redirectlink1337.blogspot.com Open in urlscan Pro
2607:f8b0:4006:821::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.website-b261cf90.gamewatchers.co.ke/
Effective URL:
https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Submission: On March 22 via api (March 22nd 2024, 4:26:30 pm UTC) from US — Scanned from US

Summary HTTP 45 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 45 HTTP transactions. The main IP is 2607:f8b0:4006:821::2001, located in United States and belongs to GOOGLE, US. The main domain is redirectlink1337.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on February 26th 2024. Valid for: 3 months.

This is the only time redirectlink1337.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.195.73.47 69.195.73.47	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2607:f8b0:400... 2607:f8b0:4006:821::2001	15169 (GOOGLE) (GOOGLE)
6	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:808::2009	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
4	148.251.155.232 148.251.155.232	24940 (HETZNER-AS) (HETZNER-AS)
4	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
45	10

1 69.195.73.47 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2449.bluehost.com

www.website-b261cf90.gamewatchers.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)

redirectlink1337.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

oversleepwilling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:808::2009 (United States)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 148.251.155.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.232.155.251.148.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	blogger.com www.blogger.com — Cisco Umbrella Rank: 9902	404 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	598 KB
6	oversleepwilling.com oversleepwilling.com
4	google.com www.google.com — Cisco Umbrella Rank: 5	37 KB
4	a-ads.com acceptable.a-ads.com — Cisco Umbrella Rank: 158783 Failed static.a-ads.com — Cisco Umbrella Rank: 32138	1 MB
3	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 9766	269 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	blogspot.com redirectlink1337.blogspot.com	56 KB
1	gamewatchers.co.ke 1 redirects www.website-b261cf90.gamewatchers.co.ke	134 B
45	9

	Domain	Requested by
13	www.blogger.com	redirectlink1337.blogspot.com www.blogger.com
7	fonts.gstatic.com	redirectlink1337.blogspot.com www.blogger.com fonts.googleapis.com www.google.com
6	oversleepwilling.com	redirectlink1337.blogspot.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.blogger.com www.gstatic.com www.google.com
3	blogger.googleusercontent.com	redirectlink1337.blogspot.com
2	static.a-ads.com	acceptable.a-ads.com
2	fonts.googleapis.com	acceptable.a-ads.com
2	acceptable.a-ads.com	redirectlink1337.blogspot.com
1	redirectlink1337.blogspot.com
1	www.website-b261cf90.gamewatchers.co.ke	1 redirects
45	11

This site contains links to these domains. Also see Links.

Domain
search.google.com
developers.google.com
tools.pingdom.com
blogger.googleusercontent.com
oversleepwilling.com
www.facebook.com
twitter.com
api.whatsapp.com
pinterest.com
www.linkedin.com
telegram.me
www.blogger.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
oversleepwilling.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Frame ID: 774913248E0F701BE6EF04F883AEC657
Requests: 21 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/7459523323699667826?po=162290819704430632&hl=id&skin=contempo&blogspotRpcToken=1747753
Frame ID: 68B8CA85221993991E3A0D25A988FD15
Requests: 10 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/2312258
Frame ID: 9BFF4EF857A131355F084C64AE7A185A
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/2312258
Frame ID: F30213D92A31B833645D949CF77F962E
Requests: 4 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/2312258
Frame ID: FA16D11B9D55B28F5E2CA650B44889DF
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=ijkhosxirzxq
Frame ID: EB7270A0807224038D33CB40F181C54E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cara Patch Bug Bypass Admin - seputar teknologi digital

Page URL History Show full URLs

https://www.website-b261cf90.gamewatchers.co.ke/ HTTP 301
https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

98 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

2705 kB
Transfer

4366 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://search.google.com/test/rich-results?id=HLwqnEjKzDtvze1gXfcvsQ
Title: Google Rich Test

