urlscan.io logo urlscan.io
SecurityTrails logo

bestvalues.blog.2nt.com Open in urlscan Pro
204.52.242.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bestvalues.blog.2nt.com/
Effective URL: https://bestvalues.blog.2nt.com/
Submission: On October 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 26 HTTP transactions. The main IP is 204.52.242.23, located in United States and belongs to SERVERS-COM, US. The main domain is bestvalues.blog.2nt.com.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.
This is the only time bestvalues.blog.2nt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 204.52.242.23 7979 (SERVERS-COM)
1 204.52.242.25 7979 (SERVERS-COM)
1 140.174.2.195 30212 (HYPERMEDI...)
1 204.52.242.26 7979 (SERVERS-COM)
4 2606:2800:234... 15133 (EDGECAST)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 133.242.86.196 7684 (SAKURA-A ...)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.168.184.212 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 104.244.42.8 13414 (TWITTER)
26 15
2    204.52.242.23 (United States)

ASN7979 (SERVERS-COM, US)
bestvalues.blog.2nt.com
1    204.52.242.25 (United States)

ASN7979 (SERVERS-COM, US)
blog-imgs-145-origin.2nt.com
1    140.174.2.195 (United States)

ASN30212 (HYPERMEDIA-SYSTEMS, US)
affiliate.dtiserv.com
1    204.52.242.26 (United States)

ASN7979 (SERVERS-COM, US)
blog-imgs-103-origin.2nt.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2400:52e0:1e00::864:1 (Germany)

ASN200325 (BUNNYCDN, SI)
js.octopuspop.com
2    133.242.86.196 (Tokyo, Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
rranking9.ziyu.net
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.168.184.212 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-184-212.ap-northeast-1.compute.amazonaws.com
ap.octopuspop.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
148 KB
4 2nt.com
bestvalues.blog.2nt.com
blog-imgs-145-origin.2nt.com
blog-imgs-103-origin.2nt.com
108 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
3 octopuspop.com
js.octopuspop.com — Cisco Umbrella Rank: 413527
ap.octopuspop.com — Cisco Umbrella Rank: 258177
4 KB
2 ziyu.net
rranking9.ziyu.net
857 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
79 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
7 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
2 KB
1 dtiserv.com
affiliate.dtiserv.com — Cisco Umbrella Rank: 364415
53 KB
0 fc2.com Failed
counter1.fc2.com Failed
0 adnico.jp Failed
js.adnico.jp Failed
0 garss.tv Failed
garss.tv Failed
0 amazonaws.com Failed
jspop.s3-website-ap-northeast-1.amazonaws.com Failed
26 13
Domain Requested by
4 platform.twitter.com bestvalues.blog.2nt.com
platform.twitter.com
2 syndication.twitter.com platform.twitter.com
2 ap.octopuspop.com js.octopuspop.com
2 www.google-analytics.com bestvalues.blog.2nt.com
www.google-analytics.com
2 rranking9.ziyu.net bestvalues.blog.2nt.com
2 bestvalues.blog.2nt.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 cdnjs.cloudflare.com js.octopuspop.com
1 www.facebook.com bestvalues.blog.2nt.com
1 js.octopuspop.com bestvalues.blog.2nt.com
1 blog-imgs-103-origin.2nt.com bestvalues.blog.2nt.com
1 affiliate.dtiserv.com bestvalues.blog.2nt.com
1 blog-imgs-145-origin.2nt.com
0 counter1.fc2.com Failed bestvalues.blog.2nt.com
0 js.adnico.jp Failed bestvalues.blog.2nt.com
0 garss.tv Failed bestvalues.blog.2nt.com
0 jspop.s3-website-ap-northeast-1.amazonaws.com Failed bestvalues.blog.2nt.com
26 18
Subject Issuer Validity Valid
*.blog.2nt.com
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh
*.2nt.com
RapidSSL TLS RSA CA G1		 2023-07-11 -
2024-08-10		 a year crt.sh
affiliate.dtiserv.com
R3		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.octopuspop.com
GoGetSSL RSA DV CA		 2023-04-14 -
2024-05-14		 a year crt.sh
*.ziyu.net
R3		 2023-09-04 -
2023-12-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 4 frames:

