urlscan.io logo urlscan.io
SecurityTrails logo

addsdata.com Open in urlscan Pro
172.67.157.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://juliussdc.blogspot.com/
Effective URL: https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Submission: On March 28 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 20 domains to perform 43 HTTP transactions. The main IP is 172.67.157.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is addsdata.com.
TLS certificate: Issued by GTS CA 1P5 on March 23rd 2023. Valid for: 3 months.
This is the only time addsdata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 142.251.42.129 15169 (GOOGLE)
1 142.251.42.163 15169 (GOOGLE)
2 142.250.207.35 15169 (GOOGLE)
5 192.243.59.12 39572 (ADVANCEDH...)
1 192.243.59.13 39572 (ADVANCEDH...)
7 142.250.207.33 15169 (GOOGLE)
3 142.251.42.169 15169 (GOOGLE)
3 13.213.245.92 16509 (AMAZON-02)
1 104.21.234.92 13335 (CLOUDFLAR...)
1 2 192.243.61.225 39572 (ADVANCEDH...)
1 2 173.233.137.44 7979 (SERVERS-COM)
1 192.243.61.227 39572 (ADVANCEDH...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
2 172.67.157.209 13335 (CLOUDFLAR...)
1 104.26.6.19 13335 (CLOUDFLAR...)
2 172.67.197.244 13335 (CLOUDFLAR...)
1 172.67.72.9 13335 (CLOUDFLAR...)
3 104.26.7.228 13335 (CLOUDFLAR...)
43 18
4    142.251.42.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f1.1e100.net
juliussdc.blogspot.com
1    142.251.42.163 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f3.1e100.net
www.gstatic.com
2    142.250.207.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f3.1e100.net
fonts.gstatic.com
5    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.highperformancedformats.com
nannyamplify.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl16614031.effectivecpmgate.com
7    142.250.207.33 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f1.1e100.net
lh3-testonly.googleusercontent.com
lh5.googleusercontent.com
3    142.251.42.169 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f9.1e100.net
resources.blogblog.com
www.blogger.com
3    13.213.245.92 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-245-92.ap-southeast-1.compute.amazonaws.com
simplewebanalysis.com
1    104.21.234.92 (None, )

ASN13335 (CLOUDFLARENET, US)
friendshipmale.com
2    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
partpedestal.com
2    173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)
perspectiveunderstandingslammed.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
unseenreport.com
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
offer.advotionhot.com
2    172.67.157.209 (United States)

ASN13335 (CLOUDFLARENET, US)
addsdata.com
1    104.26.6.19 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.yourwebbars.com
2    172.67.197.244 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.cn-rtb.com
t.cn-rtb.com
1    172.67.72.9 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
3    104.26.7.228 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmhood.com
t.ocmhood.com
Apex Domain
Subdomains		 Transfer
7 googleusercontent.com
lh3-testonly.googleusercontent.com — Cisco Umbrella Rank: 297746
lh5.googleusercontent.com — Cisco Umbrella Rank: 140
9 KB
4 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 68545
cdn.ocmhood.com — Cisco Umbrella Rank: 21507
t.ocmhood.com — Cisco Umbrella Rank: 11672
13 KB
4 blogspot.com
juliussdc.blogspot.com
42 KB
3 nannyamplify.com
nannyamplify.com — Cisco Umbrella Rank: 34982
6 KB
3 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 16833
879 B
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
35 KB
2 cn-rtb.com
feed.cn-rtb.com — Cisco Umbrella Rank: 67911
t.cn-rtb.com — Cisco Umbrella Rank: 74103
852 B
2 addsdata.com
addsdata.com
322 KB
2 perspectiveunderstandingslammed.com
perspectiveunderstandingslammed.com — Cisco Umbrella Rank: 35002
4 KB
2 partpedestal.com
partpedestal.com
4 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9092
58 KB
2 highperformancedformats.com
www.highperformancedformats.com — Cisco Umbrella Rank: 874748
21 KB
1 yourwebbars.com
cdn.yourwebbars.com — Cisco Umbrella Rank: 50927
968 B
1 advotionhot.com
offer.advotionhot.com — Cisco Umbrella Rank: 221934
339 B
1 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 28465
425 B
1 friendshipmale.com
friendshipmale.com — Cisco Umbrella Rank: 24723
27 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 17162
46 KB
1 effectivecpmgate.com
pl16614031.effectivecpmgate.com
14 KB
0 creative-bars1.com Failed
cdn.creative-bars1.com Failed
0 yourgoads.com Failed
yourgoads.com Failed
43 20
Domain Requested by
6 lh3-testonly.googleusercontent.com juliussdc.blogspot.com
4 juliussdc.blogspot.com 1 redirects juliussdc.blogspot.com
3 nannyamplify.com pl16614031.effectivecpmgate.com
3 simplewebanalysis.com www.highperformancedformats.com
pl16614031.effectivecpmgate.com
2 t.ocmhood.com sdk.ocmhood.com
2 addsdata.com juliussdc.blogspot.com
addsdata.com
2 perspectiveunderstandingslammed.com 1 redirects
2 partpedestal.com 1 redirects
2 www.blogger.com juliussdc.blogspot.com
2 www.highperformancedformats.com juliussdc.blogspot.com
2 fonts.gstatic.com juliussdc.blogspot.com
1 t.cn-rtb.com addsdata.com
1 cdn.ocmhood.com sdk.ocmhood.com
1 sdk.ocmhood.com addsdata.com
1 feed.cn-rtb.com addsdata.com
1 cdn.yourwebbars.com pl16614031.effectivecpmgate.com
1 offer.advotionhot.com 1 redirects
1 unseenreport.com
1 friendshipmale.com pl16614031.effectivecpmgate.com
1 resources.blogblog.com juliussdc.blogspot.com
1 lh5.googleusercontent.com juliussdc.blogspot.com
1 pl16614031.effectivecpmgate.com juliussdc.blogspot.com
1 www.gstatic.com juliussdc.blogspot.com
0 cdn.creative-bars1.com Failed pl16614031.effectivecpmgate.com
0 yourgoads.com Failed juliussdc.blogspot.com
43 25

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
highperformancedformats.com
R3		 2023-02-17 -
2023-05-18		 3 months crt.sh
effectivecpmgate.com
R3		 2023-02-17 -
2023-05-18		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
simplewebanalysis.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-18 -
2024-02-17		 a year crt.sh
nannyamplify.com
R3		 2023-03-10 -
2023-06-08		 3 months crt.sh
*.unseenreport.com
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.addsdata.com
GTS CA 1P5		 2023-03-23 -
2023-06-21		 3 months crt.sh
*.cn-rtb.com
GTS CA 1P5		 2023-02-22 -
2023-05-23		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Frame ID: 00767534AB29E63A9D7AD148604E51D3
Requests: 51 HTTP requests in this frame

Frame: https://cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/img/close.svg
Frame ID: F1E17BD6EBFD8631FAEFF9F315018921
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ロボットでない場合は, [許可]をクリックします

Page URL History Show full URLs

  1. http://juliussdc.blogspot.com/ HTTP 301
    https://juliussdc.blogspot.com/ Page URL
  2. https://offer.advotionhot.com/click?pid=2&offer_id=3604&sub1=206d9020b9907400a5453e15168bc084&sub2=16512921 HTTP 302
    https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&si... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Page Statistics

43
Requests

84 %
HTTPS

0 %
IPv6

20
Domains

25
Subdomains

18
IPs

4
Countries

601 kB
Transfer

1463 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://juliussdc.blogspot.com/ HTTP 301
    https://juliussdc.blogspot.com/ Page URL
  2. https://offer.advotionhot.com/click?pid=2&offer_id=3604&sub1=206d9020b9907400a5453e15168bc084&sub2=16512921 HTTP 302
    https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://juliussdc.blogspot.com/ HTTP 301
  • https://juliussdc.blogspot.com/
Request Chain 23
  • https://partpedestal.com/watch.584798556246.js?key=e191cd323dde19bf68cc5e41c249a3e3&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=e97b6f84-0916-44d2-94ba-d413ff3ba416%3A3%3A1 HTTP 307
  • https://partpedestal.com/watch.584798556246.js?key=e191cd323dde19bf68cc5e41c249a3e3&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=e97b6f84-0916-44d2-94ba-d413ff3ba416%3A3%3A1&shu=d491605dd1d1d0eea6c28a421883b099ea8b7e465cacc40f9a28241b86f6e76afbf8345bcdafe9ef16688f29610aa42f92666c4c1a8bcb4deda293b0d324235bc08925925186d62a97079fda74aca5e303ca20ca37d2e401fbac11bf1020d7&pst=1679967523&rmtc=t
Request Chain 24
  • https://perspectiveunderstandingslammed.com/watch.521922742722.js?key=fc499d05e1dcfa8e16a05167e9813399&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=73d180b0-54cc-4aed-a2ac-320bfc1380db%3A3%3A1 HTTP 307
  • https://perspectiveunderstandingslammed.com/watch.521922742722.js?key=fc499d05e1dcfa8e16a05167e9813399&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=73d180b0-54cc-4aed-a2ac-320bfc1380db%3A3%3A1&shu=7693ef43baff579c73f87e242537c9539195d0ad549ec0fd9fca278c0ad32d79b5f3526c463b072ffff2d3f405598d041dfd7a45ba3180d025ae97bc7df4b25926eda04bbfa19f253539bcbccbeecd2c3df2a3c90a4fd0895cab1ad5d269c817331b8a&pst=1679967523&rmtc=t

