operationdisclosure.blogspot.com Open in urlscan Pro
2a00:1450:4001:80e::2001  Public Scan

Submitted URL: https://www.operationdisclosure.blogspot.com/
Effective URL: https://operationdisclosure.blogspot.com/
Submission: On March 13 via api from US

Summary

This website contacted 42 IPs in 6 countries across 47 domains to perform 135 HTTP transactions. The main IP is 2a00:1450:4001:80e::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is operationdisclosure.blogspot.com.
TLS certificate: Issued by GTS CA 1O1 on February 23rd 2021. Valid for: 3 months.
This is the only time operationdisclosure.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2a00:1450:400... 15169 (GOOGLE)
4 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 104.22.3.144 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 54.88.106.17 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
2 68.183.31.14 14061 (DIGITALOC...)
2 151.101.114.133 54113 (FASTLY)
31 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.17.185.233 16625 (AKAMAI-AS)
1 192.0.77.2 2635 (AUTOMATTIC)
1 93.184.221.168 15133 (EDGECAST)
1 89.187.169.15 60068 (CDN77 (^_^)/)
5 13.32.21.95 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
2 5 104.108.64.33 16625 (AKAMAI-AS)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 104.108.50.124 16625 (AKAMAI-AS)
1 208.100.17.184 32748 (STEADFAST)
2 7 84.53.189.33 34164 (AKAMAI-LON)
1 51.38.120.206 16276 (OVH)
4 5 185.33.221.52 29990 (ASN-APPNEX)
3 3 213.19.147.150 26120 (RHYTHMONE)
2 3 18.203.78.129 16509 (AMAZON-02)
1 208.100.17.171 32748 (STEADFAST)
1 1 64.202.112.127 23352 (SERVERCEN...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 54.194.137.128 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 52.59.102.119 16509 (AMAZON-02)
5 5 3.126.56.137 16509 (AMAZON-02)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
6 6 185.64.190.79 62713 (AS-PUBMATIC)
4 4 142.250.186.34 15169 (GOOGLE)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
2 2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 88.214.193.83 46636 (NATCOWEB)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 2600:9000:218... 16509 (AMAZON-02)
1 2 54.239.17.112 16509 (AMAZON-02)
1 1 63.35.200.21 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 69.173.144.138 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
135 42
Apex Domain
Subdomains
Transfer
37 blogspot.com
www.operationdisclosure.blogspot.com
operationdisclosure.blogspot.com
3.bp.blogspot.com
1.bp.blogspot.com
2.bp.blogspot.com
2 MB
18 infolinks.com
resources.infolinks.com
router.infolinks.com
276 KB
10 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
6 KB
10 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
193 KB
8 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
8 KB
8 adblade.com
web.adblade.com
static-cdn.adblade.com
131 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
6 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
5 adnxs.com
ib.adnxs.com
4 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
45 KB
5 pixfuture.com
served-by.pixfuture.com
cdn.pixfuture.com
153 KB
5 googleapis.com
ajax.googleapis.com
translate.googleapis.com
130 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 fontawesome.com
use.fontawesome.com
107 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 blogger.com
www.blogger.com
53 KB
2 everesttech.net
sync-tm.everesttech.net
625 B
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 advertising.com
pixel.advertising.com
677 B
2 1rx.io
sync.1rx.io
1 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 google.com
translate.google.com
adservice.google.com
3 KB
2 paypalobjects.com
www.paypalobjects.com
4 KB
1 adroll.com
d.adroll.com
112 B
1 quantcount.com
rules.quantcount.com
357 B
1 rfihub.com
p.rfihub.com
756 B
1 ck-ie.com
us.ck-ie.com
482 B
1 adkernel.com
dsp.adkernel.com
233 B
1 cpx.to
s.cpx.to
945 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 33across.com
ssc-cms.33across.com
72 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
591 B
1 onetag-sys.com
onetag-sys.com
818 B
1 tynt.com
de.tynt.com
289 B
1 bitchute.com
static-3.bitchute.com
12 KB
1 rmbl.ws
i.rmbl.ws
16 KB
1 wp.com
i1.wp.com
87 B
1 wsimg.com
img1.wsimg.com
26 KB
1 googletagservices.com
www.googletagservices.com
28 KB
1 google.de
adservice.google.de
799 B
1 googleadservices.com
partner.googleadservices.com
642 B
1 moneymetals.com
www.moneymetals.com
13 KB
1 blogblog.com
resources.blogblog.com
833 B
135 47
Domain Requested by
29 1.bp.blogspot.com operationdisclosure.blogspot.com
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
8 pagead2.googlesyndication.com operationdisclosure.blogspot.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 image8.pubmatic.com 6 redirects
5 ups.analytics.yahoo.com 5 redirects
5 ib.adnxs.com 4 redirects ssum-sec.casalemedia.com
5 sb.scorecardresearch.com 2 redirects web.adblade.com
operationdisclosure.blogspot.com
5 static-cdn.adblade.com web.adblade.com
operationdisclosure.blogspot.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 cm.g.doubleclick.net 4 redirects
4 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 use.fontawesome.com operationdisclosure.blogspot.com
use.fontawesome.com
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 www.gstatic.com operationdisclosure.blogspot.com
translate.googleapis.com
3 www.blogger.com operationdisclosure.blogspot.com
3 cdn.pixfuture.com operationdisclosure.blogspot.com
served-by.pixfuture.com
cdn.pixfuture.com
3 web.adblade.com operationdisclosure.blogspot.com
web.adblade.com
3 resources.infolinks.com operationdisclosure.blogspot.com
resources.infolinks.com
3 operationdisclosure.blogspot.com operationdisclosure.blogspot.com
ajax.googleapis.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 sync-tm.everesttech.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync.search.spotxchange.com 2 redirects
2 image4.pubmatic.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 ap.lijit.com 2 redirects
2 pixel.advertising.com 2 redirects
2 sync.1rx.io 2 redirects
2 eus.rubiconproject.com router.infolinks.com
eus.rubiconproject.com
2 fonts.gstatic.com operationdisclosure.blogspot.com
2 2.bp.blogspot.com operationdisclosure.blogspot.com
2 www.paypalobjects.com operationdisclosure.blogspot.com
2 served-by.pixfuture.com operationdisclosure.blogspot.com
cdn.pixfuture.com
2 3.bp.blogspot.com operationdisclosure.blogspot.com
1 token.rubiconproject.com eus.rubiconproject.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 pixel.quantserve.com operationdisclosure.blogspot.com
1 rules.quantcount.com secure.quantserve.com
1 p.rfihub.com 1 redirects
1 us.ck-ie.com 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 ssc-cms.33across.com router.infolinks.com
1 sync.targeting.unrulymedia.com 1 redirects
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 secure-assets.rubiconproject.com 1 redirects
1 secure.quantserve.com web.adblade.com
1 static-3.bitchute.com operationdisclosure.blogspot.com
1 i.rmbl.ws operationdisclosure.blogspot.com
1 i1.wp.com operationdisclosure.blogspot.com
1 img1.wsimg.com operationdisclosure.blogspot.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 translate.google.com operationdisclosure.blogspot.com
1 www.moneymetals.com operationdisclosure.blogspot.com
1 resources.blogblog.com operationdisclosure.blogspot.com
1 ajax.googleapis.com operationdisclosure.blogspot.com
1 www.operationdisclosure.blogspot.com 1 redirects
135 66
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-15 -
2021-08-15
a year crt.sh
*.blogger.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
adblade.com
Amazon
2020-06-15 -
2021-07-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA
2019-12-03 -
2021-12-02
2 years crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2019-12-09 -
2021-12-13
2 years crt.sh
moneymetals.com
DigiCert SHA2 Extended Validation Server CA
2021-01-05 -
2022-02-04
a year crt.sh
*.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2
2020-09-22 -
2021-10-24
a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
s3.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2020-09-30 -
2021-10-31
a year crt.sh
static-3.bitchute.com
R3
2021-02-16 -
2021-05-17
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-05 -
2022-01-18
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2021-09-30
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
onetag-sys.com
R3
2021-02-10 -
2021-05-11
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2021-09-30
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2020-12-06 -
2022-01-07
a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2021-02-03 -
2022-02-09
a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-22 -
2022-01-05
a year crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-10-30 -
2021-04-27
6 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh

This page contains 12 frames:

Primary Page: https://operationdisclosure.blogspot.com/
Frame ID: B7FB0159C7D8570D350BD4E5C9DEE2EA
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 2DB4915A9C6EF85AC0BEC3CB0F313D78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&h=90&slotname=8846898431&adk=2308170064&adf=1374397383&pi=t.ma~as.8846898431&w=728&lmt=1615558824&psa=0&format=728x90&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&flash=0&wgl=1&dt=1615650617741&bpp=21&bdt=401&idt=125&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2796943952801&frm=20&pv=2&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfvib665yZ&p=https%3A//operationdisclosure.blogspot.com&dtd=247
Frame ID: 3F44D893743762205582ECC20DFE7622
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&h=600&slotname=2517961328&adk=353217535&adf=1317264876&pi=t.ma~as.2517961328&w=300&lmt=1615558824&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&dt=1615650617792&bpp=12&bdt=452&idt=293&shv=r20210309&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90&correlator=2796943952801&frm=20&pv=1&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1050&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=93O2jnkmax&p=https%3A//operationdisclosure.blogspot.com&dtd=307
Frame ID: D0CABD964CB277E02EE9A9DA9B1D14D2
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Frame ID: 577EAD4350BFB761573DEEC43738D66B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&adk=1812271804&adf=3025194257&lmt=1615558824&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615650617848&bpp=2&bdt=507&idt=343&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2517961328&nras=1&correlator=2796943952801&frm=20&pv=1&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=349
Frame ID: 94F0B1F7C288F1058CAFDA2F05E6AF85
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 3D1E2898BDB369FF35F753F5098E5EB1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: E43ACF15FC54F8093C7946B7B99CA956
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: B67701C8E7F26667F037F9304DE8F50C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: BC733E870B08D65DC287E95B57052A32
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: ED744999C3D94AF02AC2E33816C1636E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CE72B0DEDAAA88469A9343ECAE0D759C
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.operationdisclosure.blogspot.com/ HTTP 301
    https://operationdisclosure.blogspot.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