Primary Page: https://bestvalues.blog.2nt.com/
Frame ID: F072CCA8F0A9532E4D3EE1D3BA642FC3
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fbestvalues.blog.2nt.com%2Fblog-entry-4458.html&layout=button_count&width=105&share=0&action=like&height=21&locale=ja_JP&appId=
Frame ID: CBA557D80CF2222B6298EE386D2E13E7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fbestvalues.blog.2nt.com
Frame ID: 9C9E7E7955393EB7B10DFB21D7ED33AA
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Frame ID: 85B4E998E5CC8F07297C0CEE333DB737
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

|お宝アイドルエロ画像動画ニュース

Page URL History Show full URLs

  1. http://bestvalues.blog.2nt.com/ HTTP 302
    https://bestvalues.blog.2nt.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

26
Requests

81 %
HTTPS

50 %
IPv6

13
Domains

18
Subdomains

15
IPs

3
Countries

423 kB
Transfer

1018 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bestvalues.blog.2nt.com/ HTTP 302
    https://bestvalues.blog.2nt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bestvalues.blog.2nt.com/
Redirect Chain
  • http://bestvalues.blog.2nt.com/
  • https://bestvalues.blog.2nt.com/
126 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestvalues.blog.2nt.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.52.242.23 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
c9431daca863a17a7c3a343bfa49b50fdce09f08fa5074175595b49807ead2df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
18731
content-type
text/html;charset=utf-8
date
Sat, 14 Oct 2023 16:47:41 GMT
link
<https://blog-imgs-145-origin.2nt.com/b/e/s/bestvalues/css/04656.css>; rel=preload; as=style
server
openresty/1.19.3.1
vary
User-Agent,Accept-Encoding
x-cache-app-html
1
x-whom
f1010