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
juliussdc.blogspot.com/
Redirect Chain
  • http://juliussdc.blogspot.com/
  • https://juliussdc.blogspot.com/
129 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
GSE /
Resource Hash
40572dc2ae5ffb67c1bb9465c36cbb06edf4a6e63467d55ac1ef14fd991805af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
22821
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 01:37:41 GMT
etag
W/"7f08c068c29a298a154e85a3509938f474bff1292372cc3cc83e8473557d0f51"
expires
Tue, 28 Mar 2023 01:37:41 GMT
last-modified
Mon, 20 Mar 2023 05:47:36 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
178
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Mar 2023 01:37:41 GMT
Expires
Tue, 28 Mar 2023 01:37:41 GMT
Location
https://juliussdc.blogspot.com/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f3.1e100.net
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3475
x-xss-protection
0
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 28 Mar 2023 01:37:42 GMT
none
juliussdc.blogspot.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juliussdc.blogspot.com/none
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
GSE /
Resource Hash
f43b33be8ed07cd9d4b8d784a0cb1befc34a806a5c7f8dc57cd85c1016201668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 01:37:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://juliussdc.blogspot.com/
Origin
https://juliussdc.blogspot.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 11:47:40 GMT
x-content-type-options
nosniff
age
309002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Mar 2024 11:47:40 GMT
sprite_v1_6.css.svg
juliussdc.blogspot.com/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://juliussdc.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2244
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 02:49:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 03 Apr 2023 05:50:16 GMT
invoke.js
www.highperformancedformats.com/fc499d05e1dcfa8e16a05167e9813399/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highperformancedformats.com/fc499d05e1dcfa8e16a05167e9813399/invoke.js
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
8195c47cbda05c80e86a1f3782bde64041e2971b8d7d5664b58eb49a92b08581
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://juliussdc.blogspot.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 28 Mar 2023 01:37:42 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
9e3f2ddefe4fd3130675f73a24537cf1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
37c63209b9607d53e6f7820f5f63212e.js
pl16614031.effectivecpmgate.com/37/c6/32/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pl16614031.effectivecpmgate.com/37/c6/32/37c63209b9607d53e6f7820f5f63212e.js
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
14d5be72534b03424e1e4055e7ece737fcc562f1ab223e013376e1e1bb781def
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://juliussdc.blogspot.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 28 Mar 2023 01:37:42 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
e8d3c09109bec1ab08e9d67044ca5423
Expires
Thu, 01 Jan 1970 00:00:01 GMT
AHs97-k5yjUNb0eSdd27wWQ0craBIxcOGYjn31w_3UkK9lhcvBdiShWO0mXHLiZQV00sEHH7R5KpleKd4jh_4xq_iSpRyoOCQ2exSw87SyWXEbgvSdCLWPHZJCzetY7eSN1tHbALCskU4Pvvl7YBTYu1lTPE9A=w945-h600-p-k-no-nu
lh3-testonly.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-k5yjUNb0eSdd27wWQ0craBIxcOGYjn31w_3UkK9lhcvBdiShWO0mXHLiZQV00sEHH7R5KpleKd4jh_4xq_iSpRyoOCQ2exSw87SyWXEbgvSdCLWPHZJCzetY7eSN1tHbALCskU4Pvvl7YBTYu1lTPE9A=w945-h600-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
AHs97-mhdd09OnZhRjNGcAu7GqW_SatWDloc-jV3yatdlD1qt_SbWHIFmz8mYDGZ8RUSKE0SfCzrQvG-dZsBiIiuIZo1aOU9iUUVpKS5ANrVThDJTv0On_SRffEY_Cn63WbLCUjhc4E-z90C7OUGabg0aw=w128-h128-p-k-no-nu
lh3-testonly.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-mhdd09OnZhRjNGcAu7GqW_SatWDloc-jV3yatdlD1qt_SbWHIFmz8mYDGZ8RUSKE0SfCzrQvG-dZsBiIiuIZo1aOU9iUUVpKS5ANrVThDJTv0On_SRffEY_Cn63WbLCUjhc4E-z90C7OUGabg0aw=w128-h128-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
AHs97-mm2wLO9iErqWFCNgQ92dF1DYQnYf3Pc8kXcrO_jXUef1v0Xl-puevGmo6waEp_mU1kWSM5cmqpYGeBf5Elab1XPzMoP4boDFzYmtKNwlvjN0A7DyyKL1-KZ6ClK5V5D6zB8uq796bLgaPDNlg9vSC8sK3SZw9Y2G0=w128-h128-p-k-no-nu
lh3-testonly.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-mm2wLO9iErqWFCNgQ92dF1DYQnYf3Pc8kXcrO_jXUef1v0Xl-puevGmo6waEp_mU1kWSM5cmqpYGeBf5Elab1XPzMoP4boDFzYmtKNwlvjN0A7DyyKL1-KZ6ClK5V5D6zB8uq796bLgaPDNlg9vSC8sK3SZw9Y2G0=w128-h128-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
AHs97-kSxNEbkjFF5P7WwH4lBUEAKf1RGYveRCIdgxf8xknOjrN1ap3t2ZXLwn03RTfA9MIJlmhz_VkyLVZJcdqpNBRb1LAEJ4rYhZGQ4jnW4nn7XxMmgosl52QkmkA=w128-h128-p-k-no-nu
lh3-testonly.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-kSxNEbkjFF5P7WwH4lBUEAKf1RGYveRCIdgxf8xknOjrN1ap3t2ZXLwn03RTfA9MIJlmhz_VkyLVZJcdqpNBRb1LAEJ4rYhZGQ4jnW4nn7XxMmgosl52QkmkA=w128-h128-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
AHs97-nU2TT35Z27LFTo3vyiMyEGlJsux4mzujX47rIVeMiXMiz9x0UXk2tW-85ENY37M39Jq4OfOfvM7GDAu7YmnklQaoGqsDaY5XqdtMpSik2yPS4m5KB3zo5ZzGeZgY910NOK=w128-h128-p-k-no-nu
lh3-testonly.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-nU2TT35Z27LFTo3vyiMyEGlJsux4mzujX47rIVeMiXMiz9x0UXk2tW-85ENY37M39Jq4OfOfvM7GDAu7YmnklQaoGqsDaY5XqdtMpSik2yPS4m5KB3zo5ZzGeZgY910NOK=w128-h128-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
81tmbA18xybDQ3_nDJFI0GuiRFCXJgnJ3lksNB1DXMHj7vhlPmDuCUKhAi2G1m8aBUd48s_nZbMekGNhrrJFmjmpXGA3F6mr=w128-h128-p-k-no-nu
lh5.googleusercontent.com/proxy/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/81tmbA18xybDQ3_nDJFI0GuiRFCXJgnJ3lksNB1DXMHj7vhlPmDuCUKhAi2G1m8aBUd48s_nZbMekGNhrrJFmjmpXGA3F6mr=w128-h128-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
fife /
Resource Hash
b9a3bf05ab5ec41ec1f47f775afe1cc7e79ec4f30ef54da60f96309def919487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:42 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9273
x-xss-protection
0
expires
Wed, 29 Mar 2023 01:37:42 GMT
AHs97-l5sFIkTQYdHfiDlI02zeP4ML7t6RADo4aISpRZQwQum3rT__mdlhHO1dai8086Sgyc9rtqf6qSjLE0mu2ErS0whMkulv9DULh2P8U370onHjgxmVYDvhCpMf_UBMXL327nn0y6GkmV9IKkQRM9E-_RgH-jG2b6jJ3COcHx1x6kAGJ9QlGpgwV9FVeMz_ogL...
lh3-testonly.googleusercontent.com/blogger_img_proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-l5sFIkTQYdHfiDlI02zeP4ML7t6RADo4aISpRZQwQum3rT__mdlhHO1dai8086Sgyc9rtqf6qSjLE0mu2ErS0whMkulv9DULh2P8U370onHjgxmVYDvhCpMf_UBMXL327nn0y6GkmV9IKkQRM9E-_RgH-jG2b6jJ3COcHx1x6kAGJ9QlGpgwV9FVeMz_ogLnQLt3o_5JTwJJVdC9fPbWtUqowfgz7Y_dAO_7-WsM0xIyPJ5QoGaGo6HftqxNJ81N408XZ_vdLH=w128-h128-p-k-no-nu
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers
4255645160-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/4255645160-indie_compiled.js
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f9.1e100.net
Software
sffe /
Resource Hash
7b9670de43fb781389d9889326b6b54f6cf85694fe3de7d3abc1a6321c737620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 05:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46982
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 09:50:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 30 Mar 2023 05:46:56 GMT
229717095-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/229717095-widgets.js
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f9.1e100.net
Software
sffe /
Resource Hash
d73b04132723ac8d4585f5ee6c7ffa1b6715f5bd6c04f21a8ffa47abe5327cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://juliussdc.blogspot.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 27 Mar 2023 02:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56922
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 01:49:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 26 Mar 2024 02:17:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://juliussdc.blogspot.com/
Origin
https://juliussdc.blogspot.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 11:47:40 GMT
x-content-type-options
nosniff
age
309002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Mar 2024 11:47:40 GMT
stats
simplewebanalysis.com/ 		40 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: www.highperformancedformats.com
URL: https://www.highperformancedformats.com/fc499d05e1dcfa8e16a05167e9813399/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.245.92 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-245-92.ap-southeast-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
853b280f9eca457e5177a3d58bc2170904160c1fa2b7033c5ac867abf78e2a70