Search URL Search Domain Scan URL

URL: https://search.google.com/structured-data/testing-tool#url=https%3A%2F%2Fgeneratepress.blogspot.com%2F
Title: Google Validator

Search URL Search Domain Scan URL

URL: https://developers.google.com/speed/pagespeed/insights/?url=https%3A%2F%2Fgeneratepress.blogspot.com%3Fm%3D1&tab=mobile
Title: Google PageSpeedNEW

Search URL Search Domain Scan URL

URL: https://tools.pingdom.com/#5d224e9f4a000000
Title: Pingdom Speed

Search URL Search Domain Scan URL

URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUs8Jj0OlzzfWef6QJXrmMdOPgVuu0oK8-fp410rHVJk4ScZVLIWjlZXpVpFGDA48HTwNdqTgG0YKdqPiW7SeaCUmVsxs5crWISr7JFtBgYR1fcKYYBCFP8KHYwDWrNmiiZAcicquvwuU/s1600/hacker-1944688__340.jpg

Search URL Search Domain Scan URL

URL: https://oversleepwilling.com/inc4w4d3p?key=1bacb28cf49dad42eb16676c27a11b90
Title: Responsive Advertisement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Cara%20Patch%20Bug%20Bypass%20Admin&url=https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=&text=Cara%20Patch%20Bug%20Bypass%20Admin%20%2D%20https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html&media=https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUs8Jj0OlzzfWef6QJXrmMdOPgVuu0oK8-fp410rHVJk4ScZVLIWjlZXpVpFGDA48HTwNdqTgG0YKdqPiW7SeaCUmVsxs5crWISr7JFtBgYR1fcKYYBCFP8KHYwDWrNmiiZAcicquvwuU/w640-h427/hacker-1944688__340.jpg&description=Cara%20Patch%20Bug%20Bypass%20Admin

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html&text=Cara%20Patch%20Bug%20Bypass%20Admin

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/7459523323699667826?po=162290819704430632&hl=id&skin=contempo&blogspotRpcToken=1747753

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/12816850185336983770
Title: 1337

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.website-b261cf90.gamewatchers.co.ke/ HTTP 301
https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cara-patch-bug-bypass-admin.html Show response
redirectlink1337.blogspot.com/2024/03/
Redirect Chain

https://www.website-b261cf90.gamewatchers.co.ke/
https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

184 KB
56 KB

437ms
100ms

Document
text/html

2607:f8b0:4006:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e191ccd6126a70ce5aeacc2b918067651ca757f905ce502c7b6b233bf1e4c162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 56556
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 16:26:21 GMT
etag: W/"534c480451dea3f9a405e0928861927e03b787dbe254e4feb827877b3463b069"
expires: Fri, 22 Mar 2024 16:26:21 GMT
last-modified: Fri, 22 Mar 2024 14:02:23 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 286
content-type: text/html; charset=iso-8859-1
date: Fri, 22 Mar 2024 16:26:21 GMT
location: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
server: Apache

GET
H/1.1 403
Forbidden 7155480897b18cf3e5caf304850c3ed1.js
oversleepwilling.com/71/55/48/ 0
0 753ms
40ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oversleepwilling.com/71/55/48/7155480897b18cf3e5caf304850c3ed1.js
Requested by: Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Fri, 22 Mar 2024 16:26:22 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 AVvXsEgjuNudKHsvYbvznf4ywDvCO85Ku4zyCeDFWKRoh--CdsdFQA4eWO_FdtH8dcK-vkjiR7VtT1MCT5RRtNTjddOHI1-Sdsh-7QMgxKDhHmsFz9MfuXLD1iokcPDIC8LtMkH7TmBf2wJ0ildjmch5BgN59x-v4Q0NQTWbC1Nxg2wXjF0FQM3tIEaLqv2MDceh=...
blogger.googleusercontent.com/img/a/ 196 KB
196 KB 821ms
594ms Image
image/png 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgjuNudKHsvYbvznf4ywDvCO85Ku4zyCeDFWKRoh--CdsdFQA4eWO_FdtH8dcK-vkjiR7VtT1MCT5RRtNTjddOHI1-Sdsh-7QMgxKDhHmsFz9MfuXLD1iokcPDIC8LtMkH7TmBf2wJ0ildjmch5BgN59x-v4Q0NQTWbC1Nxg2wXjF0FQM3tIEaLqv2MDceh=s612