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 14 Oct 2023 16:47:41 GMT
Location
https://bestvalues.blog.2nt.com/
Server
openresty/1.19.3.1
X-Whom
f1009
04656.css
blog-imgs-145-origin.2nt.com/b/e/s/bestvalues/css/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog-imgs-145-origin.2nt.com/b/e/s/bestvalues/css/04656.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.52.242.25 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f393445e4e112f3dc5bbc8e913f406aca7bb1257a9dc288b68ece0d0e3b1fc67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:49:54 GMT
Last-Modified
Mon, 21 Jun 2021 15:04:23 GMT
Server
nginx
ETag
"60d0aa77-4d55"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19797
Expires
Mon, 13 Nov 2023 16:52:25 GMT
06-700-01.jpg
affiliate.dtiserv.com/image/carib/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affiliate.dtiserv.com/image/carib/06-700-01.jpg
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
140.174.2.195 , United States, ASN30212 (HYPERMEDIA-SYSTEMS, US),
Reverse DNS
Software
/
Resource Hash
0d5d7e01b14a23305299094d8720281b03a84820bcf4d2968d51cd99ed8cb09e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:52:25 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 29 May 2020 14:58:04 GMT
ETag
"5ed122fc-d445"
Content-Type
image/jpeg
X-Sh
105
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54341
X-Requested-Domain
affiliate.dtiserv.com
________________thumb_20180415171518.jpg
blog-imgs-103-origin.2nt.com/b/e/s/bestvalues/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog-imgs-103-origin.2nt.com/b/e/s/bestvalues/________________thumb_20180415171518.jpg
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.52.242.26 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
cdea5b6f9d4c39b63c49e61e75d565ac8c71d378e8089ccd872e1b87d6bad5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:50:28 GMT
Last-Modified
Sun, 15 Apr 2018 08:15:18 GMT
Server
nginx
ETag
"5ad30a16-112f2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70386
Expires
Mon, 13 Nov 2023 16:52:25 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:52:26 GMT
Content-Encoding
gzip
Age
1180
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (frb/668C)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
pu.js
js.octopuspop.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.octopuspop.com/pu.js
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
8d6facdcce5f8f59212fe9655332eef27a0c2504e2df54e7e2c8af0cd8c91e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:52:25 GMT
content-encoding
br
cdn-edgestorageid
1077
x-amz-request-id
N6AVZS167NZ7YJNT
cdn-cachedat
09/29/2023 11:09:03
cdn-pullzone
96923
x-amz-id-2
Ghez3f8RkN1kNCt9k6v3SyA/t2+eoT7cRFxKN32vEE1Kc1jyRMZFl92vQT2sNLASat9ZB9RtLJ4=
last-modified
Fri, 29 Sep 2023 10:58:55 GMT
server
BunnyCDN-DE1-864
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"25f34eb008a09502ae224fb386031537"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
992570b6-4484-4f25-abcf-0615ee0f47cb
cache-control
public, max-age=2592000
cdn-requestid
bd056e4b6fcee3c619dd62c5451388d0
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
rank.php
rranking9.ziyu.net/ 		386 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rranking9.ziyu.net/rank.php?best
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.242.86.196 Tokyo, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bbaba25191488b3f2af4c78e0083084e9e750f6fee8d6a3612619c57a07339a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:52:28 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
rranking.gif
rranking9.ziyu.net/ 		140 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rranking9.ziyu.net/rranking.gif
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.242.86.196 Tokyo, Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
72e11d9423ef0915ff134f1f59f7aadabfc5214d52a817ff8a5f5e036fb05bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:52:28 GMT
Last-Modified
Tue, 08 Jun 2010 17:02:10 GMT
Server
nginx
ETag
"4c0e7792-8c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140
pu3.1.js
jspop.s3-website-ap-northeast-1.amazonaws.com/ 		0
0
1121856218besttrust.js
garss.tv/user/1121856218/ 		0
0
a1071443.js
js.adnico.jp/t/071/443/ 		0
0
a1071444.js
js.adnico.jp/t/071/444/ 		0
0
like.php
www.facebook.com/plugins/ Frame CBA5 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fbestvalues.blog.2nt.com%2Fblog-entry-4458.html&layout=button_count&width=105&share=0&action=like&height=21&locale=ja_JP&appId=
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bestvalues.blog.2nt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 14 Oct 2023 16:52:26 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
pQAvak9ZUT2OcBK4BqXhtA9NkRRApBUpkVJwnSr3LJo183BAvvZwboaRaMO9OfyNazGULlHnMqoAGqkWFhfNiQ==
x-xss-protection
0
counter.php
counter1.fc2.com/ 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bestvalues.blog.2nt.com
URL: https://bestvalues.blog.2nt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 14 Oct 2023 15:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3764
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 14 Oct 2023 17:49:42 GMT
sizzle.min.js
cdnjs.cloudflare.com/ajax/libs/sizzle/2.1.1/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.1.1/sizzle.min.js
Requested by
Host: js.octopuspop.com
URL: https://js.octopuspop.com/pu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d9690b562a16272c6a1a45081af0d4f6a180e899447976c485a0468d261ab3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
23130749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6404
last-modified
Mon, 04 May 2020 16:16:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd4-48a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPdnoVGZUAkkTlKjh5bS6OXHtkqKACtg0PrHQhGPXKRfrd%2F30R0e6ZkHgCMbeqf7tDGJHAQT6ZCkBeDINFt53z2sJLwkeeyVGW0LdroSPlAQVfCjd6feuOpfPXxRgMS%2B8EmCfBg0NOR7mVpSjr%2FvOabx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8161552f58929241-FRA
expires
Thu, 03 Oct 2024 16:52:26 GMT
collect
www.google-analytics.com/j/ 		15 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=984472938&t=pageview&_s=1&dl=https%3A%2F%2Fbestvalues.blog.2nt.com%2F&ul=en-us&de=UTF-8&dt=%EF%BD%9C%E3%81%8A%E5%AE%9D%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%A8%E3%83%AD%E7%94%BB%E5%83%8F%E5%8B%95%E7%94%BB%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=276336773&gjid=442810977&cid=1764164511.1697302346&tid=UA-38745456-2&_gid=1722918892.1697302346&_r=1&_slc=1&z=197174311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
934ab491a84dd63f558a4ebc5bc8fb5faeb05d8d4f61c482dc0846bcb4279122
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bestvalues.blog.2nt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 16:52:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bestvalues.blog.2nt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BXD14GJELQ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29ea419f0db2302c69666918c11765a00260f37c1a823cf2806d543b50515a0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:52:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80477
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 14 Oct 2023 16:52:27 GMT
/
ap.octopuspop.com/deliver/ 		0
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.octopuspop.com/deliver/?_spot=17730&_iphone_type=&_ver=1697302346359
Requested by
Host: js.octopuspop.com
URL: https://js.octopuspop.com/pu.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.184.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-184-212.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestvalues.blog.2nt.com/
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 14 Oct 2023 16:52:29 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://bestvalues.blog.2nt.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization, Cookie, Content-Type, Origin, User-Agent, Cache-Control, Keep-Alive, X-Requested-With, Accept, Accept-Encoding, Accept-Language, Connection, Content-Length, Host, Referer, Pragma
Content-Length
20
Access-Control-Allow-Method
GET, POST, OPTIONS
/
ap.octopuspop.com/deliver/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ap.octopuspop.com/deliver/?_spot=17730&_iphone_type=&_ver=1697302346359
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.184.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-184-212.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://bestvalues.blog.2nt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Cookie, Content-Type, Origin, User-Agent, Cache-Control, Keep-Alive, X-Requested-With, Accept, Accept-Encoding, Accept-Language, Connection, Content-Length, Host, Referer, Pragma
Access-Control-Allow-Method
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://bestvalues.blog.2nt.com
Connection
keep-alive
Date
Sat, 14 Oct 2023 16:52:28 GMT
Server
nginx
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BXD14GJELQ&gtm=45je3ab0&_p=984472938&ul=en-us&sr=1600x1200&cid=1764164511.1697302346&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbestvalues.blog.2nt.com%2F&dt=%EF%BD%9C%E3%81%8A%E5%AE%9D%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%A8%E3%83%AD%E7%94%BB%E5%83%8F%E5%8B%95%E7%94%BB%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&sid=1697302347&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BXD14GJELQ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 14 Oct 2023 16:52:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bestvalues.blog.2nt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 9C9E 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fbestvalues.blog.2nt.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://bestvalues.blog.2nt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
418791
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 16:52:28 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 9C9E 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=92ab050cd6328bd885b20ee4d4be8706921b2ee0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fbestvalues.blog.2nt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
115
date
Sat, 14 Oct 2023 16:52:27 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sat, 14 Oct 2023 16:52:28 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
3fa87f3c0a288088
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
8b4b4978066408b4b93305d52dc5ede664db477e318553c4c1eaef26711c4965
content-length
337
button.13c48d2966337fafa1c1eb5533fdf29d.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 16:52:28 GMT
Content-Encoding
gzip
Age
418796
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2617
Last-Modified
Mon, 09 Oct 2023 20:29:15 GMT
Server
ECS (frb/668C)
Etag
"def6f3052007521ae22a38b870dfd318+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
platform.twitter.com/widgets/ Frame 85B4 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
ae1ca63f024eec5f97696a1d88f0f5d4e3c653b33dda58214dce1bbf74ea9ce0

