www.calindachan.gq Open in urlscan Pro
2a00:1450:4001:82f::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://calindachan.gq/
Effective URL:
https://www.calindachan.gq/
Submission: On June 24 via automatic, source rescanner (June 24th 2021, 3:57:03 pm UTC)

Summary HTTP 174 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 52 IPs in 8 countries across 42 domains to perform 174 HTTP transactions. The main IP is 2a00:1450:4001:82f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.calindachan.gq.
TLS certificate: Issued by GTS CA 1D4 on June 23rd 2021. Valid for: 3 months.

This is the only time www.calindachan.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
11	13.225.87.69 13.225.87.69	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	104.22.52.65 104.22.52.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.201.90.210 35.201.90.210	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
8	2600:9000:21f... 2600:9000:21f3:4600:13:78a7:5e80:21	16509 (AMAZON-02) (AMAZON-02)
1 1	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 1	92.223.27.99 92.223.27.99	199524 (GCORE) (GCORE)
1	92.223.20.123 92.223.20.123	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eb71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
14	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
2 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	92.223.21.23 92.223.21.23	199524 (GCORE) (GCORE)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
2	3.248.13.47 3.248.13.47	16509 (AMAZON-02) (AMAZON-02)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:598:a::7... 2a02:598:a::79:33	43037 (SEZNAM-) (SEZNAM-)
2 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a02:598:2::60 2a02:598:2::60	43037 (SEZNAM-) (SEZNAM-)
6	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	188.42.224.33 188.42.224.33	35415 (WEBZILLA) (WEBZILLA)
174	52

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

calindachan.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.calindachan.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.225.87.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-69.fra2.r.cloudfront.net

js1.bloggerads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.90.210 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 210.90.201.35.bc.googleusercontent.com

www.dexpredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

civadsoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21f3:4600:13:78a7:5e80:21 (United States)

ASN16509 (AMAZON-02, US)

d1ypub5wfz82gq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.96.200.41 (United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.27.99 (Luxembourg, Luxembourg) 1 redirects

ASN199524 (GCORE, LU)

rdr.wargaming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.20.123 (Luxembourg, Luxembourg)

ASN199524 (GCORE, LU)
PTR: ed-sl-a123.fe.core.pw

worldoftanks.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb71 (United States)

ASN13335 (CLOUDFLARENET, US)

crrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn-wglc.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2wotcom.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

10697551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.21.23 (Luxembourg, Luxembourg)

ASN199524 (GCORE, LU)
PTR: ed-v-platform-edcrowd-2-vip-2101-fe.fe.core.pw

tenor.wargaming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.13.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-13-47.eu-west-1.compute.amazonaws.com

u360.d-bi.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:598:a::79:33 (Czech Republic)

ASN43037 (SEZNAM-, CZ)

c.imedia.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.242 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:598:2::60 (Czech Republic)

ASN43037 (SEZNAM-, CZ)

c.seznam.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.210.196.208 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.224.33 (Luxembourg)

ASN35415 (WEBZILLA, NL)

eergithi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	blogspot.com 1.bp.blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com	509 KB
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com	187 KB
14	gcdn.co cdn-wglc.gcdn.co cdn2wotcom.gcdn.co	7 MB
12	google.com apis.google.com adservice.google.com www.google.com	160 KB
11	bloggerads.net js1.bloggerads.net	15 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net 10697551.fls.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net	144 KB
8	cloudfront.net d1ypub5wfz82gq.cloudfront.net	436 KB
8	blogger.com www.blogger.com	571 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
7	aralego.com 1 redirects agent.aralego.com sync.aralego.com ads.aralego.com	5 KB
6	yandex.com 2 redirects mc.yandex.com	4 KB
6	facebook.com www.facebook.com	441 B
6	facebook.net connect.facebook.net	253 KB
6	blogblog.com resources.blogblog.com	2 KB
5	dexpredict.com www.dexpredict.com	9 KB
4	mail.ru top-fwz1.mail.ru	12 KB
3	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	1 KB
3	bing.com bat.bing.com	9 KB
3	aralego.net cdn.aralego.net	41 KB
3	calindachan.gq 1 redirects calindachan.gq www.calindachan.gq	45 KB
2	t.co t.co	573 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	d-bi.fr u360.d-bi.fr	5 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	2 KB
2	wargaming.net 1 redirects rdr.wargaming.net tenor.wargaming.net	8 KB
2	google-analytics.com ssl.google-analytics.com www.google-analytics.com	36 KB
2	civadsoo.net civadsoo.net	20 KB
1	eergithi.com eergithi.com	2 KB
1	google.pl adservice.google.pl	853 B
1	seznam.cz c.seznam.cz	511 B
1	imedia.cz c.imedia.cz	9 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	taboola.com cdn.taboola.com	23 KB
1	yandex.ru mc.yandex.ru	70 KB
1	googletagmanager.com www.googletagmanager.com	98 KB
1	googleapis.com fonts.googleapis.com	839 B
1	crrepo.com crrepo.com	209 KB
1	worldoftanks.eu worldoftanks.eu	6 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	660 B
1	statcounter.com c.statcounter.com	685 B
174	42