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b476b9c2b5f7e7531515f132f4fd7a12c2c7709a350eda8a2572ae914225199b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v12d"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6351a7e6c309c-removebg-preview.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200696
x-xss-protection: 0
expires: Sat, 23 Mar 2024 16:26:22 GMT

GET
H2 200 hacker-1944688__340.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUs8Jj0OlzzfWef6QJXrmMdOPgVuu0oK8-fp410rHVJk4ScZVLIWjlZXpVpFGDA48HTwNdqTgG0YKdqPiW7SeaCUmVsxs5crWISr7JFtBgYR1fcKYYBCFP8KHYwDWrNmiiZAcicquvwuU/w640... 70 KB
70 KB 741ms
515ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUs8Jj0OlzzfWef6QJXrmMdOPgVuu0oK8-fp410rHVJk4ScZVLIWjlZXpVpFGDA48HTwNdqTgG0YKdqPiW7SeaCUmVsxs5crWISr7JFtBgYR1fcKYYBCFP8KHYwDWrNmiiZAcicquvwuU/w640-h427/hacker-1944688__340.jpg

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

08c66a03b2d013978c452647f2da6116e44308b4f91016ee0df899e976c4adfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v98"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hacker-1944688__340.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71470
x-xss-protection: 0
expires: Sat, 23 Mar 2024 16:26:22 GMT

GET
H2 200 4269703388-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
7 KB 257ms
48ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/4269703388-comment_from_post_iframe.js

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d82536efbe90719d594c5d074bbd02dc4047aeff609910a1730551b486cac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 08:53:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 20 Mar 2025 07:55:34 GMT

GET
H/1.1 403
Forbidden 4f081927b629cdc92df463a9cd00fd54.js
oversleepwilling.com/4f/08/19/ 0
0 76ms
42ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oversleepwilling.com/4f/08/19/4f081927b629cdc92df463a9cd00fd54.js
Requested by: Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Fri, 22 Mar 2024 16:26:22 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 1794065108-widgets.js Show response
www.blogger.com/static/v1/widgets/ 142 KB
51 KB 253ms
51ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1794065108-widgets.js

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8038bea4138c6f4160aca7eb48fba293f6aea54f00094485063ec6b458dfd6f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51775
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 23:17:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 306ms
104ms Stylesheet
text/css 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7459523323699667826&zx=a549c7d8-38d2-4570-a98a-aa9fe5095a9b

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 22 Mar 2024 16:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 16:26:22 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/ 0
0 142ms
46ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js
Requested by: Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://redirectlink1337.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 22 Mar 2024 16:26:22 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cad0732d779ee39bd731443a8ec2e8b52af41473edf7211403daa4217627032

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 233ms
0ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redirectlink1337.blogspot.com/
Origin: https://redirectlink1337.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:15:45 GMT
x-content-type-options: nosniff
age: 198637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15872
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:15:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
21 KB 228ms
0ms Font
font/ttf 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redirectlink1337.blogspot.com/
Origin: https://redirectlink1337.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20776
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:09:32 GMT

GET
DATA 200
OK truncated
/ 158 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa8632f140735bd14d043a5bb88b58286636fd76ad5f9e7a1cd4fb99348c3521

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7459523323699667826 Show response
www.blogger.com/comment/frame/ Frame 68B8 79 KB
20 KB 120ms
105ms Document
text/html 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/7459523323699667826?po=162290819704430632&hl=id&skin=contempo&blogspotRpcToken=1747753