Request headers

Referer
https://bestvalues.blog.2nt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
418664
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13012
Content-Type
text/html; charset=utf-8
Date
Sat, 14 Oct 2023 16:52:28 GMT
Etag
"0ce4845049413d187740302c44ab72f4+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668C)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fbestvalues.blog.2nt.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697302348807%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=92ab050cd6328bd885b20ee4d4be8706921b2ee0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bestvalues.blog.2nt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
104
date
Sat, 14 Oct 2023 16:52:27 GMT
strict-transport-security
max-age=631138519
last-modified
Sat, 14 Oct 2023 16:52:28 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
83edef1e79b5004a
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
8b4b4978066408b4b93305d52dc5ede664db477e318553c4c1eaef26711c4965
content-length
43
truncated
/ Frame 85B4 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jspop.s3-website-ap-northeast-1.amazonaws.com
URL
http://jspop.s3-website-ap-northeast-1.amazonaws.com/pu3.1.js
Domain
garss.tv
URL
http://garss.tv/user/1121856218/1121856218besttrust.js
Domain
js.adnico.jp
URL
http://js.adnico.jp/t/071/443/a1071443.js
Domain
js.adnico.jp
URL
http://js.adnico.jp/t/071/444/a1071444.js
Domain
counter1.fc2.com
URL
http://counter1.fc2.com/counter.php?id=21923103&main=1

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| jumpmenu object| __gnsj object| __twttrll object| twttr object| __twttr string| GoogleAnalyticsObject function| ga string| domain object| script object| dbgr object| xhr function| pu function| Sizzle number| load object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager number| acrrf string| acr_rfd