135
Requests

100 %
HTTPS

32 %
IPv6

47
Domains

66
Subdomains

42
IPs

6
Countries

3020 kB
Transfer

5223 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.operationdisclosure.blogspot.com/ HTTP 301
    https://operationdisclosure.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Request Chain 91
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Request Chain 93
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=7147444780532945270
Request Chain 94
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3665643782 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3665643782 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/270588b4-15bd-4d18-840b-b78670cec5c4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003
Request Chain 96
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 98
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Foperationdisclosure.blogspot.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Foperationdisclosure.blogspot.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&pid=12306&adnxs_uid=2804202733083000841
Request Chain 100
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2&verify=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-C3tQnHNE2uEDZte7t_GWvbr42DTOCLLD~A~UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2
Request Chain 101
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=1c58fb802b5709349d803416
Request Chain 102
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkNGRUNBNEUtNjc1OC00NjE1LTkwN0EtNTUwNjYwNjU4REU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7CF07236-BF0A-43CD-9187-F7B1AC571346 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
Request Chain 103
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0NGMDcyMzYtQkYwQS00M0NELTkxODctRjdCMUFDNTcxMzQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7CF07236-BF0A-43CD-9187-F7B1AC571346 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
Request Chain 104
  • https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
  • https://router.infolinks.com/dyn/bizzc-usync?uid=82a04af04e683ecdc086e65c7fd23f2988adab15f1a8f1a37f75cad42df376be
Request Chain 106
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=1875819618098958344
Request Chain 107
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d070b0b8-8413-11eb-8748-1a377c5d0e06 HTTP 302
  • https://router.infolinks.com/dyn/sx-usync?uid=d070b05f-8413-11eb-8748-1a377c5d0e06
Request Chain 108
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-qlS7131E2uHxo_KJmOKKfOXoskJ_o_ZswwkPFcU-~A
Request Chain 112
  • https://sb.scorecardresearch.com/b?c1=8&c2=6864322&rn=0.29754822710706774&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8 HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.29754822710706774&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs_ak_ss=1
Request Chain 113
  • https://sb.scorecardresearch.com/b?c1=8&c2=6864322&rn=0.4450581640466118&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8 HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.4450581640466118&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs_ak_ss=1
Request Chain 114
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB&dcc=t
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEuBLdYonlM9PIBBiSGMroI&google_cver=1
Request Chain 117
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEzfOmdEZTxuONPUGaWbpwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLYBMsac-sQ_LXqjviLWV8&google_cver=1
Request Chain 119
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 120
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YEzfOwAAAEgVnDoG HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEzfOwAAAEgVnDoG&gdpr=1&_test=YEzfOwAAAEgVnDoG
Request Chain 121
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB

135 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
operationdisclosure.blogspot.com/
Redirect Chain
  • https://www.operationdisclosure.blogspot.com/
  • https://operationdisclosure.blogspot.com/
466 KB
117 KB
Document
General
Full URL
https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ead5a68c71d0568be0e948365bac4a042b61100aa5589fba595006c7769edb08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
operationdisclosure.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-robots-tag
noindex, nofollow
content-type
text/html; charset=UTF-8
expires
Sat, 13 Mar 2021 15:50:17 GMT
date
Sat, 13 Mar 2021 15:50:17 GMT
cache-control
private, max-age=0
last-modified
Fri, 12 Mar 2021 14:20:24 GMT
etag
W/"56e73543f8d2d65140245317c6d051a0342c78dafaebabf2e5258f7e4d6deb73"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
118780
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

x-robots-tag
noindex, nofollow
location
https://operationdisclosure.blogspot.com/
content-type
text/html; charset=UTF-8
content-encoding
gzip
date
Sat, 13 Mar 2021 15:50:17 GMT
expires
Sat, 13 Mar 2021 15:50:17 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self'
x-xss-protection
1; mode=block
content-length
185
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
all.css
use.fontawesome.com/releases/v5.10.0/css/
55 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a94a13d4e9df8dc2bc696a168930cd511f83498136bba3bb0b968d7556f0b807

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2019 15:19:23 GMT
server
NetDNA-cache/2.2
etag
W/"25a0ac5d7d8e48930fe0b6772b7254a8"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
v4-shims.css
use.fontawesome.com/releases/v5.10.0/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.10.0/css/v4-shims.css
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
43c76c55901666edc020c33b12756390a7d723063c0bfe58899776b2db4d85da

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2019 15:19:25 GMT
server
NetDNA-cache/2.2
etag
W/"dbda9a989c9cef25c74b01808983aa5e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 10:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17845
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 10:52:52 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
3.bp.blogspot.com/-TOofzJ8wDIA/Xlds6vzDM-I/AAAAAAAA7LA/RDQX-ZVNFj4EKDo_Fl31iUuJVuUcSgTJQCK4BGAYYCw/s1600/
126 KB
127 KB
Image
General
Full URL
https://3.bp.blogspot.com/-TOofzJ8wDIA/Xlds6vzDM-I/AAAAAAAA7LA/RDQX-ZVNFj4EKDo_Fl31iUuJVuUcSgTJQCK4BGAYYCw/s1600/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f8503eac41e898df9d6079785789ffddc04aeab6c465e4aeaf32a12ec07a059e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:53:51 GMT
x-content-type-options
nosniff
age
3386
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129524
x-xss-protection
0
server
fife
etag
"vecb1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 12 Mar 2021 17:41:11 GMT
infolinks_main.js
resources.infolinks.com/js/
3 KB
2 KB
Script
General
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec2714571f213ca074cf14e728e11fcd9cf440770db868959b12d6a96b56e53

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62f66ac87a63bdb4-AMS
date
Sat, 13 Mar 2021 15:50:17 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 12 Mar 2021 13:14:10 GMT
server
cloudflare
age
9356
etag
W/"b19-5bd56acf5531a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
cf-request-id
08cde111490000bdb496b2a000000001
expires
Sat, 13 Mar 2021 14:14:21 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/
475 B
833 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 14:42:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 19:10:08 GMT
server
sffe
age
263241
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Wed, 17 Mar 2021 14:42:56 GMT
show.js
web.adblade.com/js/ads/async/
18 KB
6 KB
Script
General
Full URL
https://web.adblade.com/js/ads/async/show.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.106.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-106-17.compute-1.amazonaws.com
Software
/
Resource Hash
7c373a7d49be09b3ae11704575813484b235d647c70151fe7862f420093941b3

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
content-type
application/javascript; charset=UTF-8
ODLogo.jpg
3.bp.blogspot.com/-9ixbQ11vJtU/Xldso9ga3_I/AAAAAAAA7K0/KqPrOOoVj9oZS2eNoX8eqqYY690FKfTIgCK4BGAYYCw/s1600/
33 KB
33 KB
Image
General
Full URL
https://3.bp.blogspot.com/-9ixbQ11vJtU/Xldso9ga3_I/AAAAAAAA7K0/KqPrOOoVj9oZS2eNoX8eqqYY690FKfTIgCK4BGAYYCw/s1600/ODLogo.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6308e98c7d1ea77f5a948b9f11f3dcad3e38228f54dd41bfec63e19941f2bb6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="ODLogo.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33445
x-xss-protection
0
server
fife
etag
"vecae"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 07:16:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46eb2c4af3ff749f7243d801a377b76fd92b43879f18b2e9cba36feab1bf9307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49986
x-xss-protection
0
server
cafe
etag
8899953364096147720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Mar 2021 15:50:17 GMT
ads.js
served-by.pixfuture.com/www/delivery/
809 B
1 KB
Script
General
Full URL
https://served-by.pixfuture.com/www/delivery/ads.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
3d30c222300514d48a0b7509f0ae9e042b1faa4f0981a59cf17a237062359d2f

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Mar 2021 15:50:17 GMT
Last-Modified
Tue, 02 Mar 2021 20:36:40 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"603ea1d8-329"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
809
Expires
Mon, 15 Mar 2021 15:50:17 GMT
btn_subscribeCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
3 KB
3 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_subscribeCC_LG.gif
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04933ef9298788901ccc7b429cb4e6d7e3d28b0bd2caf7d8665ee34371342d98
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
11019324
x-cache
HIT, HIT
fastly-io-info
ifsz=3111 idim=147x47 ifmt=gif ofsz=3111 odim=147x47 ofmt=gif
paypal-debug-id
2ab1ad8865674
fastly-stats
io=1
dc
slc-b-origin-www-1.paypal.com
content-length
3111
fastly-io-warning
Failed to shrink image
x-served-by
cache-sjc10026-SJC, cache-hhn4057-HHN
x-timer
S1615650618.683252,VS0,VE0
etag
"i6zNKTaJCWqB6fK8ESBpEI8nHVdGO1o4QfTFHhncDTo"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
138, 7
pixel.gif
www.paypalobjects.com/en_US/i/scr/
42 B
261 B
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
11019332
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
53f9fac256110
fastly-stats
io=1
dc
phx-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10061-SJC, cache-hhn4057-HHN
x-timer
S1615650618.683533,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
220505, 21
show_ads.js
pagead2.googlesyndication.com/pagead/
96 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73f05d625853df780adb89f3be92a5663534df59ccb38140a5c55502c53532ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35003
x-xss-protection
0
server
cafe
etag
13363420060036367097
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 13 Mar 2021 15:50:17 GMT
300x250-full.gif
1.bp.blogspot.com/-a5oa80-2IfM/XbI7iiUGqAI/AAAAAAAA4hE/vbSiqPP4r1o693W_vYqWJne2mJoJCn2YwCK4BGAYYCw/s282/
44 KB
45 KB
Image
General
Full URL
https://1.bp.blogspot.com/-a5oa80-2IfM/XbI7iiUGqAI/AAAAAAAA4hE/vbSiqPP4r1o693W_vYqWJne2mJoJCn2YwCK4BGAYYCw/s282/300x250-full.gif
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4427d43895fd6853835f5dd8dd8525f095dde1f1d3efda5255e0333c23c39583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:27:24 GMT
x-content-type-options
nosniff
age
4973
content-disposition
inline;filename="300x250-full.gif"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45558
x-xss-protection
0
server
fife
etag
"ve212"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Mar 2021 12:49:22 GMT
money-metals-logo.png
www.moneymetals.com/uploads/content/
13 KB
13 KB
Image
General
Full URL
https://www.moneymetals.com/uploads/content/money-metals-logo.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e18b96f51586caaec69072bfada6ed3405e98f8aa3581127aa146cc7282f05
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
126
cf-polished
status=not_needed
vary
User-Agent, Accept-Encoding
content-length
12982
cf-request-id
08cde111730000dfc36495f000000001
last-modified
Mon, 22 Jun 2020 13:42:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
content-type
image/png
expires
Mon, 29 Mar 2021 15:50:17 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
62f66ac8bb7adfc3-FRA
cf-bgj
imgq:85,h2pri
element.js
translate.google.com/translate_a/
4 KB
2 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
89709aa1e47ac6d13de5185b0b00956bfd2d1fee3133956ac5873719501f88df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1874
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/w72-h72-p-k-no-nu/
4 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/w72-h72-p-k-no-nu/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
10b95dfd4abf9aa4574f3cc25dd7d78bf18bfc2f880b3f347eb84812bbbed0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:27:24 GMT
x-content-type-options
nosniff
age
4973
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3747
x-xss-protection
0
server
fife
etag
"v14f51"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 12 Mar 2021 20:28:01 GMT
Trump%252C%2Bbabies%252C%2BCabal.png
1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/w72-h72-p-k-no-nu/
11 KB
11 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/w72-h72-p-k-no-nu/Trump%252C%2Bbabies%252C%2BCabal.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bb02fbc4e13596be769d96fe92b99ed6203ed535f74f5db184b164e2b6276894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:21:57 GMT
x-content-type-options
nosniff
age
5300
content-disposition
inline;filename="Trump, babies, Cabal.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10773
x-xss-protection
0
server
fife
etag
"vf7a0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 06:20:07 GMT
SealedIndictments.jpeg
1.bp.blogspot.com/-NCcaCLCu0GI/X__T48msovI/AAAAAAABQdM/GXS8fMW9RsUL9ZlMCjxg840lcKnFFZb4ACLcBGAsYHQ/w72-h72-p-k-no-nu/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-NCcaCLCu0GI/X__T48msovI/AAAAAAABQdM/GXS8fMW9RsUL9ZlMCjxg840lcKnFFZb4ACLcBGAsYHQ/w72-h72-p-k-no-nu/SealedIndictments.jpeg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
17baab0a1ff591375e4b972fff62a75a2003b125489d99d6215e6b3784ad6f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:27:24 GMT
x-content-type-options
nosniff
age
4973
content-disposition
inline;filename="SealedIndictments.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4955
x-xss-protection
0
server
fife
etag
"v141d4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 12 Mar 2021 20:28:01 GMT
ODLogo.jpg
2.bp.blogspot.com/-n1a9q_pP2eY/XlS3sQz-_tI/AAAAAAAA7Dk/1pgtRnGHVVcaYaaNr5Zligm1PAdOEP50ACK4BGAYYCw/s1600/
33 KB
33 KB
Image
General
Full URL
https://2.bp.blogspot.com/-n1a9q_pP2eY/XlS3sQz-_tI/AAAAAAAA7Dk/1pgtRnGHVVcaYaaNr5Zligm1PAdOEP50ACK4BGAYYCw/s1600/ODLogo.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6308e98c7d1ea77f5a948b9f11f3dcad3e38228f54dd41bfec63e19941f2bb6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:53:51 GMT
x-content-type-options
nosniff
age
3386
content-disposition
inline;filename="ODLogo.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33445
x-xss-protection
0
server
fife
etag
"vec3a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Mar 2021 14:04:09 GMT
partner.jpg
cdn.pixfuture.com/
27 KB
28 KB
Image
General
Full URL
https://cdn.pixfuture.com/partner.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c45d7c5353fa7df485f661f445d788aa21d7bcfed72b98926ad9cc40d19f8c

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 08 Jul 2020 15:21:15 GMT
server
cloudflare
etag
"5f05e46b-6de5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W16bPuif%2B4Tj%2FxG2tVX7W2L9hhw%2By5b8nDCLuDtsNjX5dL8A%2BU8K31CP2ZfaM7ks9Hc7KraXm0i5SYMdvv7mopnAdXOR%2Fzt8d30YCtrKCWNYUdfRGf%2FclcI3K4I3xw%3D%3D"}]}
content-type
image/jpeg
cache-control
max-age=172800, public, no-transform
accept-ranges
bytes
cf-ray
62f66ac82bb41f31-FRA
content-length
28133
cf-request-id
08cde1111d00001f31d8201000000001
expires
Mon, 15 Mar 2021 15:50:17 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
844 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3637167419883799962&zx=b47abfb8-3d90-4398-985f-0665816e42df
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 13 Mar 2021 15:50:17 GMT
server
GSE
date
Sat, 13 Mar 2021 15:50:17 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
J4fsSC.jpg
2.bp.blogspot.com/-Y6ovafmsZ1w/XlU7cxFLxZI/AAAAAAAA7E4/JtPFtkuA6c8NwFvz84-dodxgxYBv7aTwACK4BGAYYCw/s0/
795 KB
796 KB
Image
General
Full URL
https://2.bp.blogspot.com/-Y6ovafmsZ1w/XlU7cxFLxZI/AAAAAAAA7E4/JtPFtkuA6c8NwFvz84-dodxgxYBv7aTwACK4BGAYYCw/s0/J4fsSC.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2fb75017076ab25d6a80241be200825f3740604c2b8689adadb599b5012bd7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:53:51 GMT
x-content-type-options
nosniff
age
3386
content-disposition
inline;filename="J4fsSC.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
814297
x-xss-protection
0
server
fife
etag
"vec4f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 12 Mar 2021 21:50:28 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.10.0/webfonts/
74 KB
74 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8

Request headers

Origin
https://operationdisclosure.blogspot.com
Referer
https://use.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
last-modified
Mon, 29 Jul 2019 15:20:18 GMT
server
NetDNA-cache/2.2
etag
"60ce8cf4dd9fe177abdfeda21e20798e"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
75392
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v20/
35 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://operationdisclosure.blogspot.com
Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 21:46:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65041
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20742
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 21:46:16 GMT
cookienotice.js
operationdisclosure.blogspot.com/js/
6 KB
2 KB
Script
General
Full URL
https://operationdisclosure.blogspot.com/js/cookienotice.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 16:09:18 GMT
server
sffe
age
421871
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
expires
Mon, 15 Mar 2021 18:39:06 GMT
981256326-widgets.js
www.blogger.com/static/v1/widgets/
143 KB
52 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/981256326-widgets.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ae73c00f1bc9e476f0ce687b3ee029bcb94529b542f0ee0a6d8a2242639e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 01:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 00:13:48 GMT
server
sffe
age
396947
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53138
x-xss-protection
0
expires
Wed, 09 Mar 2022 01:34:30 GMT
ice.js
resources.infolinks.com/js/1739.003-3.012/
587 KB
188 KB
Script
General
Full URL
https://resources.infolinks.com/js/1739.003-3.012/ice.js
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e539ca0a2534c7bef21ec6b3fd67d87edfb8ef96b5564be9d88f84cbf22963

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62f66ac8eaa7bdb4-AMS
date
Sat, 13 Mar 2021 15:50:17 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 17:54:06 GMT
server
cloudflare
age
2003
etag
W/"92b3b-5bd325a6ca9aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
cf-request-id
08cde111960000bdb4ad1f0000000001
expires
Mon, 12 Apr 2021 15:16:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v20/
35 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://operationdisclosure.blogspot.com
Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87137
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20796
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:59 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 15:38:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/
225 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86491
x-xss-protection
0
server
cafe
etag
16470564300944896599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Mar 2021 15:50:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 2DB4
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210309/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://operationdisclosure.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://operationdisclosure.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 12 Mar 2021 22:56:49 GMT
expires
Fri, 26 Mar 2021 22:56:49 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
60808
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
authorization.css
www.blogger.com/dyn-css/
1 B
92 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3637167419883799962&zx=b47abfb8-3d90-4398-985f-0665816e42df
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 13 Mar 2021 15:50:18 GMT
server
GSE
date
Sat, 13 Mar 2021 15:50:18 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
3 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:43:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
434
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 13 Mar 2021 16:43:03 GMT
main.js
translate.googleapis.com/translate_static/js/element/
4 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1673
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 22:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 13 Mar 2021 16:48:52 GMT
cookie.js
partner.googleadservices.com/gampad/
202 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=operationdisclosure.blogspot.com&callback=_gfp_s_&client=ca-pub-5319788988574599
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d41b6f70c39f097e58dac77db70b978a0c45ce596c4776cd7dc26f4fdc9676e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=operationdisclosure.blogspot.com&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=operationdisclosure.blogspot.com&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3F44
405 B
506 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&h=90&slotname=8846898431&adk=2308170064&adf=1374397383&pi=t.ma~as.8846898431&w=728&lmt=1615558824&psa=0&format=728x90&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&flash=0&wgl=1&dt=1615650617741&bpp=21&bdt=401&idt=125&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2796943952801&frm=20&pv=2&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfvib665yZ&p=https%3A//operationdisclosure.blogspot.com&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35e2fc03a8c2d165884068c91d5ca093aac09ee4bbae41a1a6d37e7462d64a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&h=90&slotname=8846898431&adk=2308170064&adf=1374397383&pi=t.ma~as.8846898431&w=728&lmt=1615558824&psa=0&format=728x90&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&flash=0&wgl=1&dt=1615650617741&bpp=21&bdt=401&idt=125&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2796943952801&frm=20&pv=2&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=270&ady=445&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bfvib665yZ&p=https%3A//operationdisclosure.blogspot.com&dtd=247
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://operationdisclosure.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://operationdisclosure.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Mar 2021 15:50:18 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 13-Mar-2021 16:05:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615552002806803"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28222
x-xss-protection
0
expires
Sat, 13 Mar 2021 15:50:18 GMT
default
operationdisclosure.blogspot.com/feeds/posts/
151 KB
33 KB
XHR
General
Full URL
https://operationdisclosure.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=14&start-index=1&callback=jQuery11240890218037578026_1615650617544&_=1615650617545
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
15a01fe0e4868796fce1d53f9c36e302b3c5924ccae5fb9ba0a402f0b5d9e6f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://operationdisclosure.blogspot.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 14:20:24 GMT
server
blogger-renderd
etag
W/"243f8f652a82e02c1e9f615cb8d276101194c1e31f1da05f1e8be2fc0fa42db8"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
vary
Accept-Encoding
content-length
33501
x-xss-protection
0
expires
Sat, 13 Mar 2021 15:50:19 GMT
fa-regular-400.woff2
use.fontawesome.com/releases/v5.10.0/webfonts/
13 KB
14 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.10.0/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a2460c0e122c3d45c9edb07730c80674f317ddba364c37af3775b19bc79fb223

Request headers

Origin
https://operationdisclosure.blogspot.com
Referer
https://use.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
last-modified
Mon, 29 Jul 2019 15:20:06 GMT
server
NetDNA-cache/2.2
etag
"d90e1b03a9168c0d775a52098423adfb"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
13584
SealedIndictments.jpeg
1.bp.blogspot.com/-NCcaCLCu0GI/X__T48msovI/AAAAAAABQdM/GXS8fMW9RsUL9ZlMCjxg840lcKnFFZb4ACLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-NCcaCLCu0GI/X__T48msovI/AAAAAAABQdM/GXS8fMW9RsUL9ZlMCjxg840lcKnFFZb4ACLcBGAsYHQ/s86/SealedIndictments.jpeg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df1d403bd0a5a7d3a2550eecd0eab4b52acc9b90da9806f06eb6b7252d089c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:27:26 GMT
x-content-type-options
nosniff
age
4972
content-disposition
inline;filename="SealedIndictments.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5090
x-xss-protection
0
server
fife
etag
"v141d4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 12 Mar 2021 20:28:01 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/s86/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:27:26 GMT
x-content-type-options
nosniff
age
4972
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4723
x-xss-protection
0
server
fife
etag
"v14f51"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 12 Mar 2021 20:28:01 GMT
Trump%252C%2Bbabies%252C%2BCabal.png
1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/s86/
14 KB
15 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/s86/Trump%252C%2Bbabies%252C%2BCabal.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
34f84cae6040b31abd09aa5212031b3bccbeb73cd9c53e37f6baaf337021ced5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:27:26 GMT
x-content-type-options
nosniff
age
4972
content-disposition
inline;filename="Trump, babies, Cabal.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14844
x-xss-protection
0
server
fife
etag
"vf7a0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 09:56:20 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D0CA
405 B
455 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&h=600&slotname=2517961328&adk=353217535&adf=1317264876&pi=t.ma~as.2517961328&w=300&lmt=1615558824&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&dt=1615650617792&bpp=12&bdt=452&idt=293&shv=r20210309&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90&correlator=2796943952801&frm=20&pv=1&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1050&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=93O2jnkmax&p=https%3A//operationdisclosure.blogspot.com&dtd=307
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92bd3e957c1ecbecc5c2723bcb0e9e1a412252f14ce8fb4bcc8c2f29473491f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&h=600&slotname=2517961328&adk=353217535&adf=1317264876&pi=t.ma~as.2517961328&w=300&lmt=1615558824&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&wgl=1&dt=1615650617792&bpp=12&bdt=452&idt=293&shv=r20210309&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=728x90&correlator=2796943952801&frm=20&pv=1&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1050&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=93O2jnkmax&p=https%3A//operationdisclosure.blogspot.com&dtd=307
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://operationdisclosure.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://operationdisclosure.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Mar 2021 15:50:18 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
IDE=AHWqTUnn1aeAqfgMA12mpJZrUWLSPoaxjGeYEbeUEQilBwSCXxKZyvNudk8_io5clSs; expires=Thu, 07-Apr-2022 15:50:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
element_main.js
translate.googleapis.com/element/TE_20210224_00/e/js/element/
250 KB
90 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91310
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 18:08:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Mar 2022 15:43:03 GMT
pbice.js
resources.infolinks.com/js/pbice/3.012/
253 KB
80 KB
Script
General
Full URL
https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
62f66acb9ba5bdb4-AMS
date
Sat, 13 Mar 2021 15:50:18 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 25 Feb 2021 13:31:34 GMT
server
cloudflare
age
13219
etag
W/"3f394-5bc292b988e82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
cf-request-id
08cde113410000bdb4b7bd0000000001
expires
Mon, 12 Apr 2021 12:09:59 GMT
manage
router.infolinks.com/usync/ Frame 577E
9 KB
2 KB
Document
General
Full URL
https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a01cb06b4e7b7684b87eaa2f0f07eff64039589b4dfd8df5f657628a205ef0d

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/usync/manage?pid=3241463&wsid=4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://operationdisclosure.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://operationdisclosure.blogspot.com/

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d9b72ee5ce3aa29b37ec5b8f8bde4a86b1615650618; expires=Mon, 12-Apr-21 15:50:18 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08cde113600000bdb4b03dd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62f66acbcbc4bdb4-AMS
content-encoding
gzip
lcmanage
router.infolinks.com/usync/
0
78 B
Script
General
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3241463&wsid=4
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
62f66acbdbc7bdb4-AMS
content-length
0
cf-request-id
08cde113650000bdb4aa864000000001
gen_204
pagead2.googlesyndication.com/pagead/
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&tn=A&cls=scroll-up%20shad&ign=false
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
88 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 94F0
8 KB
898 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&adk=1812271804&adf=3025194257&lmt=1615558824&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615650617848&bpp=2&bdt=507&idt=343&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2517961328&nras=1&correlator=2796943952801&frm=20&pv=1&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
662993ecccdd6d8997a172aa060faf19ca920824d5b4188793b28d1154c4586a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-5319788988574599&output=html&adk=1812271804&adf=3025194257&lmt=1615558824&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615650617848&bpp=2&bdt=507&idt=343&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2517961328&nras=1&correlator=2796943952801&frm=20&pv=1&ga_vid=1339388997.1615650618&ga_sid=1615650618&ga_hid=1910512262&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C21068084%2C31060305%2C21069711&oid=3&pvsid=1880883257218063&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=349
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://operationdisclosure.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnn1aeAqfgMA12mpJZrUWLSPoaxjGeYEbeUEQilBwSCXxKZyvNudk8_io5clSs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://operationdisclosure.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 13 Mar 2021 15:50:18 GMT
server
cafe
content-length
869
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hb_v2.js
cdn.pixfuture.com/
37 KB
8 KB
Script
General
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30568aee2fba4e71840c0f3993d359f0284b1c41b474652d0e2a7ade195cf80b

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 10 Mar 2021 16:11:45 GMT
server
cloudflare
etag
W/"6048efc1-94f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V2%2F9ag1cRpgW9Dxrum8SwcWplGHrkA%2FXLCwZGwtSU%2Bqzl3iAZQ0zBDfrAbqnUSo60qKUI%2BvsCYRMO2ynEzcCZcZJRlzpJOCFQsNadsvWlLwYOTXSQLXOKsCmEepVlQ%3D%3D"}]}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62f66acbc8d51f31-FRA
cf-request-id
08cde1135f00001f319fa22000000001
expires
Mon, 15 Mar 2021 15:50:18 GMT
impsc.php
web.adblade.com/
7 KB
2 KB
Script
General
Full URL
https://web.adblade.com/impsc.php?cid=24082-2189076583&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&rnd=1615650618207&output=html&callback=callback_json_adblade254248004
Requested by
Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.106.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-106-17.compute-1.amazonaws.com
Software
/
Resource Hash
358afcad7287d452a0cb2106a7bbb48d7effb1adfce1fcdf5ff9216767309a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor
Adiant LLC | Adiant | http://www.adiant.com
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
SealedIndictments.jpeg
1.bp.blogspot.com/-NCcaCLCu0GI/X__T48msovI/AAAAAAABQdM/GXS8fMW9RsUL9ZlMCjxg840lcKnFFZb4ACLcBGAsYHQ/w260/
46 KB
46 KB
Image
General
Full URL
https://1.bp.blogspot.com/-NCcaCLCu0GI/X__T48msovI/AAAAAAABQdM/GXS8fMW9RsUL9ZlMCjxg840lcKnFFZb4ACLcBGAsYHQ/w260/SealedIndictments.jpeg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a22959e6a40516ed88e6891d525b0e21cff9829753f4bf318f197a3c0f18e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:53:53 GMT
x-content-type-options
nosniff
age
3385
content-disposition
inline;filename="SealedIndictments.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47193
x-xss-protection
0
server
fife
etag
"v141d4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 05:48:10 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/w260/
28 KB
28 KB
Image
General
Full URL
https://1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/w260/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e6e889a3c3a4f7cf70760a578693bb70961e47d1e9680dfbc9a828ee294a5a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:53:53 GMT
x-content-type-options
nosniff
age
3385
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28607
x-xss-protection
0
server
fife
etag
"v14f51"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 05:48:10 GMT
Trump%252C%2Bbabies%252C%2BCabal.png
1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/w260/
101 KB
101 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/w260/Trump%252C%2Bbabies%252C%2BCabal.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02dc318edac42c59dfba5736912f09ee3c47b4246b5893085f7b108ac178ce68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 14:53:53 GMT
x-content-type-options
nosniff
age
3385
content-disposition
inline;filename="Trump, babies, Cabal.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103781
x-xss-protection
0
server
fife
etag
"vf7a0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 05:48:10 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
914 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 13:26:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
95019
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Sat, 12 Mar 2022 13:26:39 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:42:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
238074
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
expires
Thu, 10 Mar 2022 21:42:24 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 15:56:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
258833
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Thu, 10 Mar 2022 15:56:25 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-9mWKLUIX6z4/YDdOw8pCwqI/AAAAAAABT0o/y27rA7VbeZoWRyNUXLkm24Bw4VQG5wKLgCLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-9mWKLUIX6z4/YDdOw8pCwqI/AAAAAAABT0o/y27rA7VbeZoWRyNUXLkm24Bw4VQG5wKLgCLcBGAsYHQ/s86/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f4b"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4723
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
rs=w:1280
img1.wsimg.com/isteam/ip/d656068e-8a95-425e-82ba-6245f9916ca7/tigerwoods.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/
26 KB
26 KB
Image
General
Full URL
https://img1.wsimg.com/isteam/ip/d656068e-8a95-425e-82ba-6245f9916ca7/tigerwoods.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:1280
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d48dacafefbe661dcbac0d7958c0e4beddc2cb2c7b13d0d221c4568eadc12255

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-version
0.4.3+sha-a6b9e38
date
Sat, 13 Mar 2021 15:50:18 GMT
access-control-request-method
GET
etag
770891217
x-height
449
access-control-max-age
864000
x-width
800
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-track-origin-referer
https://operationdisclosure.blogspot.com/
timing-allow-origin
*
content-length
26464
expires
Sun, 13 Mar 2022 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-Kero9ecqEfg/YDc_cuk_RtI/AAAAAAABT0g/4JfhJfdvu8YvY9jhHSio14HlZ_lAf92BgCLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Kero9ecqEfg/YDc_cuk_RtI/AAAAAAABT0g/4JfhJfdvu8YvY9jhHSio14HlZ_lAf92BgCLcBGAsYHQ/s86/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f49"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4723
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
unnamed%2B%25281%2529.jpg
1.bp.blogspot.com/-bjf8xEK5Cd4/YDc-dYunySI/AAAAAAABT0Y/-Ost16xeyvUg80D2aB5KXZXVhg4lCIkWgCLcBGAsYHQ/s86/
4 KB
4 KB
Image
General
Full URL
https://1.bp.blogspot.com/-bjf8xEK5Cd4/YDc-dYunySI/AAAAAAABT0Y/-Ost16xeyvUg80D2aB5KXZXVhg4lCIkWgCLcBGAsYHQ/s86/unnamed%2B%25281%2529.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
546561bbde95e76b24c1694df24987f2dd5006da0c1aebb0cad26503c91e3a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f47"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed (1).jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3650
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
unnamed.jpg
1.bp.blogspot.com/-hq63HFmXKK0/YDc6Yth4w-I/AAAAAAABT0Q/4UBcZm_USSUqHn-Cit-gIqzrslWJaur5ACLcBGAsYHQ/s86/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-hq63HFmXKK0/YDc6Yth4w-I/AAAAAAABT0Q/4UBcZm_USSUqHn-Cit-gIqzrslWJaur5ACLcBGAsYHQ/s86/unnamed.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e067363e35125aa52369118713f3a05c66b0217d9622d270286ae8605edaad37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:13:28 GMT
x-content-type-options
nosniff
age
2210
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3126
x-xss-protection
0
server
fife
etag
"v14f45"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 15:13:28 GMT
pexels-pixabay-47090.jpg
1.bp.blogspot.com/-Cn-hJSh04nE/YDc4v8vz4KI/AAAAAAABT0E/Ud1cItdVZs0AalonNkvzyI8GkESgHn_9gCLcBGAsYHQ/s86/
3 KB
3 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Cn-hJSh04nE/YDc4v8vz4KI/AAAAAAABT0E/Ud1cItdVZs0AalonNkvzyI8GkESgHn_9gCLcBGAsYHQ/s86/pexels-pixabay-47090.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ae45c4fbc59cdd6049926666731ecf61bb039fbb20883f57abdd691de7eba943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f43"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pexels-pixabay-47090.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2816
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-B6GSaUy3AeE/YDc4pQ0xhFI/AAAAAAABT0A/2EcpLL4i4VoVsrfmkUZ__evGnCE5zJ4nACLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-B6GSaUy3AeE/YDc4pQ0xhFI/AAAAAAABT0A/2EcpLL4i4VoVsrfmkUZ__evGnCE5zJ4nACLcBGAsYHQ/s86/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f42"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4723
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-NgyhsTZ5pyk/YDcfXqND_pI/AAAAAAABTzA/Pp1WTuqGJjUhpAxMBltWlOzI4_ztlQWtACLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-NgyhsTZ5pyk/YDcfXqND_pI/AAAAAAABTzA/Pp1WTuqGJjUhpAxMBltWlOzI4_ztlQWtACLcBGAsYHQ/s86/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f31"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4723
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-Pbv1MKEydwc/YDcYj-6KwTI/AAAAAAABTy4/ejhBOFvRMe0wcx17LjufdRJM6dWaqQVoQCLcBGAsYHQ/s86/
5 KB
5 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Pbv1MKEydwc/YDcYj-6KwTI/AAAAAAABTy4/ejhBOFvRMe0wcx17LjufdRJM6dWaqQVoQCLcBGAsYHQ/s86/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f2f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4723
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
caravan-of-camels.jpg
i1.wp.com/www.starshipearththebigpicture.com/wp-content/uploads/2019/04/
87 B
87 B
Image
General
Full URL
https://i1.wp.com/www.starshipearththebigpicture.com/wp-content/uploads/2019/04/caravan-of-camels.jpg?resize=615%2C410
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
EXPIRED hhn 3
date
Sat, 13 Mar 2021 15:50:18 GMT
server
nginx
content-type
text/html; charset=utf-8
dN4gb.oq1b.1.jpg
i.rmbl.ws/s8/6/d/N/4/g/
16 KB
16 KB
Image
General
Full URL
https://i.rmbl.ws/s8/6/d/N/4/g/dN4gb.oq1b.1.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (wmi/FEC0) /
Resource Hash
1f118e9895c9a52f1502be1654de6fc351d5fce90495c48dce62692c9e17c7b1

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
last-modified
Thu, 12 Nov 2020 19:25:45 GMT
server
ECAcc (wmi/FEC0)
age
153382
etag
"315894011"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15942
expires
Sun, 13 Mar 2022 15:50:18 GMT
j9VpR9pPxr0b6oS7eH4st8TG_small.jpg
static-3.bitchute.com/live/channel_images/n78PbEkvWx2g/
12 KB
12 KB
Image
General
Full URL
https://static-3.bitchute.com/live/channel_images/n78PbEkvWx2g/j9VpR9pPxr0b6oS7eH4st8TG_small.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
bbe230b404bd9a866f6a1dd3c85239be14cfd744f169f2fcffaa82c47da2bcc6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
cdn-edgestorageid
632
x-amz-request-id
tx000000000000014dcd652-005eb142c5-3518e03-nyc3a
cdn-cachedat
2020-05-05 12:41:10
cdn-pullzone
89010
content-length
11942
last-modified
Fri, 02 Mar 2018 16:10:35 GMT
server
BunnyCDN-DE1-632
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
cache-control
public, max-age=31919000
cdn-requestid
6c801af4b7ed28c7ef5cc4d2266e5117
accept-ranges
bytes
cdn-requestcountrycode
PL
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/w275/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-SR-mmBR8vDE/YDfEDw8mmoI/AAAAAAABT1A/AzNB0FwUCeEuSxPv72kfbDpltbe5-Ln6ACLcBGAsYHQ/w275/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f51"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30851
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Trump%252C%2Bbabies%252C%2BCabal.png
1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/w275/
112 KB
112 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Is2B1lEGrAI/Xqn5wTG0GLI/AAAAAAAA954/4FoUgkbToDgr0719wZkUsR9K1Wg0SHAfACLcBGAsYHQ/w275/Trump%252C%2Bbabies%252C%2BCabal.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a20f17a5b30651083733f05e5d260cb8f3579466385945d1876c154f1f42780b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:40:43 GMT
x-content-type-options
nosniff
age
575
content-disposition
inline;filename="Trump, babies, Cabal.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114289
x-xss-protection
0
server
fife
etag
"vf7a0"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Mar 2021 15:40:43 GMT
unnamed.jpg
1.bp.blogspot.com/-hq63HFmXKK0/YDc6Yth4w-I/AAAAAAABT0Q/4UBcZm_USSUqHn-Cit-gIqzrslWJaur5ACLcBGAsYHQ/w275/
16 KB
16 KB
Image
General
Full URL
https://1.bp.blogspot.com/-hq63HFmXKK0/YDc6Yth4w-I/AAAAAAABT0Q/4UBcZm_USSUqHn-Cit-gIqzrslWJaur5ACLcBGAsYHQ/w275/unnamed.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
55c75d7cdfec7db1845ac3b02eef8300ff24ff7c50fbab917754dd34487b30b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f45"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16504
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-9mWKLUIX6z4/YDdOw8pCwqI/AAAAAAABT0o/y27rA7VbeZoWRyNUXLkm24Bw4VQG5wKLgCLcBGAsYHQ/w275/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-9mWKLUIX6z4/YDdOw8pCwqI/AAAAAAABT0o/y27rA7VbeZoWRyNUXLkm24Bw4VQG5wKLgCLcBGAsYHQ/w275/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f4b"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30851
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-Kero9ecqEfg/YDc_cuk_RtI/AAAAAAABT0g/4JfhJfdvu8YvY9jhHSio14HlZ_lAf92BgCLcBGAsYHQ/w275/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Kero9ecqEfg/YDc_cuk_RtI/AAAAAAABT0g/4JfhJfdvu8YvY9jhHSio14HlZ_lAf92BgCLcBGAsYHQ/w275/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f49"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30851
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-Pbv1MKEydwc/YDcYj-6KwTI/AAAAAAABTy4/ejhBOFvRMe0wcx17LjufdRJM6dWaqQVoQCLcBGAsYHQ/w275/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Pbv1MKEydwc/YDcYj-6KwTI/AAAAAAABTy4/ejhBOFvRMe0wcx17LjufdRJM6dWaqQVoQCLcBGAsYHQ/w275/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f2f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30851
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
pbix.js
cdn.pixfuture.com/
363 KB
114 KB
Script
General
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7aea6e614acb9166508ed9172b92f4c754a16584e73627328977cacdb14211

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 01 Mar 2021 19:36:01 GMT
server
cloudflare
etag
W/"603d4221-5aada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ciNfdJrd3%2BJ90p9kzc1OfPkGOmGmPzK0ubi2%2BraXCGZiBCowrqDB19W3NzI7T1DVJtiiHTO3j6zykSElIfERmwbgynfW3qRlfWfXTv%2BsLGEcAOcZsTHC1vYp0TIZ2g%3D%3D"}]}
content-type
application/javascript
cache-control
max-age=172800, public, no-transform
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62f66acd1a721f31-FRA
cf-request-id
08cde1142b00001f318c33a000000001
expires
Mon, 15 Mar 2021 15:50:18 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/
0
594 B
XHR
General
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24910x728x90x4223x_ADSLOT1&keywords=operation,disclosure&refUrl=&refresh=false&innerWidth=1600&jscookie=logglytrackingsession=ec37142a-c897-4207-867d-d81736dda178
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800, public, no-transform
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 15 Mar 2021 15:50:18 GMT
pexels-pixabay-47090.jpg
1.bp.blogspot.com/-Cn-hJSh04nE/YDc4v8vz4KI/AAAAAAABT0E/Ud1cItdVZs0AalonNkvzyI8GkESgHn_9gCLcBGAsYHQ/w275/
12 KB
12 KB
Image
General
Full URL
https://1.bp.blogspot.com/-Cn-hJSh04nE/YDc4v8vz4KI/AAAAAAABT0E/Ud1cItdVZs0AalonNkvzyI8GkESgHn_9gCLcBGAsYHQ/w275/pexels-pixabay-47090.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
36af81a87835f14c9b9706ed6687f337f04d02da20dc52c1ff1a1eeb1e042707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f43"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pexels-pixabay-47090.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12668
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-B6GSaUy3AeE/YDc4pQ0xhFI/AAAAAAABT0A/2EcpLL4i4VoVsrfmkUZ__evGnCE5zJ4nACLcBGAsYHQ/w275/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-B6GSaUy3AeE/YDc4pQ0xhFI/AAAAAAABT0A/2EcpLL4i4VoVsrfmkUZ__evGnCE5zJ4nACLcBGAsYHQ/w275/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f42"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30851
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
1.bp.blogspot.com/-NgyhsTZ5pyk/YDcfXqND_pI/AAAAAAABTzA/Pp1WTuqGJjUhpAxMBltWlOzI4_ztlQWtACLcBGAsYHQ/w275/
30 KB
30 KB
Image
General
Full URL
https://1.bp.blogspot.com/-NgyhsTZ5pyk/YDcfXqND_pI/AAAAAAABTzA/Pp1WTuqGJjUhpAxMBltWlOzI4_ztlQWtACLcBGAsYHQ/w275/Schermafbeelding%2B2016-08-22%2Bom%2B11.41.35.png
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f31"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Schermafbeelding 2016-08-22 om 11.41.35.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30851
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
unnamed%2B%25281%2529.jpg
1.bp.blogspot.com/-bjf8xEK5Cd4/YDc-dYunySI/AAAAAAABT0Y/-Ost16xeyvUg80D2aB5KXZXVhg4lCIkWgCLcBGAsYHQ/w281/
15 KB
15 KB
Image
General
Full URL
https://1.bp.blogspot.com/-bjf8xEK5Cd4/YDc-dYunySI/AAAAAAABT0Y/-Ost16xeyvUg80D2aB5KXZXVhg4lCIkWgCLcBGAsYHQ/w281/unnamed%2B%25281%2529.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1e91ef2573a6331b5267f0fd57d0bdccbe75ecefc2054d665c8d4b2385215e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f47"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed (1).jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15615
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
l
translate.googleapis.com/translate_a/ Frame 3D1E
3 KB
1 KB
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Eaepy1507DbpleK2H73kPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-Eaepy1507DbpleK2H73kPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
zone9457.css
static-cdn.adblade.com/css/zones/
42 KB
3 KB
Stylesheet
General
Full URL
https://static-cdn.adblade.com/css/zones/zone9457.css
Requested by
Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ffc8ba94d2fcf27cbfd84366dbd2c9df3da8d6d2deaf885b1bef97ee178e76c