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/4269703388-comment_from_post_iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5668c22ae317b42fbd9c9ee4772e21d509623b37710f049e9806bb03b7f4226

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-gSFI7v96x7q28XwjonIfJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redirectlink1337.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-gSFI7v96x7q28XwjonIfJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 22 Mar 2024 16:26:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/BloggerCommentUi/web-reports?context=eJzj6mDU4pJicNCQYqh138lUemUn0x2NXUyvgDiydBdTOhA7vbrJJNN7i-nxlFtMTk-fMj1vf8b0DYg1TV4w_U1-yaS55yXTuy8vmQS-vmSSAGItINYInc76pmg6K9-66awqQGy4fjprJBBfvzGd1Sl9BmsIEPvUz2CNA-LWm-dYpwOxEDfH-kff1rMJPHgyQxgA4wFBeA"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 146 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d77d5b5991969e42702cee6b92d945cba88304dbf9f924d079669c718fb3a3bb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 403
Forbidden invoke.js
oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/ 0
0 69ms
56ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js
Requested by: Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://redirectlink1337.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 22 Mar 2024 16:26:23 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
111 B 127ms
49ms Stylesheet
text/css 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7459523323699667826&zx=a549c7d8-38d2-4570-a98a-aa9fe5095a9b

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Fri, 22 Mar 2024 16:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 16:26:23 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/ 0
0 84ms
46ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js
Requested by: Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://redirectlink1337.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 22 Mar 2024 16:26:23 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET 2312258
acceptable.a-ads.com/ Frame 9BFF 0
0

GET
H2 200 2312258 Show response
acceptable.a-ads.com/ Frame F302 26 KB
6 KB 563ms
141ms Document
text/html 148.251.155.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/2312258

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.232.155.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

30a5fd19d9211e2c59320ed952957ae33fb27db13de09a24aa299b700022d390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redirectlink1337.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 22 Mar 2024 16:26:23 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://redirectlink1337.blogspot.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden invoke.js
oversleepwilling.com/9b92ed6eb9b03974533aae9694829321/ 0
0 42ms
41ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oversleepwilling.com/9b92ed6eb9b03974533aae9694829321/invoke.js
Requested by: Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://redirectlink1337.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 22 Mar 2024 16:26:23 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 m=_b,_tp Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/am=BgzoGA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0gg2i_9WSUiloBbvizAkbdKDOjWQ/ Frame 68B8 181 KB
64 KB 96ms
86ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/am=BgzoGA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0gg2i_9WSUiloBbvizAkbdKDOjWQ/m=_b,_tp

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/7459523323699667826?po=162290819704430632&hl=id&skin=contempo&blogspotRpcToken=1747753

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe2b6e2faacabc887e2428455ceee8a432c695cbda3202da4979f7735ac5dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65087
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 05:10:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 03:14:32 GMT

GET
H2 200 2312258 Show response
acceptable.a-ads.com/ Frame FA16 26 KB
6 KB 561ms
209ms Document
text/html 148.251.155.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/2312258

Requested by

Host: redirectlink1337.blogspot.com
URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.232.155.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

e632cccc38e3b6597f03ae8693c59abd11e08d613bde3ebc658ffd2207ec4cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redirectlink1337.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 22 Mar 2024 16:26:23 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://redirectlink1337.blogspot.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ Frame 68B8 35 KB
20 KB 87ms
27ms Font
font/ttf 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/7459523323699667826?po=162290819704430632&hl=id&skin=contempo&blogspotRpcToken=1747753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20776
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:09:32 GMT

GET
H3 200 m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframevi... Frame 68B8 280 KB
100 KB 100ms
61ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP17tlz2cD7uD1DFpPrWpptzbxlCLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/am=BgzoGA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0gg2i_9WSUiloBbvizAkbdKDOjWQ/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c5e77481cc8b9b9676207380d59c15b228fac4e4d395e3d94ec3572c619ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101920
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 03:16:46 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRi... Frame 68B8 3 KB
2 KB 82ms
67ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP17tlz2cD7uD1DFpPrWpptzbxlCLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42b8384afb87f5035eadb123c4b03463d195136ea17590028e2d3561d00222c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1658
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 03:18:54 GMT

GET
H3 200 m=VXdfxd,fgib1c,YwHGTd,pxq3x Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame 68B8 78 KB
27 KB 79ms
65ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP17tlz2cD7uD1DFpPrWpptzbxlCLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951843926617d5882cc194f990d8951a293d6bc27ba866fbf7857368e9188e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27522
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 03:18:54 GMT

GET
H3 200 m=RqjULd Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame 68B8 18 KB
6 KB 151ms
149ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP17tlz2cD7uD1DFpPrWpptzbxlCLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

913c69b067bc8b48cd902329136d3bd60cd9166ec95657d42a17349524b6b524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6426
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 03:18:54 GMT

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame 68B8 1 KB
778 B 135ms
76ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP17tlz2cD7uD1DFpPrWpptzbxlCLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0e009898fb7f3643efb7d2c44966d5b8ebd75c908a72faa848b517ba421985e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 752
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Mar 2025 03:18:54 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 68B8 1 KB
1 KB 474ms
62ms Script
text/javascript 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.gRzGzHMah_Q.es5.O/ck=boq-blogger.BloggerCommentUi.2II_ywk9Buc.L.B1.O/am=BgzoGA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP17tlz2cD7uD1DFpPrWpptzbxlCLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86f94e85056687c5cd1229b00b3f259916b503f827e5da2befd0348aab8d4a77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 16:26:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F302 5 KB
1 KB 446ms
55ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2312258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Mar 2024 16:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 14:39:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Mar 2024 16:26:24 GMT

GET
H2 200 970x250
static.a-ads.com/a-ads-banners/505071/ Frame F302 695 KB
696 KB 509ms
280ms Image
image/gif 148.251.155.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/505071/970x250?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2312258
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.232.155.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 18378187cadbac52702501bb7fbfe10d518604344a3a3d01cfe918c6d63a6eb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:24 GMT
x-amz-version-id: TLso8Nel7pajsLDxs7PARWdQlc5zwlu_
last-modified: Fri, 08 Mar 2024 13:30:55 GMT
server: nginx
x-amz-request-id: 85P13T594E3E3GNV
etag: "d5907abf3a755665d01e9ae0dcb8ffd2"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 711209
x-amz-id-2: GbKH3/laYlsQ+FE7rOirLasvgI0Lu5YG59li4D4DpfGMhT7GOnYoFtrr8Bhmc8EByPObNU8tPHI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame FA16 5 KB
743 B 471ms
82ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2312258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Mar 2024 16:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 14:41:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Mar 2024 16:26:24 GMT

GET
H2 200 250x250
static.a-ads.com/a-ads-banners/505002/ Frame FA16 632 KB
633 KB 356ms
153ms Image
image/gif 148.251.155.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/505002/250x250?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2312258
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.155.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.232.155.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 1709e54f25f2b079785e6d538f92f931c1f1e38cc9defcbaff39c2ce40bb7c1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:24 GMT
x-amz-version-id: hjF2ZD8N1rGmc9xO3bE6SFjiHuBX1O2a
last-modified: Fri, 08 Mar 2024 13:16:05 GMT
server: nginx
x-amz-request-id: HRB1XEVWHPDWD38B
etag: "4e4de4aea52dfea3f1ab71a201e72eab"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 647278
x-amz-id-2: HAe2Agftm+pCS6Wlw8cNkuzgHNLMM0je49eOpa+hQ0xmmD5ZSNZZltpKLR61N+7O58f5nY1DD1E=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame 68B8 492 KB
197 KB 314ms
45ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200837
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 09:16:10 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame F302 46 KB
46 KB 55ms
38ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acceptable.a-ads.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:59 GMT
x-content-type-options: nosniff
age: 203065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:01:59 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame FA16 46 KB
46 KB 37ms
36ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://acceptable.a-ads.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:59 GMT
x-content-type-options: nosniff
age: 203065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:01:59 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EB72 45 KB
28 KB 218ms
8ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=ijkhosxirzxq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4cd4b46a017433175fa49cf5e7af7fc458d54397b56919e643a9b133e40f233b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1HifDYG-Xac1YeBf4yho8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1HifDYG-Xac1YeBf4yho8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 16:26:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame EB72 55 KB
24 KB 138ms
36ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=ijkhosxirzxq

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 09:31:23 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ Frame EB72 492 KB
196 KB 155ms
53ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 09:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200837
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 09:16:10 GMT

GET
H3 200 Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js Show response
www.google.com/js/bg/ Frame EB72 17 KB
7 KB 44ms
34ms Script
text/javascript 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Cuj_kDOx7kQB15k15ZfnFf8OUB-ufBvpEp-MAz1Zs84.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=ijkhosxirzxq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7310
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 08:10:03 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EB72 2 KB
2 KB 36ms
34ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:34 GMT
x-content-type-options: nosniff
age: 203932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 27 Mar 2024 07:47:34 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB72 15 KB
15 KB 37ms
35ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:54:19 GMT
x-content-type-options: nosniff
age: 203527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:54:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB72 15 KB
15 KB 38ms
36ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:09:27 GMT
x-content-type-options: nosniff
age: 199019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:09:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EB72 102 B
135 B 53ms
53ms Other
text/javascript 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca815ec6737d0c4bc1e16779dfdbb8241fb7ad898e6459db9d399435125ab515

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=YurWEBlMIwR4EqFPncmQTkxQ&size=invisible&cb=ijkhosxirzxq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2024 16:26:26 GMT

GET
H3 200 3268905543-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 36ms
34ms Stylesheet
text/css 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1794065108-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6501
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 11:55:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 20 Mar 2025 07:50:51 GMT

GET
H3 200 3614066654-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 375 KB
120 KB 61ms
43ms Script
text/javascript 2607:f8b0:4006:808::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3614066654-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1794065108-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823267f5341376ce1e2b1c075b7b08d06b9b1f35a5ca076c44b4c88701d60676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123006
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 06:57:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 20 Mar 2025 07:53:46 GMT

GET
H2 200 download.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVC98RBG_sB3X6gUFvzDXDEh5fWTNqfE5C_kLIA6B-mda26ZnNNfBjir0zT373g2t6U6uBty4_gscRwQ91NSNjKWWolVkXlGRT-Rh7PUnNmSOUeq-PTncb7vSHfaUmU4GwQHiba7s-3A0TDfdk... 2 KB
2 KB 400ms
362ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVC98RBG_sB3X6gUFvzDXDEh5fWTNqfE5C_kLIA6B-mda26ZnNNfBjir0zT373g2t6U6uBty4_gscRwQ91NSNjKWWolVkXlGRT-Rh7PUnNmSOUeq-PTncb7vSHfaUmU4GwQHiba7s-3A0TDfdkwC_h_y-VZ45uN9BgkXmnybqAzvZAPkc/w68-h68-p-k-no-nu/download.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab7d8b13e0666ce755a91363fbaaff0ec67d027d715470c1f0782e530947c4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://redirectlink1337.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 16:26:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v7e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="download.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2177
x-xss-protection: 0
expires: Sat, 23 Mar 2024 16:26:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2312258

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://oversleepwilling.com/71/55/48/7155480897b18cf3e5caf304850c3ed1.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 902) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 902) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://oversleepwilling.com/4f/08/19/4f081927b629cdc92df463a9cd00fd54.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 1074) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 1074) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 1090) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 1090) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://oversleepwilling.com/313a17d209e47948bd4dc3d2ecb54733/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 1126) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/9b92ed6eb9b03974533aae9694829321/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://redirectlink1337.blogspot.com/2024/03/cara-patch-bug-bypass-admin.html(Line 1126) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://oversleepwilling.com/9b92ed6eb9b03974533aae9694829321/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://oversleepwilling.com/9b92ed6eb9b03974533aae9694829321/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acceptable.a-ads.com
blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
oversleepwilling.com
redirectlink1337.blogspot.com
static.a-ads.com
www.blogger.com
www.google.com
www.gstatic.com
www.website-b261cf90.gamewatchers.co.ke
acceptable.a-ads.com
148.251.155.232
192.243.61.227
2607:f8b0:4006:808::2009
2607:f8b0:4006:816::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2001
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2004
69.195.73.47
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
08c66a03b2d013978c452647f2da6116e44308b4f91016ee0df899e976c4adfa
0ae8ff9033b1ee4401d79935e597e715ff0e501fae7c1be9129f8c033d59b3ce
1709e54f25f2b079785e6d538f92f931c1f1e38cc9defcbaff39c2ce40bb7c1a
18378187cadbac52702501bb7fbfe10d518604344a3a3d01cfe918c6d63a6eb9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98
23d82536efbe90719d594c5d074bbd02dc4047aeff609910a1730551b486cac7
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
30a5fd19d9211e2c59320ed952957ae33fb27db13de09a24aa299b700022d390
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4cad0732d779ee39bd731443a8ec2e8b52af41473edf7211403daa4217627032
4cd4b46a017433175fa49cf5e7af7fc458d54397b56919e643a9b133e40f233b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7fe2b6e2faacabc887e2428455ceee8a432c695cbda3202da4979f7735ac5dc0
8038bea4138c6f4160aca7eb48fba293f6aea54f00094485063ec6b458dfd6f8
823267f5341376ce1e2b1c075b7b08d06b9b1f35a5ca076c44b4c88701d60676
866c5e77481cc8b9b9676207380d59c15b228fac4e4d395e3d94ec3572c619ad
86f94e85056687c5cd1229b00b3f259916b503f827e5da2befd0348aab8d4a77
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
913c69b067bc8b48cd902329136d3bd60cd9166ec95657d42a17349524b6b524
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
951843926617d5882cc194f990d8951a293d6bc27ba866fbf7857368e9188e62
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
ab7d8b13e0666ce755a91363fbaaff0ec67d027d715470c1f0782e530947c4a1
b476b9c2b5f7e7531515f132f4fd7a12c2c7709a350eda8a2572ae914225199b
c0e009898fb7f3643efb7d2c44966d5b8ebd75c908a72faa848b517ba421985e
c5668c22ae317b42fbd9c9ee4772e21d509623b37710f049e9806bb03b7f4226
ca815ec6737d0c4bc1e16779dfdbb8241fb7ad898e6459db9d399435125ab515
d77d5b5991969e42702cee6b92d945cba88304dbf9f924d079669c718fb3a3bb
e191ccd6126a70ce5aeacc2b918067651ca757f905ce502c7b6b233bf1e4c162
e42b8384afb87f5035eadb123c4b03463d195136ea17590028e2d3561d00222c
e632cccc38e3b6597f03ae8693c59abd11e08d613bde3ebc658ffd2207ec4cfe
fa8632f140735bd14d043a5bb88b58286636fd76ad5f9e7a1cd4fb99348c3521

redirectlink1337.blogspot.com Open in urlscan Pro 2607:f8b0:4006:821::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

70 %IPv6

9 Domains

11 Subdomains

10 IPs

2 Countries

2705 kBTransfer

4366 kBSize

0 Cookies

14 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redirectlink1337.blogspot.com Open in urlscan Pro
2607:f8b0:4006:821::2001 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

70 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

2705 kB
Transfer

4366 kB
Size

0
Cookies

45 HTTP transactions
3 data transactions