6 Cookies

Domain/Path Name / Value
.2nt.com/ Name: bloguid
Value: 081f5759-cada-4891-a78f-35be6ce7ce01
bestvalues.blog.2nt.com/ Name: cookietest
Value: test
.2nt.com/ Name: _ga
Value: GA1.2.1764164511.1697302346
.2nt.com/ Name: _gid
Value: GA1.2.1722918892.1697302346
.2nt.com/ Name: _gat
Value: 1
.2nt.com/ Name: _ga_BXD14GJELQ
Value: GS1.2.1697302347.1.0.1697302347.0.0.0

6 Console Messages

Source Level URL
Text
security error URL: https://bestvalues.blog.2nt.com/
Message:
Mixed Content: The page at 'https://bestvalues.blog.2nt.com/' was loaded over HTTPS, but requested an insecure script 'http://jspop.s3-website-ap-northeast-1.amazonaws.com/pu3.1.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://bestvalues.blog.2nt.com/
Message:
Mixed Content: The page at 'https://bestvalues.blog.2nt.com/' was loaded over HTTPS, but requested an insecure script 'http://garss.tv/user/1121856218/1121856218besttrust.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://bestvalues.blog.2nt.com/
Message:
Mixed Content: The page at 'https://bestvalues.blog.2nt.com/' was loaded over HTTPS, but requested an insecure script 'http://js.adnico.jp/t/071/443/a1071443.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://bestvalues.blog.2nt.com/
Message:
Mixed Content: The page at 'https://bestvalues.blog.2nt.com/' was loaded over HTTPS, but requested an insecure script 'http://js.adnico.jp/t/071/444/a1071444.js'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://bestvalues.blog.2nt.com/(Line 249)
Message:
Unrecognized feature: 'web-share'.
security error URL: https://bestvalues.blog.2nt.com/
Message:
Mixed Content: The page at 'https://bestvalues.blog.2nt.com/' was loaded over HTTPS, but requested an insecure script 'http://counter1.fc2.com/counter.php?id=21923103&main=1'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.dtiserv.com
ap.octopuspop.com
bestvalues.blog.2nt.com
blog-imgs-103-origin.2nt.com
blog-imgs-145-origin.2nt.com
cdnjs.cloudflare.com
counter1.fc2.com
garss.tv
js.adnico.jp
js.octopuspop.com
jspop.s3-website-ap-northeast-1.amazonaws.com
platform.twitter.com
region1.google-analytics.com
rranking9.ziyu.net
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
counter1.fc2.com
garss.tv
js.adnico.jp
jspop.s3-website-ap-northeast-1.amazonaws.com
104.244.42.8
133.242.86.196
140.174.2.195
2001:4860:4802:34::36
204.52.242.23
204.52.242.25
204.52.242.26
2400:52e0:1e00::864:1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:180e
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a03:2880:f177:185:face:b00c:0:25de
54.168.184.212
0d5d7e01b14a23305299094d8720281b03a84820bcf4d2968d51cd99ed8cb09e
29ea419f0db2302c69666918c11765a00260f37c1a823cf2806d543b50515a0f
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
72e11d9423ef0915ff134f1f59f7aadabfc5214d52a817ff8a5f5e036fb05bac
8d6facdcce5f8f59212fe9655332eef27a0c2504e2df54e7e2c8af0cd8c91e2d
934ab491a84dd63f558a4ebc5bc8fb5faeb05d8d4f61c482dc0846bcb4279122
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae1ca63f024eec5f97696a1d88f0f5d4e3c653b33dda58214dce1bbf74ea9ce0
bbaba25191488b3f2af4c78e0083084e9e750f6fee8d6a3612619c57a07339a7
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c9431daca863a17a7c3a343bfa49b50fdce09f08fa5074175595b49807ead2df
cdea5b6f9d4c39b63c49e61e75d565ac8c71d378e8089ccd872e1b87d6bad5a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f393445e4e112f3dc5bbc8e913f406aca7bb1257a9dc288b68ece0d0e3b1fc67
f4d9690b562a16272c6a1a45081af0d4f6a180e899447976c485a0468d261ab3
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca