc9919a8eee9764e2eb4d70f0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a8bff80f3adec38e8a892898418ab14ba14d53880428e103192552083e1b6a4
6a90949a4b8ef49519bcabd4f98d5ff87874596f20d494fa89d794d15cd5bd07
6eabc265e382abaa48b1d67cf77a594ae2dd42cda14a27d0e47731f942f5c7cb
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
759259099bf536a554932eb35090d0b4f576823a144cb9bbc3d4c57150ccb7b2
7597356a0a1cdd03d35b005b3fd45fee4cccd91d38de12661c8f2e87e968b91a
79b6d1807f598d792f0c011767f5dc192f1d0e08463df9a2489f940ed2c3275c
79bb6b6e7ed95ad5253ebcf46c1f1e38384d1cee98add4295346a3d5effbc8a6
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c4be8c3094e3be82294e6e89a5f172beaba708300402f7091c892846c1f9c2b
7e9dd90adf1b67dcaee7b0e0bdaf745eab7967bbbe78aec01c7c41f654906a39
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7fe4d83aa63b931b443010a18674850fd3ab92bfaaa447387cc6d2ab7cdff8b3
80efc9f4573b3f2018ea2fb84c9398edfc12aa89aac8550c3d39368a0742c050
817a2ebab12c97ca7a97ce330704a1f073795822c52a61ece07fc46d5d34af1e
82ad782a1be43b6b4a615ae52fcbefb25630f4a6559afb80e48f7c2f133b2712
904b8b91d92363304f4451357289270b77c77a750558af63b01345b9cff83fb7
9074463b706a5ea62cb477640ab1eb283442e834e5623f66be2e6b32d51e4463
91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9c6d726a501309c581c4884988d6567f85cf30a48afb62b274b972fc7d5c8327
a337b8bc0c11d1ced27beeb0ae2b1b1401b954af412b19604e801937ea64b7a8
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aa7de302eb175f170096974523c8261886b93594176798d2824d5ef4e37c68ff
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
aca1cd0738eaf7c22ea13013b12e91f603820074c0a96ed3a8a891ed2a1108dd
acbab549598e79df8356833641f7641c5900636fbbae215125117cdf4f2413d9
adcf7fb00447abb34826c3ca3cf2ad3be4516cfab88ad23b65e35b0c304f9170
ae77ccbe595357b4fe1b9ebcbc961bbdf6a55202a808158a2636539f6d3a9370
af5bbc41110b6d9a74158d0c0ae1a5d1f126eba6244baef1737070645c53b3f2
af63652eec76e17b35ed9553565ca82b6813fc555dc9bcefbe1b2b2fd32c83da
af81f3e80668fbdfb8363938f7cfe55f8593f48af2d90c028d389d2b038f8a1d
b3f80f6d5aad0be38748b9a4dd6ef1931a854abafbaf42ee7ef28e4c389a23ca
b6ba5a0a4a9fe81e0ce32aed1d9d6a1926051a139328c972a7e2358aa2df09a6
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
bdc1caeccde92a828ad0ecda8b0b2cdf6c7706d0c3b55b66defd384406d30c57
c2765f91facd6737b955dbe9804fe4bc4562c06ca5f582ce49d21545384496b2
c75a5f88d1f8410c8d505f7fa1c25b7936c0da3d814d4a95eabcacc820c3c4ef
c9e68bdc72b1dbe1b720afb7bb2bba23cca1ad4a88b5839469cc1d227f48db79
cc10d2a3817d56054cc0e57871e70ceefc8d11954fd4221e0f7ffb726a88bcfc
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
d32cbe47971710ba9f659fdf2fd43c7eee56fce03049aec0f27ec226ab1ab455
d532b1b840eedf7e04a4a9b360dfe7f70733b7a5e686bad7e7f289e0db28b232
d5aa8b2740e1e5f73a02fa378e7a47174c37858e104365bbabf69268a265febb
d7b43754476d1c6a6849d64651d02b1dff9158c10609153eb80b58b860091f11
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e24ede2412324188136fae3632103b253f635a014b1d96f4afcc7fc434ff8e18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e630de741ddac639491ce9a187c88e3f25a8be0cd2e3ba82e2ec985af9152baa
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea65d59a8d91967204ed6f3be1e08bc719085f9662e253e782bcb7ab7715ce13
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
ed49b08dc0e46950c340d81138113811c50e5343389217a047fd56f0f38a020c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeef487aba65683c2673a56a8c9aad308b20d13eb2f4b969ee6231bb87a2ba08
f328e6ecff58aad43792902cd70e45ecfb92cc00f38736a08a6f4c2a18d50664
f437b845a30ec1171591717818ace0bc468f89342684482c7c1c9f0054d517be
f46edb69daca58420337f038f02017a7e2bca52642f4f2913fd4ef33e0a987ac
f584f30bd5748d440c8b8ff7e2868076766639fcfc93fe26f856d92f162c1c9e
f6668ee2750d3410f5e96342d2d7b464cdae0c93ae72ac7d9275446fdb498fa6
f6bc59309906bc4d8400964bd98d9429dc3f6507320958c5ea71c61366413797
fdc7d8d9be402e35b2dd049cbe9699910e1e59ecbabb9444651df2f3d2bcc10d

blog.orange.tw Open in urlscan Pro 2a00:1450:4001:811::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

100 %IPv6

14 Domains

22 Subdomains

19 IPs

2 Countries

7493 kBTransfer

11448 kBSize

6 Cookies

57 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.orange.tw Open in urlscan Pro
2a00:1450:4001:811::2013 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

100 %
IPv6

14
Domains

22
Subdomains

19
IPs

2
Countries

7493 kB
Transfer

11448 kB
Size

6
Cookies

101 HTTP transactions
1 data transactions