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XJAo65zjqOZUi2Nq4HUZqRHhbtzWNJrZ
content-encoding
gzip
last-modified
Fri, 28 Aug 2020 11:21:01 GMT
server
AmazonS3
age
51399
etag
W/"a9bba50b066f704ad2bb315685b18a91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 13 Mar 2021 01:33:40 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
4-fIZ9cQ-mVrzndwBq8xhaAvlCB-Di4zg6IyNUUlxYdtUO5eEy6P0w==
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
etag
"/D8P7qgiWm3WmfjhiS2eTg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 20 Mar 2021 15:50:18 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
989 B
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js?c1=8&c2=6864322&c3=&c4=&c5=&c6=&c10=&c15=
Requested by
Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a912a359eb38d55b522d75540bbed1e86ce89a963662ea5a6ed8f6a664b60812

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Mar 2021 15:50:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
708
Expires
Sun, 14 Mar 2021 15:50:18 GMT
impsc.php
web.adblade.com/
7 KB
2 KB
Script
General
Full URL
https://web.adblade.com/impsc.php?cid=24082-2189076583&url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&rnd=1615650618207&output=html&callback=callback_json_adblade750617405
Requested by
Host: web.adblade.com
URL: https://web.adblade.com/js/ads/async/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.106.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-106-17.compute-1.amazonaws.com
Software
/
Resource Hash
e889ed439ef85f60a34f4dbb4abf8cb2e3d65b25142e9be09f7204faceb8c874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="http://www.adblade.com/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-vendor
Adiant LLC | Adiant | http://www.adiant.com
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame E43A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://router.infolinks.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Mar 2021 15:50:18 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date
Sat, 13 Mar 2021 15:50:18 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
de.tynt.com/deb/ Frame B677
75 B
289 B
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://router.infolinks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Sun, 14 Mar 2021 15:50:18 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Sat, 13 Mar 2021 15:50:18 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BC73
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-189-33.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
96dfbefc4fc4c8fca977d84828501d8e0600c2efe9118e84e5d0b337cbb52774

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://router.infolinks.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YEzfOmdEZTxuONPUGaWbpwAA; CMPS=1155
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|190|105|88|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1764
Expires
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Connection
keep-alive
Set-Cookie
CMID=YEzfOmdEZTxuONPUGaWbpwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Mar 2022 15:50:18 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 15:50:18 GMT CMPRO=1211;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 15:50:18 GMT CMRUM3=ce604cdf3a05a00&58604cdf3a05a0&69604cdf3a05a0&e6604cdf3a27600&f1604cdf3a05a00&27604cdf3a0b40&2d604cdf3a05a0&be604cdf3a05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Mar 2022 15:50:18 GMT CMST=YEzfOmBM3zoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Mar 2021 15:50:18 GMT

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Connection
keep-alive
Set-Cookie
CMID=YEzfOmdEZTxuONPUGaWbpwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 13 Mar 2022 15:50:18 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 15:50:18 GMT
/
onetag-sys.com/usync/ Frame ED74
2 KB
818 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=598ce3ddaee8c90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://router.infolinks.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
apn-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=7147444780532945270
35 B
388 B
Image
General
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=7147444780532945270
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66acf0d7abdb4-AMS
content-length
35
cf-request-id
08cde115770000bdb49caa1000000001
expires
Fri, 13 Mar 2020 14:50:18 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid
bafaf42d-238e-4c8d-a538-ff502e99d86c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=7147444780532945270
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
r1-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3665643782
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3665643782
  • https://sync.1rx.io/usersync/tradedesk/270588b4-15bd-4d18-840b-b78670cec5c4
  • https://sync.targeting.unrulymedia.com/csync/RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003
35 B
249 B
Image
General
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad39fb2bdb4-AMS
content-length
35
cf-request-id
08cde118440000bdb4a5893000000001
expires
Fri, 13 Mar 2020 14:50:19 GMT

Redirect headers

Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Tengine
ETag
RX8daa678bce9a4127bc2456f8b6f9f680003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/r1-usync?uid=RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003
Connection
keep-alive
Content-Type
text/html
/
ssc-cms.33across.com/ps/ Frame 577E
0
72 B
Image
General
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip171.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status
2000208
date
Sat, 13 Mar 2021 15:50:17 GMT
server
33XP004
zmn-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
314 B
Image
General
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad0be33bdb4-AMS
content-length
35
cf-request-id
08cde116710000bdb4a4346000000001
expires
Fri, 13 Mar 2020 14:50:19 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 577E
0
474 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 577E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Foperationdisclosure.blogspot.com%252F&pid=12306&adnxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Foperationdisclosure.blogspot.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&pid=12306&adnxs_uid=2804202733083000841
95 B
945 B
Image
General
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&pid=12306&adnxs_uid=2804202733083000841
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.137.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-137-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sat, 13 Mar 2021 15:50:18 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sat, 13 Mar 2021 15:50:18 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid
9626b816-3b79-438f-85c8-589d17ca939f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&pid=12306&adnxs_uid=2804202733083000841
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 577E
42 B
233 B
Image
General
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
outh-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2&verify=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-C3tQnHNE2uEDZte7t_GWvbr42DTOCLLD~A~UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2
35 B
261 B
Image
General
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-C3tQnHNE2uEDZte7t_GWvbr42DTOCLLD~A~UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad0be38bdb4-AMS
content-length
35
cf-request-id
08cde116740000bdb49caaa000000001
expires
Fri, 13 Mar 2020 14:50:19 GMT

Redirect headers

Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/outh-usync?uid=y-C3tQnHNE2uEDZte7t_GWvbr42DTOCLLD~A~UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=1c58fb802b5709349d803416
35 B
220 B
Image
General
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=1c58fb802b5709349d803416
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66acf3d88bdb4-AMS
content-length
35
cf-request-id
08cde115830000bdb4b6840000000001
expires
Fri, 13 Mar 2020 14:50:18 GMT

Redirect headers

Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
nginx
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=1c58fb802b5709349d803416
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pbm-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkNGRUNBNEUtNjc1OC00NjE1LTkwN0EtNTUwNjYwNjU4REU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7CF07236-BF0A-43CD-9187-F7B1AC571346
  • https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
0
66 B
Image
General
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
62f66ada4af1bdb4-AMS
content-length
0
cf-request-id
08cde11c6b0000bdb4bcad8000000001
expires
Fri, 13 Mar 2020 14:50:20 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
Date
Sat, 13 Mar 2021 15:50:20 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
403
Content-Type
text/html; charset=iso-8859-1
pbm-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0NGMDcyMzYtQkYwQS00M0NELTkxODctRjdCMUFDNTcxMzQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D7CF07236-BF0A-43CD-9187-F7B1AC571346
  • https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
0
213 B
Image
General
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
62f66ada4af0bdb4-AMS
content-length
0
cf-request-id
08cde11c6b0000bdb4a19bd000000001
expires
Fri, 13 Mar 2020 14:50:20 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/pbm-usync?uid=7CF07236-BF0A-43CD-9187-F7B1AC571346
Date
Sat, 13 Mar 2021 15:50:19 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
403
Content-Type
text/html; charset=iso-8859-1
bizzc-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
  • https://router.infolinks.com/dyn/bizzc-usync?uid=82a04af04e683ecdc086e65c7fd23f2988adab15f1a8f1a37f75cad42df376be
35 B
276 B
Image
General
Full URL
https://router.infolinks.com/dyn/bizzc-usync?uid=82a04af04e683ecdc086e65c7fd23f2988adab15f1a8f1a37f75cad42df376be
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad3dfd3bdb4-AMS
content-length
35
cf-request-id
08cde1186c0000bdb494a96000000001
expires
Fri, 13 Mar 2020 14:50:19 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://router.infolinks.com/dyn/bizzc-usync?uid=82a04af04e683ecdc086e65c7fd23f2988adab15f1a8f1a37f75cad42df376be
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
iq-usync
router.infolinks.com/dyn/ Frame 577E
0
191 B
Image
General
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
62f66ad03e00bdb4-AMS
content-length
0
cf-request-id
08cde116220000bdb4942bc000000001
zeta-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=1875819618098958344
35 B
214 B
Image
General
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=1875819618098958344
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad34f85bdb4-AMS
content-length
35
cf-request-id
08cde118080000bdb4912b5000000001
expires
Fri, 13 Mar 2020 14:50:19 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=1875819618098958344
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sx-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d070b0b8-8413-11eb-8748-1a377c5d0e06
  • https://router.infolinks.com/dyn/sx-usync?uid=d070b05f-8413-11eb-8748-1a377c5d0e06
35 B
422 B
Image
General
Full URL
https://router.infolinks.com/dyn/sx-usync?uid=d070b05f-8413-11eb-8748-1a377c5d0e06
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad89a1dbdb4-AMS
content-length
35
cf-request-id
08cde11b5d0000bdb4b0bdc000000001
expires
Fri, 13 Mar 2020 14:50:20 GMT

Redirect headers

Date
Sat, 13 Mar 2021 15:50:20 GMT
Server
nginx
Location
https://router.infolinks.com/dyn/sx-usync?uid=d070b05f-8413-11eb-8748-1a377c5d0e06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
VR-usync
router.infolinks.com/dyn/ Frame 577E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://router.infolinks.com/dyn/VR-usync?uid=y-qlS7131E2uHxo_KJmOKKfOXoskJ_o_ZswwkPFcU-~A
35 B
343 B
Image
General
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-qlS7131E2uHxo_KJmOKKfOXoskJ_o_ZswwkPFcU-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3241463&wsid=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66ad11e69bdb4-AMS
content-length
35
cf-request-id
08cde116b20000bdb4bc2d7000000001
expires
Fri, 13 Mar 2020 14:50:19 GMT

Redirect headers

Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/VR-usync?uid=y-qlS7131E2uHxo_KJmOKKfOXoskJ_o_ZswwkPFcU-~A
Connection
keep-alive
Content-Length
0
unnamed%2B%25281%2529.jpg
1.bp.blogspot.com/-bjf8xEK5Cd4/YDc-dYunySI/AAAAAAABT0Y/-Ost16xeyvUg80D2aB5KXZXVhg4lCIkWgCLcBGAsYHQ/w283/
15 KB
15 KB
Image
General
Full URL
https://1.bp.blogspot.com/-bjf8xEK5Cd4/YDc-dYunySI/AAAAAAABT0Y/-Ost16xeyvUg80D2aB5KXZXVhg4lCIkWgCLcBGAsYHQ/w283/unnamed%2B%25281%2529.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
276e7c76854aa8bd61998331a578c5d74ac67a0b6c344fc80a68cdc3469703ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:18 GMT
x-content-type-options
nosniff
server
fife
etag
"v14f47"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed (1).jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15739
x-xss-protection
0
expires
Sun, 14 Mar 2021 15:50:18 GMT
rules-p-b8GPCpJxfqYm2.js
rules.quantcount.com/
3 B
357 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-b8GPCpJxfqYm2.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:d000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 17:10:17 GMT
via
1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:50:07 GMT
server
AmazonS3
age
81602
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
BL6omKgY6Q10orPl1bEuCx6UO5Dn4WP8Qhpy2ZdAJG-i8ertfQtvnQ==
pixel;r=2111098422;rf=0;uht=2;a=p-b8GPCpJxfqYm2;url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F;fpan=1;fpa=P0-2096617743-1615650618536;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;re...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2111098422;rf=0;uht=2;a=p-b8GPCpJxfqYm2;url=https%3A%2F%2Foperationdisclosure.blogspot.com%2F;fpan=1;fpa=P0-2096617743-1615650618536;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=operationdisclosure.blogspot.com;je=0;sr=1600x1200x24;dst=1;et=1615650618536;tzo=-60;ogl=url.https%3A%2F%2Foperationdisclosure%252Eblogspot%252Ecom%2F%2Ctitle.Operation%20Disclosure%2Cdescription.%2Ctype.website%2Csite_name.Operation%20Disclosure
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=8&c2=6864322&rn=0.29754822710706774&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.29754822710706774&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&c...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.29754822710706774&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs_ak_ss=1
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.29754822710706774&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs_ak_ss=1
Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=8&c2=6864322&rn=0.4450581640466118&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.4450581640466118&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.4450581640466118&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs_ak_ss=1
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.64.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=8&c2=6864322&rn=0.4450581640466118&c7=https%3A%2F%2Foperationdisclosure.blogspot.com%2F&c3=&c4=&c5=&c6=&c10=&c15=&c16=&c8=Operation%20Disclosure&c9=&cv=1.8&cs_ak_ss=1
Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:18 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BC73
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB&dcc=t
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BC73
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=70&cm_user_id=YEzfOmdEZTxuONPUGaWbpwAA&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.78.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-78-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame BC73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEuBLdYonlM9PIBBiSGMroI&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEuBLdYonlM9PIBBiSGMroI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-189-33.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 13 Mar 2021 15:50:19 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEuBLdYonlM9PIBBiSGMroI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BC73
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YEzfOmdEZTxuONPUGaWbpwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLYBMsac-sQ_LXqjviLWV8&google_cver=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLYBMsac-sQ_LXqjviLWV8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-189-33.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Mar 2021 15:50:19 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJLYBMsac-sQ_LXqjviLWV8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame BC73
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame BC73
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1003 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-189-33.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Mar 2021 15:50:19 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 13 Mar 2021 15:50:19 GMT
server
nginx/1.18.0
content-length
76
rum
dsum-sec.casalemedia.com/ Frame BC73
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YEzfOwAAAEgVnDoG
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEzfOwAAAEgVnDoG&gdpr=1&_test=YEzfOwAAAEgVnDoG
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEzfOwAAAEgVnDoG&gdpr=1&_test=YEzfOwAAAEgVnDoG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.53.189.33 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS
a84-53-189-33.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Mar 2021 15:50:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 13 Mar 2021 15:50:20 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615650620.059837,VS0,VE0
x-served-by
cache-hhn4068-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEzfOwAAAEgVnDoG&gdpr=1&_test=YEzfOwAAAEgVnDoG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BC73
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
43 B
924 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 13 Mar 2021 15:50:18 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YEzfOmdEZTxuONPUGaWbpwAABLsAAAIB
Connection
keep-alive
Content-Length
0
ix-usync
router.infolinks.com/dyn/ Frame BC73
35 B
331 B
Image
General
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YEzfOmdEZTxuONPUGaWbpwAA%261211
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
62f66acf8db3bdb4-AMS
content-length
35
cf-request-id
08cde115b50000bdb491ac8000000001
expires
Fri, 13 Mar 2020 14:50:18 GMT
usync.js
eus.rubiconproject.com/ Frame E43A
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d4b9beb1775d109ba8e355206ab56f8a21bb40012230ab1f100057f07d3e3c3b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Mar 2021 15:50:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24719
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Sat, 13 Mar 2021 22:42:17 GMT
khaos.jpg
token.rubiconproject.com/ Frame E43A
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
4365_548f126ed8024.jpg
static-cdn.adblade.com/banners/images/298x224/
31 KB
31 KB
Image
General
Full URL
https://static-cdn.adblade.com/banners/images/298x224/4365_548f126ed8024.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d4e449b6ece96fc36bcffbb05d7a4066d4c8c2b0d2ece9078dcd81a65dd6194

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2017 20:05:01 GMT
server
AmazonS3
age
51633
etag
"872384453eaebc16f2436042859e1d96"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
date
Sat, 13 Mar 2021 02:51:11 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
31753
x-amz-cf-id
wLGiNjeze8T94HYPVhjdj_JZMJi-0gqRWxHI8csmeKV2ehl-6wub6Q==
4365_54b6a79d73cf9.jpg
static-cdn.adblade.com/banners/images/298x224/
32 KB
33 KB
Image
General
Full URL
https://static-cdn.adblade.com/banners/images/298x224/4365_54b6a79d73cf9.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094dff428fbdfc57f68d029701cad9dcaac5cc93c08dd9f36354667cc35f13d7

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2017 20:05:01 GMT
server
AmazonS3
age
17032
etag
"ac95a21fd2a958019ed0215099cc9aae"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
date
Sat, 13 Mar 2021 11:06:28 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
32910
x-amz-cf-id
flocs64h-v3nvbIILSXJ9WPhfQIzcunNo3otmuOZIKaUqw8pOUq_Bg==
4365_53d6d241a5b3d.jpg
static-cdn.adblade.com/banners/images/298x224/
28 KB
29 KB
Image
General
Full URL
https://static-cdn.adblade.com/banners/images/298x224/4365_53d6d241a5b3d.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17996e3c684cfb0e3ce408299c214b6ae993fc0c0deebdd6755c3dd4dcc260e0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2017 20:05:01 GMT
server
AmazonS3
age
63909
etag
"501ada8fe80e380705cb28339cf8bd53"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
date
Fri, 12 Mar 2021 22:08:11 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
29141
x-amz-cf-id
Cl7QH2TiuRMWMINDDwX5U9v9KnuF-NXqR1TYaE_ia-vYumNQDUhkwQ==
4365_54c6575144a43.jpg
static-cdn.adblade.com/banners/images/298x224/
25 KB
25 KB
Image
General
Full URL
https://static-cdn.adblade.com/banners/images/298x224/4365_54c6575144a43.jpg
Requested by
Host: operationdisclosure.blogspot.com
URL: https://operationdisclosure.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a123cebc2bc6afdbb49d73c9a8d3537014073eda974339b9b7c5e70692c35e16

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2017 20:05:01 GMT
server
AmazonS3
age
74795
etag
"80d632d02a0b121434e833f37cc79b7c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
date
Fri, 12 Mar 2021 19:03:45 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
25125
x-amz-cf-id
-SwanMoBYLvpYwApeIvGkhz4TPjXUIz1OGtdsLihJF1YQ_JcM87fqQ==
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c5f670bd0ca3d90044993e6eeee8896b206315ddf2d62acbc29f0e138254342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 13 Mar 2021 15:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6508
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319788988574599&plah=operationdisclosure.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 15:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sat, 13 Mar 2021 15:50:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CE72
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://operationdisclosure.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://operationdisclosure.blogspot.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 13 Mar 2021 12:03:55 GMT
expires
Sun, 13 Mar 2022 12:03:55 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
13585
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
pagead2.googlesyndication.com/bg/ Frame CE72
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Mar 2021 11:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
14672
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5656
x-xss-protection
0
expires
Sun, 13 Mar 2022 11:45:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=1880883257218063&bg=!KyilKGvNAAUO7zDoDjsAKQB2-DxaomvShIRu-u6w_7zvnFVGvADa7zrVd5xL3lc37QNuKJ0K8BjTAgAAAHtSAAAADmgBBwoAIKK3eVKWNaRbfnr02ATqgO5D4L_Nzvai9Yo_8csDmGUamQIaPegqfoyUeMLkt0v5qS3F3JDUzSQQDxHSfc1UhcTel77VuPb-vmq0QUDKC4kqNC7eqoO7E51RmS2gPEJ8ggRDTxXvCuGz-EmbZJTYw5IHN9cjQelA4ZdYQMA5_9jygqqwAiqEQTCLufJ7LD9eGqwyWvYPgBbM-m3iqih5aBuPZsxFwGK8IbS76-SW9hNqJKBnMbrgEbBA854SQClxUkvLF2kA6wn_D_Kzvdg_CXCQn4ufwgRhXc2UjR7q48UQBqC-KAvmr_l0G-IPtULqN7C8aCAUWRUJGhj3P_Jn9ucZGCuLCgVqhwuGRmzUFvCRdVKd2fh_2I1xvRU_Bh6HnBEmDfKNu7XC8BZ3TiMW6n6hAPhBp-fsDUX_J3qpPq68WMXfFo2DTjGUVHe7ti6tr9l3MqYp23l0bJlniskjR5m9T2s_KWuBxHezXfya_Mv2kuKJl29NJQ5dXqwiHOaEuoJraDnRMNpbQjGXiDj81kTMZwP-nN7cv290v0UYxYRt7k3ImgGWFDLKa5jMxKx7inkxcdcZVAEsGBDHEIDyp8Is_CvL3e05lPQ1TB9B1Bv_cE6aC6F4NNyJ9GYWF5-1cy7GcJMh8iBI-llHt61Q4o9Sjcj2417lP0IXugLt20i-B1XkEELwXQ7TSnFvnaBTenc4C9GlEqgDpM5qYOUh7ZXeSiXvhTonvCxywQ8nvr8TYNEjJ53xDWBClY1l1Q
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://operationdisclosure.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Mar 2021 15:50:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| FACEBOOK_APP_ID object| adsbygoogle number| infolink_pid number| infolink_wsid object| $iceboot object| INFOLINKS object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ad_client object| google_ad_host object| google_ad_slot object| google_ad_width object| google_ad_height boolean| google_onload_fired object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_restrict_data_processing function| googleTranslateElementInit object| google object| wait_jq function| main_js function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded object| jQuery11240890218037578026 function| _typeof object| $ice object| $infolinks object| google_image_requests object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture object| adbladeExports function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| closure_lm_162236 object| a0 number| index0 number| index1 number| index2 function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| $ICE_HB boolean| isPending string| prebid_file function| findCMP_PixFuture object| _qoptions object| callback_json_adblade254248004 function| quantserve function| __qc object| _qevents object| ezt function| qtrack function| pbjs_pixChunk object| pbjs_pix object| COMSCORE object| _comscore object| callback_json_adblade750617405 object| GoogleGcLKhOms

19 Cookies

Domain/Path Name / Value
.casalemedia.com/ Name: CMRUM3
Value: 27604cdf3a0b40&2d604cdf3b2760CAESEJLYBMsac-sQ_LXqjviLWV8&be604cdf3a05a0&e6604cdf3a27600&f1604cdf3a05a00&69604cdf3b05a00&58604cdf3c2760YEzfOwAAAEgVnDoG&ce604cdf3a05a00
.casalemedia.com/ Name: CMID
Value: YEzfOmdEZTxuONPUGaWbpwAA
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 7CF07236-BF0A-43CD-9187-F7B1AC571346
.infolinks.com/ Name: SXUSERCOOKIE
Value: d070b05f-8413-11eb-8748-1a377c5d0e06
.casalemedia.com/ Name: CMPS
Value: 1155
.infolinks.com/ Name: BIZZCUSERCOOKIE
Value: 82a04af04e683ecdc086e65c7fd23f2988adab15f1a8f1a37f75cad42df376be
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 1c58fb802b5709349d803416
.infolinks.com/ Name: IXUSERCOOKIE
Value: YEzfOmdEZTxuONPUGaWbpwAA&1211
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-8daa678b-ce9a-4127-bc24-56f8b6f9f680-003
.casalemedia.com/ Name: CMST
Value: YEzfOmBM3zwA
operationdisclosure.blogspot.com/ Name: logglytrackingsession
Value: ec37142a-c897-4207-867d-d81736dda178
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-C3tQnHNE2uEDZte7t_GWvbr42DTOCLLD~A~UPcf8bc1ee-8413-11eb-89f6-06d64d0340e2
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-qlS7131E2uHxo_KJmOKKfOXoskJ_o_ZswwkPFcU-~A
.operationdisclosure.blogspot.com/ Name: __qca
Value: P0-2096617743-1615650618536
.casalemedia.com/ Name: CMPRO
Value: 1211
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 1875819618098958344
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: ""
.infolinks.com/ Name: ANUSERCOOKIE
Value: 7147444780532945270
.doubleclick.net/ Name: IDE
Value: AHWqTUnn1aeAqfgMA12mpJZrUWLSPoaxjGeYEbeUEQilBwSCXxKZyvNudk8_io5clSs

3 Console Messages

Source Level URL
Text
console-api log URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1)
Message:
[object Object]
console-api log URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1)
Message:
Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://operationdisclosure.blogspot.com" from accessing a cross-origin frame.
console-api log URL: https://resources.infolinks.com/js/1739.003-3.012/ice.js(Line 1)
Message:
Failed log data: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
b1sync.zemanta.com
cdn.pixfuture.com
cm.g.doubleclick.net
d.adroll.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.rmbl.ws
i1.wp.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
img1.wsimg.com
match.adsrvr.org
onetag-sys.com
operationdisclosure.blogspot.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
resources.blogblog.com
resources.infolinks.com
router.infolinks.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
served-by.pixfuture.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static-3.bitchute.com
static-cdn.adblade.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
ups.analytics.yahoo.com
us.ck-ie.com
use.fontawesome.com
web.adblade.com
www.blogger.com
www.googletagservices.com
www.gstatic.com
www.moneymetals.com
www.operationdisclosure.blogspot.com
www.paypalobjects.com
104.108.50.124
104.108.64.33
104.22.3.144
13.32.21.95
142.250.186.162
142.250.186.34
151.101.114.133
151.101.114.49
174.137.133.49
178.162.133.149
18.203.78.129
185.33.221.52
185.64.190.79
185.64.190.80
185.64.190.81
185.94.180.125
192.0.77.2
193.0.160.128
2.17.185.233
208.100.17.171
208.100.17.184
213.19.147.150
23.111.9.35
23.37.42.132
2600:9000:2182:d000:6:44e3:f8c0:93a1
2606:4700:10::6814:2719
2606:4700:20::681a:a9c
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2009
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
3.126.56.137
51.38.120.206
52.59.102.119
54.194.137.128
54.239.17.112
54.88.106.17
63.35.200.21
64.202.112.127
68.183.31.14
69.173.144.138
72.251.249.13
84.53.189.33
88.214.193.83
89.187.169.15
93.184.221.168
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02dc318edac42c59dfba5736912f09ee3c47b4246b5893085f7b108ac178ce68
04933ef9298788901ccc7b429cb4e6d7e3d28b0bd2caf7d8665ee34371342d98
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
094dff428fbdfc57f68d029701cad9dcaac5cc93c08dd9f36354667cc35f13d7
0b1d7f87f3ca4c8b4bd749b02b6ad71c930b7e306c752a2e2293d7b250b02e27
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0ec2714571f213ca074cf14e728e11fcd9cf440770db868959b12d6a96b56e53
10b95dfd4abf9aa4574f3cc25dd7d78bf18bfc2f880b3f347eb84812bbbed0b4
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
13e18b96f51586caaec69072bfada6ed3405e98f8aa3581127aa146cc7282f05
15a01fe0e4868796fce1d53f9c36e302b3c5924ccae5fb9ba0a402f0b5d9e6f7
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17996e3c684cfb0e3ce408299c214b6ae993fc0c0deebdd6755c3dd4dcc260e0
17baab0a1ff591375e4b972fff62a75a2003b125489d99d6215e6b3784ad6f63
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c5f670bd0ca3d90044993e6eeee8896b206315ddf2d62acbc29f0e138254342
1e91ef2573a6331b5267f0fd57d0bdccbe75ecefc2054d665c8d4b2385215e5f
1f118e9895c9a52f1502be1654de6fc351d5fce90495c48dce62692c9e17c7b1
276e7c76854aa8bd61998331a578c5d74ac67a0b6c344fc80a68cdc3469703ca
27c45d7c5353fa7df485f661f445d788aa21d7bcfed72b98926ad9cc40d19f8c
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2fb75017076ab25d6a80241be200825f3740604c2b8689adadb599b5012bd7ac
30568aee2fba4e71840c0f3993d359f0284b1c41b474652d0e2a7ade195cf80b
3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1
34f84cae6040b31abd09aa5212031b3bccbeb73cd9c53e37f6baaf337021ced5
358afcad7287d452a0cb2106a7bbb48d7effb1adfce1fcdf5ff9216767309a2f
35e2fc03a8c2d165884068c91d5ca093aac09ee4bbae41a1a6d37e7462d64a84
36af81a87835f14c9b9706ed6687f337f04d02da20dc52c1ff1a1eeb1e042707
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d30c222300514d48a0b7509f0ae9e042b1faa4f0981a59cf17a237062359d2f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43c76c55901666edc020c33b12756390a7d723063c0bfe58899776b2db4d85da
4427d43895fd6853835f5dd8dd8525f095dde1f1d3efda5255e0333c23c39583
46eb2c4af3ff749f7243d801a377b76fd92b43879f18b2e9cba36feab1bf9307
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a22959e6a40516ed88e6891d525b0e21cff9829753f4bf318f197a3c0f18e6e
546561bbde95e76b24c1694df24987f2dd5006da0c1aebb0cad26503c91e3a26
55ae73c00f1bc9e476f0ce687b3ee029bcb94529b542f0ee0a6d8a2242639e8d
55c75d7cdfec7db1845ac3b02eef8300ff24ff7c50fbab917754dd34487b30b5
5a7aea6e614acb9166508ed9172b92f4c754a16584e73627328977cacdb14211
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6308e98c7d1ea77f5a948b9f11f3dcad3e38228f54dd41bfec63e19941f2bb6a
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
662993ecccdd6d8997a172aa060faf19ca920824d5b4188793b28d1154c4586a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a01cb06b4e7b7684b87eaa2f0f07eff64039589b4dfd8df5f657628a205ef0d
6d4e449b6ece96fc36bcffbb05d7a4066d4c8c2b0d2ece9078dcd81a65dd6194
73f05d625853df780adb89f3be92a5663534df59ccb38140a5c55502c53532ae
7c373a7d49be09b3ae11704575813484b235d647c70151fe7862f420093941b3
7ffc8ba94d2fcf27cbfd84366dbd2c9df3da8d6d2deaf885b1bef97ee178e76c
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
89709aa1e47ac6d13de5185b0b00956bfd2d1fee3133956ac5873719501f88df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92bd3e957c1ecbecc5c2723bcb0e9e1a412252f14ce8fb4bcc8c2f29473491f2
96dfbefc4fc4c8fca977d84828501d8e0600c2efe9118e84e5d0b337cbb52774
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a123cebc2bc6afdbb49d73c9a8d3537014073eda974339b9b7c5e70692c35e16
a20f17a5b30651083733f05e5d260cb8f3579466385945d1876c154f1f42780b
a2460c0e122c3d45c9edb07730c80674f317ddba364c37af3775b19bc79fb223
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e539ca0a2534c7bef21ec6b3fd67d87edfb8ef96b5564be9d88f84cbf22963
a637d3ff767789f9b113bbfa208bdb6a76efed7c4c111da2a130f6a38a51d353
a912a359eb38d55b522d75540bbed1e86ce89a963662ea5a6ed8f6a664b60812
a94a13d4e9df8dc2bc696a168930cd511f83498136bba3bb0b968d7556f0b807
ab62fe971dd4b318621de81bfd9315f50f36bd50791512128cea651f3ef136d1
ae45c4fbc59cdd6049926666731ecf61bb039fbb20883f57abdd691de7eba943
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb02fbc4e13596be769d96fe92b99ed6203ed535f74f5db184b164e2b6276894
bbe230b404bd9a866f6a1dd3c85239be14cfd744f169f2fcffaa82c47da2bcc6
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d41b6f70c39f097e58dac77db70b978a0c45ce596c4776cd7dc26f4fdc9676e5
d48dacafefbe661dcbac0d7958c0e4beddc2cb2c7b13d0d221c4568eadc12255
d4b9beb1775d109ba8e355206ab56f8a21bb40012230ab1f100057f07d3e3c3b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de26000d516bb2e48916b3f81946330c455185eac6a23000157cecf97c686171
df1d403bd0a5a7d3a2550eecd0eab4b52acc9b90da9806f06eb6b7252d089c11
e067363e35125aa52369118713f3a05c66b0217d9622d270286ae8605edaad37
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e889a3c3a4f7cf70760a578693bb70961e47d1e9680dfbc9a828ee294a5a39
e889ed439ef85f60a34f4dbb4abf8cb2e3d65b25142e9be09f7204faceb8c874
ead5a68c71d0568be0e948365bac4a042b61100aa5589fba595006c7769edb08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
f6a1d771791395ca9fe4aa74d1d876a3556944b685017b472ddc6029df907460
f8503eac41e898df9d6079785789ffddc04aeab6c465e4aeaf32a12ec07a059e