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
https://juliussdc.blogspot.com
date
Tue, 28 Mar 2023 01:37:43 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
invoke.js
www.highperformancedformats.com/e191cd323dde19bf68cc5e41c249a3e3/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.highperformancedformats.com/e191cd323dde19bf68cc5e41c249a3e3/invoke.js
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
6ebdd63c2e7520555d19f7d520e1c7b4de2c3f4c9a07b209a064cc4f804c29ce
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://juliussdc.blogspot.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 28 Mar 2023 01:37:42 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
c66d821feb4051180438819547d88b46
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
simplewebanalysis.com/ 		40 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: www.highperformancedformats.com
URL: https://www.highperformancedformats.com/e191cd323dde19bf68cc5e41c249a3e3/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.245.92 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-245-92.ap-southeast-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
f43f81747262f5408cd3e0bd9030b624e47b32b05c4edae64087c60051024fe5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
https://juliussdc.blogspot.com
date
Tue, 28 Mar 2023 01:37:43 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
sfp.js
friendshipmale.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friendshipmale.com/sfp.js
Requested by
Host: pl16614031.effectivecpmgate.com
URL: https://pl16614031.effectivecpmgate.com/37/c6/32/37c63209b9607d53e6f7820f5f63212e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:43 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
282fed2fc5d63b78fcb494d1ea17ae36
last-modified
Tue, 28 Mar 2023 01:37:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW0yW4yn%2FZA5KcevDLWMaS3Sa5KbHQ34STjm2hlN2ytowbblGPV5WIRHql87AxqVkXz2Ls2bdixMAFyBLZV%2FnSB3fpuHGVyWbPwwQb5Ee%2BlWJE61yj7Eo0YRCMSJwfaOlOTXfy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7aec2646086eaf8e-NRT
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
simplewebanalysis.com/ 		40 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: pl16614031.effectivecpmgate.com
URL: https://pl16614031.effectivecpmgate.com/37/c6/32/37c63209b9607d53e6f7820f5f63212e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.245.92 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-245-92.ap-southeast-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
27ed38d0b0a6d9603babc4b817767e9cf81e5b8691599b51ab05f43ff1b621e5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
https://juliussdc.blogspot.com
date
Tue, 28 Mar 2023 01:37:43 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
blogger_logo_round_35.png
www.blogger.com/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f9.1e100.net
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 08:52:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Mar 2023 07:50:46 GMT
server
sffe
age
492315
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2531
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 29 Mar 2023 08:52:28 GMT
watch.584798556246.js
partpedestal.com/
Redirect Chain
  • https://partpedestal.com/watch.584798556246.js?key=e191cd323dde19bf68cc5e41c249a3e3&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=e97b6f84-0916-44...
  • https://partpedestal.com/watch.584798556246.js?key=e191cd323dde19bf68cc5e41c249a3e3&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=e97b6f84-0916-44...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://partpedestal.com/watch.584798556246.js?key=e191cd323dde19bf68cc5e41c249a3e3&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=e97b6f84-0916-44d2-94ba-d413ff3ba416%3A3%3A1&shu=d491605dd1d1d0eea6c28a421883b099ea8b7e465cacc40f9a28241b86f6e76afbf8345bcdafe9ef16688f29610aa42f92666c4c1a8bcb4deda293b0d324235bc08925925186d62a97079fda74aca5e303ca20ca37d2e401fbac11bf1020d7&pst=1679967523&rmtc=t
Protocol
HTTP/1.1
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
a8083517cb5819a33918905fc812636d3152fb0d4066ebd14b2fe60443a50fff
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Mar 2023 01:37:43 GMT
Custom-Referer
https://juliussdc.blogspot.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://juliussdc.blogspot.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
725bcf84820afd8abdd81679656084e3
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 28 Mar 2023 01:37:43 GMT
Custom-Referer
https://juliussdc.blogspot.com
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://juliussdc.blogspot.com
Location
https://partpedestal.com/watch.584798556246.js?key=e191cd323dde19bf68cc5e41c249a3e3&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=e97b6f84-0916-44d2-94ba-d413ff3ba416%3A3%3A1&shu=d491605dd1d1d0eea6c28a421883b099ea8b7e465cacc40f9a28241b86f6e76afbf8345bcdafe9ef16688f29610aa42f92666c4c1a8bcb4deda293b0d324235bc08925925186d62a97079fda74aca5e303ca20ca37d2e401fbac11bf1020d7&pst=1679967523&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
231e8809aa7882b0b32fec2c584a1703
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.521922742722.js
perspectiveunderstandingslammed.com/
Redirect Chain
  • https://perspectiveunderstandingslammed.com/watch.521922742722.js?key=fc499d05e1dcfa8e16a05167e9813399&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uu...
  • https://perspectiveunderstandingslammed.com/watch.521922742722.js?key=fc499d05e1dcfa8e16a05167e9813399&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uu...
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://perspectiveunderstandingslammed.com/watch.521922742722.js?key=fc499d05e1dcfa8e16a05167e9813399&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=73d180b0-54cc-4aed-a2ac-320bfc1380db%3A3%3A1&shu=7693ef43baff579c73f87e242537c9539195d0ad549ec0fd9fca278c0ad32d79b5f3526c463b072ffff2d3f405598d041dfd7a45ba3180d025ae97bc7df4b25926eda04bbfa19f253539bcbccbeecd2c3df2a3c90a4fd0895cab1ad5d269c817331b8a&pst=1679967523&rmtc=t
Protocol
HTTP/1.1
Server
173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Mar 2023 01:37:44 GMT
Custom-Referer
https://juliussdc.blogspot.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://juliussdc.blogspot.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
177b7bbed76abb4e2669ecbee475f437
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 28 Mar 2023 01:37:43 GMT
Custom-Referer
https://juliussdc.blogspot.com
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://juliussdc.blogspot.com
Location
https://perspectiveunderstandingslammed.com/watch.521922742722.js?key=fc499d05e1dcfa8e16a05167e9813399&kw=%5B%22juliussdc%22%5D&refer=https%3A%2F%2Fjuliussdc.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=73d180b0-54cc-4aed-a2ac-320bfc1380db%3A3%3A1&shu=7693ef43baff579c73f87e242537c9539195d0ad549ec0fd9fca278c0ad32d79b5f3526c463b072ffff2d3f405598d041dfd7a45ba3180d025ae97bc7df4b25926eda04bbfa19f253539bcbccbeecd2c3df2a3c90a4fd0895cab1ad5d269c817331b8a&pst=1679967523&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
96b7ef065aba05a1911dddecc2e9c706
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbar.json
nannyamplify.com/ 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nannyamplify.com/sbar.json?key=37c63209b9607d53e6f7820f5f63212e&uuid=f1449344-fbad-4fea-ae5f-4d217848c588%3A3%3A1
Requested by
Host: pl16614031.effectivecpmgate.com
URL: https://pl16614031.effectivecpmgate.com/37/c6/32/37c63209b9607d53e6f7820f5f63212e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Mar 2023 01:37:44 GMT
Custom-Referer
https://juliussdc.blogspot.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://juliussdc.blogspot.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
87219232d03a9318632199782c3beca4
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pxf.gif
unseenreport.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unseenreport.com/pxf.gif?uuid=73d180b0-54cc-4aed-a2ac-320bfc1380db&eb=ee6eacd4c510c3401e9fc03b2e4d6288&te=882860c7f0ad36638cbdb4b4cba1e705&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=37c63209b9607d53e6f7820f5f63212e&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Mar 2023 01:37:44 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
07bff9d727c40eb9a09c086aacb34673
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
yourgoads.com/M77XuEMOOCFBbE18ZiZV98EmrXRr6JDqRpqq7wpH7hY/ 		0
0
Primary Request /
addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/
Redirect Chain
  • https://offer.advotionhot.com/click?pid=2&offer_id=3604&sub1=206d9020b9907400a5453e15168bc084&sub2=16512921
  • https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
439 KB
322 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Requested by
Host: juliussdc.blogspot.com
URL: https://juliussdc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.157.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2775d29dec9e95479c3bb07d9538d8d7ac01d2bac385976ac074257d7e03ebb2

Request headers

Referer
https://juliussdc.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aec26538c4580e3-NRT
content-encoding
br
content-type
text/html
date
Tue, 28 Mar 2023 01:37:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IsgzhHqVKqbxiL1XOuu2hmYgV92NmYdWvA5UXjSfepmG7FJF8IEZYmdJxoJZXp2CMjtUbKQvhbjOKTkmlSu9jnhAZIfJkaGd3yI%2FphoS6ePAKRanhzqaE5LntOqQWc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Tue, 28 Mar 2023 01:37:44 GMT
location
https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
server
nginx
x-adjust-use-original-forwarded-for
1
index.html
cdn.yourwebbars.com/sb/interstitial/software/flash/multi/3/ 		2 KB
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.yourwebbars.com/sb/interstitial/software/flash/multi/3/index.html
Requested by
Host: pl16614031.effectivecpmgate.com
URL: https://pl16614031.effectivecpmgate.com/37/c6/32/37c63209b9607d53e6f7820f5f63212e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 13:53:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLOc2Di0GC4qcnFZp9mvTM7fI2EK9EEG%2FACV2cZPQY%2BgqF6tdGX%2Fw%2BCN2NDEj4AST0xFP54jBh8k7vIIOqyBERyKdAOoJ2qYqeeOGZ2FIOVfuhps1FUd2UpnNBemXYGK4e9YQmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
7aec264febd1af7c-NRT
expires
Thu, 31 Dec 2037 23:55:55 GMT
ren.gif
nannyamplify.com/ 		7 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nannyamplify.com/ren.gif?sid=H4sIAAAAAAAC%2F1ySTYgcxRvGqzf5H%2FIHD4oHhYhNFEwkO9vfM0PEJJsv86UhWdlzdVf1bGV6upqq7unNHJKQgCzoYQQPHnuf2c2iCUEP3iLKrLcB0fG0BvZkYPHkddGDzO7Agu%2FlfXmfp4p6ftQnq8U2sVDQrfy67IkkoXN%2BzTKPL4qUyVKbHy6YtlWzTpmLIg28U%2BZy4J0wz2ZZwhd5eFXkc75br7mBefzqBwvXr500E9Hm5iUeteUJ89ySkh0%2BZ9t2zar5fuDWbNsyb9GYKjE9B5E9tZ2g5liNmm01a34Ty%2Bq%2FG10Y0NQA626TVyDY%2BP%2F3XjyBiIZIO9%2Bc57qdy%2BzkhU6R0FwqdNnGx2k7lWWKzsEYKwNxujF1Q%2BoxIV%2FOQKYb06SQ3bVJUoRiTIw%2F%2FkSYPtoPgLA7sG0bYYLbGUJGUHaH4MkQgg4RyYcQTCJiuHIDaWf9Cs1oui%2FRiTQmM7%2BvQJT7Pe08viXjPKRp25yfx3JcQSwPIVpDZMUm8t4RiHITUf4Agv1Mjp56a3LngmzfkRBs6%2B3Y9rym63mzcUjZrBdzOku5H896zLHrDa8R%2BY3GHhohhhDxEAnvg%2BpDKLSBQhgo4hkU2Qw6bMv0eDOgTSfyfNf3mOs1G65HLTfw3aYbRnYTRTRJ0Eee9RElfUTqPjJ1H23Rhyp%2BhF6qoJkBnRN0WYWSE5SaoKQEpSAo8wmsap0l2tHVI5boIrSn3Zl2txrIvLVK12Xe4ilZzbbJy3vY%2Ft79B22%2BZbr1KHAdqxk2A6vOfJcHcb3hWLEfB65jOxxaVBB6BlQb6IkxeW3nU2RiTP6XPkBIN6GTTUTiKGjxBmg5qDsW6NLAa1jopU8V1zwLi5TRWih6YLJClh9GfsdYTbbJ63svee%2B7XfBodOb9hWe37%2B4%2BR6QqZKrCbfETQStZGdyUJVm7KUtNvv0oy0VH9GguZHorpzk%2F%2FPVVfqeUil0%2Br%2FtfnY0mwmR8ssB1fo2mTKQtTR7PC8a4uihVxMn3l%2FUiD28Uemm%2BUGmRXbtx7uLlTqa41kKmQ1Dx66UvEIkxOfLZO3sf9s0LOxBqCFVU6BQjMi0IuYkouw%2Bdjc68enf3%2BbFfXkBLApUceMLMQFlUA%2BWEB8tEjMkcXkLCR6d7vXvPgsPvgoYVND%2FAEPLRD3%2Ft%2B1f1ClrKAM0fIu1U6KoK3aQCTfrQxaFBnqnR6d%2FcvUKYGIMwUcZamKjk8328WmyZDufcd5lTj5njONylTr0Ru54bWLHtNWiIXI%2FZsfM7%2FwIAAP%2F%2FAQAA%2F%2F9mUPuttAQAAA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Mar 2023 01:37:44 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
ec448a0117fad544b7a48a9554e2730f
Expires
Thu, 01 Jan 1970 00:00:01 GMT
style.css
cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/css/ 		0
0
sbls
nannyamplify.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nannyamplify.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Fsoftware%2Fflash%2Fmulti%2F3%2Findex.html&l=1635&fd=959.3999996185303
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://juliussdc.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Mar 2023 01:37:45 GMT
Server
nginx/1.17.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
close.svg
cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/img/ Frame F1E1 		0
0
fine.png
cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/img/ Frame F1E1 		0
0
jquery.min.js
cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/js/ Frame F1E1 		0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ 		646 B
852 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=63064&uid=ad43b475-e9d6-4a55-837a-7429b29bef24&kw=download%20install
Requested by
Host: addsdata.com
URL: https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7fac6654903d304df7c2d4450f9208aa420f1dd701e830b30af2247109b42f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://addsdata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
model
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GZUfShgk1RlXXAGXQvXrQBF21uM9DG41s0UKuGIKzx27lwdpuanv5q7NIBpgyCRMR2qoXwjVQzvYEIAJdlell%2BShvx3cKEq94IF5aVHDfNM8BLJ2VLMRKMHMfHiGf%2BCxuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7aec26568a51264b-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conf.json
addsdata.com/hood/YWRkc2RhdGEuY29t/ 		49 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://addsdata.com/hood/YWRkc2RhdGEuY29t/conf.json
Requested by
Host: addsdata.com
URL: https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.157.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 28 Mar 2023 01:30:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64224336-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ti6n9e0z7wq0rgwnJ%2F5z%2BR8BHBcahToJdmqOLce%2F8qZzaIoQPkay1P7Mfosfu32qmagOOnVJliL2XrD9MpdreT4Yj%2FrwGbLi0n5WoM%2FLy%2F7e0In1LLh57vWB9VZq5%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
7aec2656488f80e3-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4545b22974703dd999d61ad2a95cebf468ad64b7cd279a388423bedda4f7458

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		37 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caaca5d2e2eb8aaf90ee4102653a1ddc80f8cda4e549a9c39a3aa255566406bf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
ht.js
sdk.ocmhood.com/sdk/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Requested by
Host: addsdata.com
URL: https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25

Request headers

Referer
https://addsdata.com/
Origin
https://addsdata.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Mon, 13 Feb 2023 09:58:42 GMT
server
cloudflare
etag
W/"63ea09d2-2e94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uOiDAaSp924afDyXDxp34ubeVzsl8ycf%2BAHlyMEbXa%2FafC96kNpNtf1dTgnG9PCMIsgwKP2bcNcYgScAzSZgyszc7tr3xz3bOun2lwcTCRo3%2FDo89UNe8v9hBhQ%2Br5udg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7aec265adc0dafcf-NRT
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a510392bdf2142ea0e978d9140bf505c84fdb218cba6e3ddd8655cb0669b475

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		47 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb7dac580de68954954a6c9b3c01d5ff7458342f424a88a13a17f4bce366ea54

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9057b75c2783111c731c0a790e7480036cfbb23c0e000eb4d0a752daa2f8f8d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b0aaf5cc4a047e3d3f332becd472e939ed62822b8601fff3777516ba09945c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba6f490158ecdcbc9ac8027e641997c112a6a90d3c699179dd22e90a5740c885

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b945fda61995d967f433decb1cfa734e4cc158d9213aa64f7d908557a49253c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
cdn.ocmhood.com/tag/ 		191 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmhood.com/tag/NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://addsdata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1927
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 13 Dec 2022 16:12:04 GMT
server
cloudflare
etag
W/"6398a454-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIES9L287E7DJe1pXSiczBghsUGYHehJvVCU10EVO6ClykPsm00wO5rRiHLkGzmxWCeRZdS6EVV7fLxqIDUbFgsMQv%2B%2BpUKiPGcXivimZQ0pEHE%2F5sx%2F5C3StFcQjL5UoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
7aec265d2f75af66-NRT
truncated
/ 		40 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2126d7f683403fd8d38d5ee06505f3d848b5fa5104db46ddba075c0f5f95bfa

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b625e4fc7c26e9fe827c4403bbbbca9769e168003653f31b90ebe129cdc158a0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
activity
t.ocmhood.com/v2/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://addsdata.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Mar 2023 01:37:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1SkvqEqRenCixNGTzGIwjfI4Kl5m1%2BXQgxPa0MU278Ouo4WOCQC%2BF2ZcRuO1MUnDcxfefKMAKXw%2F0vTG%2BGePTVN6EpgVJ7aYgvATxZkmeMuptfVZU%2F4XjRIAIiMwWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7aec265d6fa7af66-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
287 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://addsdata.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 28 Mar 2023 01:37:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbKbNXtnawk%2FYeqfch0N2NxHas5siiI3os%2BtPk7%2B1yVtGCO81aVZqdltIvkgDWgcI3PEIlrY5a49kxHdwADgOZGdloPYhOOaH4R%2FPT3eqk1GN441xAjmUXqZw6wIszc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7aec265d6fa8af66-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imp
t.cn-rtb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.cn-rtb.com/imp?l2=qRlwPB0Q6AN-dQWv54cPf6-R6dYRbfRyFognI1LXzvbvljW2ndGyg9F2v1qWtvTJyeo9T_R9O_ZsocEIYPSE0Y90SP2Q4h5iLXCBfOaWzP1FMkTveVn0dscURoYSrvOR8L5rt3xFcp83w_nRwbrATfInSEliG-4yvAwL2WooikqRYTKiY0xAVqsxZFWfQ0bp
Requested by
Host: addsdata.com
URL: https://addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4/?cid=642244e81551be0001fcf4a1&sid=16512921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://addsdata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 01:37:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvyyVduGuzPXqD1BPjgax6gUrVxRlMe7OpmZud8OIpwvJKgKD0i3Z3FwuVr9DiqJu7P5mqOnIG6DgSW2gq3JHnH7Kz50C97Q9lp%2Ffj9a8pav%2F3mh%2FrWRP6X8C43v9qw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7aec265d8f8c264b-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yourgoads.com
URL
https://yourgoads.com/M77XuEMOOCFBbE18ZiZV98EmrXRr6JDqRpqq7wpH7hY/?clck=2063a3f9aae2bacee22f6cc4640c78b2&sid=16515848
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/css/style.css
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/img/close.svg
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/img/fine.png
Domain
cdn.creative-bars1.com
URL
https://cdn.creative-bars1.com/sb/interstitial/software/flash/multi/3/js/jquery.min.js

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| qs string| lwp function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block function| Hood function| NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl

33 Cookies

Domain/Path Name / Value
addsdata.com/5JnkOOKKp-cUqEqo1aP0zbQsr794ckLjbONyiX0GEk4 Name: session
Value: ZIUN9GdwW29gphh4yE-OSIFsj6iTqW9R
simplewebanalysis.com/ Name: uid_id2
Value: 73d180b0-54cc-4aed-a2ac-320bfc1380db:3:1
juliussdc.blogspot.com/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 73d180b0-54cc-4aed-a2ac-320bfc1380db%3A3%3A1
juliussdc.blogspot.com/ Name: sb_main_37c63209b9607d53e6f7820f5f63212e
Value: 1
juliussdc.blogspot.com/ Name: sb_count_37c63209b9607d53e6f7820f5f63212e
Value: 1
perspectiveunderstandingslammed.com/ Name: u_pl
Value: 16512921
perspectiveunderstandingslammed.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjUxMjkyMSwiayI6ImZjNDk5ZDA1ZTFkY2ZhOGUxNmEwNTE2N2U5ODEzMzk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjMyMzk1LCJwaWQiOjM1NTk3MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJkdmk3d3hwbiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoxNzYxNTQwMjgsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjQxMzgsImJuIjoiQ2hyb21lIiwiYnYiOiIxMTEiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxMTEsImMiOiJKUCIsIm4iOiJKYXBhbiJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IlNvZnRiYW5rIEJCIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qdWxpdXNzZGMuYmxvZ3Nwb3QuY29tLyJ9fQ.39SAG5kWuYl11yYh_G6g-lCfjf0AvWhPXXO96MiGpr4
partpedestal.com/ Name: u_pl
Value: 16515848
partpedestal.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjUxNTg0OCwiayI6ImUxOTFjZDMyM2RkZTE5YmY2OGNjNWU0MWMyNDlhM2UzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjMyMzk1LCJwaWQiOjM1NTk3MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoic2FucWJrdGsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc2MTU0MDI4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTI0MTM4LCJibiI6IkNocm9tZSIsImJ2IjoiMTExIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTExLCJjIjoiSlAiLCJuIjoiSmFwYW4ifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJTb2Z0YmFuayBCQiJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanVsaXVzc2RjLmJsb2dzcG90LmNvbS8ifX0.ZuGeXdh98JPBlSfPWUjGI_FGKpcoNrtkM7CUA1_1ZVQ
partpedestal.com/ Name: uid_id2
Value: e97b6f84-0916-44d2-94ba-d413ff3ba416:3:1
partpedestal.com/ Name: iprc1076f81cf0a9dc63ef4c2bab247064bf
Value: 4091997
partpedestal.com/ Name: pdhtkv
Value: true
partpedestal.com/ Name: uncs
Value: 1
partpedestal.com/ Name: pdhtkv32
Value: true
partpedestal.com/ Name: uncs32
Value: 1
perspectiveunderstandingslammed.com/ Name: uid_id2
Value: 73d180b0-54cc-4aed-a2ac-320bfc1380db:3:1
perspectiveunderstandingslammed.com/ Name: iprcec18d1ea7b82a0a2b7819763cf5404d2
Value: 4092014
perspectiveunderstandingslammed.com/ Name: pdhtkv
Value: true
perspectiveunderstandingslammed.com/ Name: uncs
Value: 1
perspectiveunderstandingslammed.com/ Name: pdhtkv5
Value: true
perspectiveunderstandingslammed.com/ Name: uncs5
Value: 1
nannyamplify.com/ Name: u_pl
Value: 16513532
nannyamplify.com/ Name: uid_id2
Value: f1449344-fbad-4fea-ae5f-4d217848c588:3:1
nannyamplify.com/ Name: pdhtkv
Value: true
nannyamplify.com/ Name: uncs
Value: 1
nannyamplify.com/ Name: pdhtkv29
Value: true
nannyamplify.com/ Name: uncs29
Value: 1
nannyamplify.com/ Name: slec37c63209b9607d53e6f7820f5f63212e
Value: [3978745]
juliussdc.blogspot.com/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: nannyamplify.com
offer.advotionhot.com/ Name: afclick
Value: 642244e81551be0001fcf4a1
offer.advotionhot.com/ Name: afoffers
Value: {"3604":1679967464}
.addsdata.com/ Name: _ht_v
Value: 1679967467.8099604123
.addsdata.com/ Name: _ht_s
Value: 1679967467.2

13 Console Messages

Source Level URL
Text
javascript warning URL: https://juliussdc.blogspot.com/(Line 2513)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedformats.com/fc499d05e1dcfa8e16a05167e9813399/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://juliussdc.blogspot.com/(Line 2513)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pl16614031.effectivecpmgate.com/37/c6/32/37c63209b9607d53e6f7820f5f63212e.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://juliussdc.blogspot.com/(Line 2513)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.blogger.com/static/v1/widgets/229717095-widgets.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://juliussdc.blogspot.com/(Line 2513)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedformats.com/fc499d05e1dcfa8e16a05167e9813399/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://juliussdc.blogspot.com/none
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-mm2wLO9iErqWFCNgQ92dF1DYQnYf3Pc8kXcrO_jXUef1v0Xl-puevGmo6waEp_mU1kWSM5cmqpYGeBf5Elab1XPzMoP4boDFzYmtKNwlvjN0A7DyyKL1-KZ6ClK5V5D6zB8uq796bLgaPDNlg9vSC8sK3SZw9Y2G0=w128-h128-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-mhdd09OnZhRjNGcAu7GqW_SatWDloc-jV3yatdlD1qt_SbWHIFmz8mYDGZ8RUSKE0SfCzrQvG-dZsBiIiuIZo1aOU9iUUVpKS5ANrVThDJTv0On_SRffEY_Cn63WbLCUjhc4E-z90C7OUGabg0aw=w128-h128-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-kSxNEbkjFF5P7WwH4lBUEAKf1RGYveRCIdgxf8xknOjrN1ap3t2ZXLwn03RTfA9MIJlmhz_VkyLVZJcdqpNBRb1LAEJ4rYhZGQ4jnW4nn7XxMmgosl52QkmkA=w128-h128-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-nU2TT35Z27LFTo3vyiMyEGlJsux4mzujX47rIVeMiXMiz9x0UXk2tW-85ENY37M39Jq4OfOfvM7GDAu7YmnklQaoGqsDaY5XqdtMpSik2yPS4m5KB3zo5ZzGeZgY910NOK=w128-h128-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-l5sFIkTQYdHfiDlI02zeP4ML7t6RADo4aISpRZQwQum3rT__mdlhHO1dai8086Sgyc9rtqf6qSjLE0mu2ErS0whMkulv9DULh2P8U370onHjgxmVYDvhCpMf_UBMXL327nn0y6GkmV9IKkQRM9E-_RgH-jG2b6jJ3COcHx1x6kAGJ9QlGpgwV9FVeMz_ogLnQLt3o_5JTwJJVdC9fPbWtUqowfgz7Y_dAO_7-WsM0xIyPJ5QoGaGo6HftqxNJ81N408XZ_vdLH=w128-h128-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lh3-testonly.googleusercontent.com/blogger_img_proxy/AHs97-k5yjUNb0eSdd27wWQ0craBIxcOGYjn31w_3UkK9lhcvBdiShWO0mXHLiZQV00sEHH7R5KpleKd4jh_4xq_iSpRyoOCQ2exSw87SyWXEbgvSdCLWPHZJCzetY7eSN1tHbALCskU4Pvvl7YBTYu1lTPE9A=w945-h600-p-k-no-nu
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://juliussdc.blogspot.com/(Line 2526)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedformats.com/e191cd323dde19bf68cc5e41c249a3e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://juliussdc.blogspot.com/(Line 2526)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.highperformancedformats.com/e191cd323dde19bf68cc5e41c249a3e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsdata.com
cdn.creative-bars1.com
cdn.ocmhood.com
cdn.yourwebbars.com
feed.cn-rtb.com
fonts.gstatic.com
friendshipmale.com
juliussdc.blogspot.com
lh3-testonly.googleusercontent.com
lh5.googleusercontent.com
nannyamplify.com
offer.advotionhot.com
partpedestal.com
perspectiveunderstandingslammed.com
pl16614031.effectivecpmgate.com
resources.blogblog.com
sdk.ocmhood.com
simplewebanalysis.com
t.cn-rtb.com
t.ocmhood.com
unseenreport.com
www.blogger.com
www.gstatic.com
www.highperformancedformats.com
yourgoads.com
cdn.creative-bars1.com
yourgoads.com
104.21.234.92
104.26.6.19
104.26.7.228
13.213.245.92
142.250.207.33
142.250.207.35
142.251.42.129
142.251.42.163
142.251.42.169
172.67.157.209
172.67.197.244
172.67.72.9
173.233.137.44
192.243.59.12
192.243.59.13
192.243.61.225
192.243.61.227
34.91.234.242
14d5be72534b03424e1e4055e7ece737fcc562f1ab223e013376e1e1bb781def
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
2775d29dec9e95479c3bb07d9538d8d7ac01d2bac385976ac074257d7e03ebb2
27ed38d0b0a6d9603babc4b817767e9cf81e5b8691599b51ab05f43ff1b621e5
2a510392bdf2142ea0e978d9140bf505c84fdb218cba6e3ddd8655cb0669b475
2b945fda61995d967f433decb1cfa734e4cc158d9213aa64f7d908557a49253c
40572dc2ae5ffb67c1bb9465c36cbb06edf4a6e63467d55ac1ef14fd991805af
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036
63b0aaf5cc4a047e3d3f332becd472e939ed62822b8601fff3777516ba09945c
6ebdd63c2e7520555d19f7d520e1c7b4de2c3f4c9a07b209a064cc4f804c29ce
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
7b9670de43fb781389d9889326b6b54f6cf85694fe3de7d3abc1a6321c737620
8195c47cbda05c80e86a1f3782bde64041e2971b8d7d5664b58eb49a92b08581
853b280f9eca457e5177a3d58bc2170904160c1fa2b7033c5ac867abf78e2a70
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
a8083517cb5819a33918905fc812636d3152fb0d4066ebd14b2fe60443a50fff
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f
b4545b22974703dd999d61ad2a95cebf468ad64b7cd279a388423bedda4f7458
b625e4fc7c26e9fe827c4403bbbbca9769e168003653f31b90ebe129cdc158a0
b9a3bf05ab5ec41ec1f47f775afe1cc7e79ec4f30ef54da60f96309def919487
ba6f490158ecdcbc9ac8027e641997c112a6a90d3c699179dd22e90a5740c885
c9057b75c2783111c731c0a790e7480036cfbb23c0e000eb4d0a752daa2f8f8d
caaca5d2e2eb8aaf90ee4102653a1ddc80f8cda4e549a9c39a3aa255566406bf
cb7dac580de68954954a6c9b3c01d5ff7458342f424a88a13a17f4bce366ea54
cd7fac6654903d304df7c2d4450f9208aa420f1dd701e830b30af2247109b42f
d2126d7f683403fd8d38d5ee06505f3d848b5fa5104db46ddba075c0f5f95bfa
d73b04132723ac8d4585f5ee6c7ffa1b6715f5bd6c04f21a8ffa47abe5327cbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
f43b33be8ed07cd9d4b8d784a0cb1befc34a806a5c7f8dc57cd85c1016201668
f43f81747262f5408cd3e0bd9030b624e47b32b05c4edae64087c60051024fe5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615