	Domain	Requested by
12	1.bp.blogspot.com	www.calindachan.gq
11	js1.bloggerads.net	www.calindachan.gq js1.bloggerads.net agent.aralego.com
10	pagead2.googlesyndication.com	www.calindachan.gq pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
9	cdn-wglc.gcdn.co	worldoftanks.eu
8	d1ypub5wfz82gq.cloudfront.net	js1.bloggerads.net www.calindachan.gq d1ypub5wfz82gq.cloudfront.net
8	www.blogger.com	www.calindachan.gq apis.google.com www.blogger.com
6	mc.yandex.com	2 redirects mc.yandex.ru
6	www.facebook.com	connect.facebook.net
6	connect.facebook.net	www.googletagmanager.com www.calindachan.gq connect.facebook.net
6	fonts.gstatic.com	fonts.googleapis.com
6	resources.blogblog.com	www.calindachan.gq www.blogger.com
6	apis.google.com	www.calindachan.gq apis.google.com www.blogger.com
5	cdn2wotcom.gcdn.co	worldoftanks.eu
5	www.dexpredict.com	www.calindachan.gq www.dexpredict.com
4	ads.aralego.com	agent.aralego.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
4	top-fwz1.mail.ru	www.calindachan.gq top-fwz1.mail.ru
4	adservice.google.com	pagead2.googlesyndication.com 10697551.fls.doubleclick.net securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
3	10697551.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	cdn.aralego.net	www.calindachan.gq agent.aralego.com
3	3.bp.blogspot.com	www.calindachan.gq
3	4.bp.blogspot.com	www.calindachan.gq
2	sync.aralego.com	agent.aralego.com
2	t.co
2	analytics.twitter.com	platform.twitter.com
2	www.google.com	tpc.googlesyndication.com
2	secure.adnxs.com	1 redirects
2	ad.doubleclick.net	2 redirects
2	u360.d-bi.fr	www.calindachan.gq
2	aax-eu.amazon-adsystem.com	1 redirects www.calindachan.gq
2	civadsoo.net	www.calindachan.gq
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.calindachan.gq	www.calindachan.gq
1	eergithi.com	www.calindachan.gq
1	a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	c.seznam.cz
1	c.imedia.cz	www.googletagmanager.com
1	static.ads-twitter.com
1	platform.twitter.com	1 redirects
1	cdn.taboola.com	www.calindachan.gq
1	tenor.wargaming.net	www.calindachan.gq
1	mc.yandex.ru	www.calindachan.gq
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	worldoftanks.eu
1	fonts.googleapis.com	worldoftanks.eu
1	crrepo.com	www.dexpredict.com
1	www.gstatic.com	apis.google.com
1	worldoftanks.eu	www.dexpredict.com
1	rdr.wargaming.net	1 redirects
1	ssl.google-analytics.com	js1.bloggerads.net
1	agent.aralego.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.calindachan.gq
1	2.bp.blogspot.com	www.calindachan.gq
1	calindachan.gq	1 redirects
174	60

This site contains links to these domains. Also see Links.

Domain
www.bloggerads.net
1.bp.blogspot.com
www.blogger.com
4.bp.blogspot.com
3.bp.blogspot.com
2.bp.blogspot.com
www.youtube.com
js1.bloggerads.net
citysky.gq
rdr.wargaming.net
www.dexpredict.com

Subject Issuer	Validity	Valid
www.calindachan.gq GTS CA 1D4	`2021-06-23` - `2021-09-21`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
bloggerads.net Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
dexpredict.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-02-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
civadsoo.net R3	`2021-06-19` - `2021-09-17`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
wargaming.com DigiCert SHA2 Extended Validation Server CA	`2020-12-08` - `2021-12-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gcdn.co DigiCert SHA2 Secure Server CA	`2020-05-12` - `2022-07-27`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.wargaming.net DigiCert SHA2 High Assurance Server CA	`2020-06-22` - `2022-08-18`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.d-bi.fr GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-23` - `2022-06-23`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
c.imedia.cz R3	`2021-06-03` - `2021-09-01`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
c.seznam.cz R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.google.pl GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
eergithi.com R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.calindachan.gq/
Frame ID: 84E82CEC040BBA287DFBA275188BBC33
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html
Frame ID: 4A55581B5F41B940244AFDD237527DFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8584719931078042&output=html&adk=1812271804&adf=3025194257&lmt=1615278262&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.calindachan.gq%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624550186114&bpp=38&bdt=70&idt=399&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1636043068656&frm=20&pv=2&ga_vid=79965813.1624550187&ga_sid=1624550187&ga_hid=448509473&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060031%2C31060839%2C31061334&oid=3&pvsid=3876172495344729&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=526
Frame ID: 80FD06C2DE430E488D3F888E5B18570F
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=93932723763446822&blogName=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A+(CitySky+Wallpapers+Download...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.calindachan.gq/search&blogLocale=zh_TW&v=2&homepageUrl=https://www.calindachan.gq/&vt=5095529919011734333&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
Frame ID: DC0850FFD872E55DBEF4FE14C52012DB
Requests: 5 HTTP requests in this frame

Frame: https://www.dexpredict.com/ad/display.php?stamat=m%7C%2C4Y3e39jPqB1dAN0dEdHP3xP.f94%2CZMkKdRAQlkuDbgTABrav5JQs8F7IVWkr8qs2mfI9nuoyN_uszxrPWIdJjld0hcHMEDz1UGEeNCb9BteLLKSr2ZNKXXWp1k3yCUEe6Rsk9Ss%2C&cbrandom=0.9268100522331122&cbtitle=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A%20(CitySky%20Wallpapers%20Download%3A%20Calinda%20Chan)&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Frame ID: 98286C92CC656F8458C4E13C1D281684
Requests: 3 HTTP requests in this frame

Frame: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Frame ID: 1E8540FE456128A78670795384181EF8
Requests: 89 HTTP requests in this frame

Frame: https://10697551.fls.doubleclick.net/activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567
Frame ID: 1FA8BBA30174CFCEAC597073E795BD1B
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%3D7823856120802%3Bp%3DB725FD14-7FDF-50A6-7316-586DE20A88EF&cb=393549218586144900&dcc=t
Frame ID: 8DD938929DDB697A31F2432D743DE81F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C9969DDECD8225C905F65C94CD5DC084
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F7991620A017627657DBD495E4A0BB7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 15E1EC9F6BEB598D095FC41974C16DC7
Requests: 9 HTTP requests in this frame

Frame: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=3
Frame ID: 78D8D67A623330BDE0A241DE68352DCA
Requests: 2 HTTP requests in this frame

Frame: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=6
Frame ID: 068DB3B68B2BB6B07AAA083C8C45A76E
Requests: 2 HTTP requests in this frame

Frame: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=8
Frame ID: 969DEA3C61CE72E2D73857E3643BCEEA
Requests: 2 HTTP requests in this frame

Frame: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=8
Frame ID: C27491C77E288CF65A5F522FFF83AD25
Requests: 2 HTTP requests in this frame

Frame: https://a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 204ABA5802E52305A1D4D25E0FB1317D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 25E393F877C339B383D95E26A748308D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96DCA4F8B57751E7F1D5F4D6A51BAD3A
Requests: 1 HTTP requests in this frame

Frame: https://eergithi.com/wiki.html
Frame ID: 66327643FD7FC1408B20FD289B675C74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://calindachan.gq/ HTTP 301
https://www.calindachan.gq/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

174
Requests

100 %
HTTPS

61 %
IPv6

42
Domains

60
Subdomains

52
IPs

8
Countries

10412 kB
Transfer

13698 kB
Size

0
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bloggerads.net/
Title: BloggerAds 部落格行銷

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-ZaX3C0qEiOM/YEbSk0lFMUI/AAAAAAAAKQ8/P094zI7T0n0DYyvLxCkNHGoTfLJJoi1mQCNcBGAsYHQ/s342/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B1.jpg

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-aEY-hGevyDU/YEbSl8zsULI/AAAAAAAAKRM/buZOqiQIS4Q3jl5J2K7F1HMITMuVcfiSgCNcBGAsYHQ/s400/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B3.jpg

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-7wTnIKvFPBU/YEbSmKEx-II/AAAAAAAAKRQ/VeVEFM_KnBMg8W5EWMrU_dsyDrnUoVSDQCNcBGAsYHQ/s500/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B4.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-PBuR7NeiD4w/YEbSmVt-tTI/AAAAAAAAKRU/mHB-FeJA1o4HrkCjpAUJ3yTuXbug-cYIgCNcBGAsYHQ/s560/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B5.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-dEQlj4CFB_o/YEbSmsGEC9I/AAAAAAAAKRY/d5toPvrKguE1utYUjWXcYlViWkhJd2okgCNcBGAsYHQ/s677/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B6.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-FuUnlBIXRVw/YEbSmwzDu0I/AAAAAAAAKRc/gjf_yYUmKYciJlrYGgV9rri56E4Cmxr5QCNcBGAsYHQ/s663/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B7.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-4v3DhgkAqjg/YEbSm481t9I/AAAAAAAAKRg/6PNturf8KX81RFKPJQgLBRH0v6OZBZzKgCNcBGAsYHQ/s1024/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B8.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-K5KkjEK_oFg/YEbSncjyuFI/AAAAAAAAKRk/3k4Z75d2N3kepzesecGWuvG27YKr7EZygCNcBGAsYHQ/s500/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B9.jpg

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-2qaC3qBUwXQ/YEbSkiScolI/AAAAAAAAKQ4/1mPhiWSBaq4Vx8bkeiMewcZlpd55q_NcACNcBGAsYHQ/s800/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B10.jpg

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-VX8XTCe0fB0/YEbSk52_2cI/AAAAAAAAKRA/65SeJdKhGDYXJ0ZTo4FY6qKxy-gSkw3wQCNcBGAsYHQ/s1024/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B11.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-nL86pbNzFTc/YEbSlvgPCjI/AAAAAAAAKRE/5kYafe1OVPQpMbrF3LJnbWNihEh7I_fQQCNcBGAsYHQ/s940/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B12.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-76sNv5nMURw/YEbSl0_OBGI/AAAAAAAAKRI/vVYuOd0U4j8FB0pfhTi3ch8Cz8bQ0CALACNcBGAsYHQ/s1020/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B13.jpg

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/02258371442979175193
Title: Charlie Brown

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=93932723763446822&postID=4992802340119306822&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-0567vFCijh0/WCQc8A3yoPI/AAAAAAAAH8A/YrKkptho8yg68tlPNChfTiqs49Di0H43gCLcB/s1600/Calinda%2BChan%2B1.jpg

Search URL Search Domain Scan URL

URL: https://3.bp.blogspot.com/-BNF3HS-s7KY/WCQc7uwmsqI/AAAAAAAAH78/G_S4cMCLOYAtxO2VEYjICrUEhm10dR19wCLcB/s1600/Calinda%2BChan%2B2.jpg

Search URL Search Domain Scan URL

URL: https://3.bp.blogspot.com/-34becy7TtA0/WCQc7HfT6kI/AAAAAAAAH74/jUDeka-NQ2sEJONsMG0bGD0t6zkuagv-QCLcB/s1600/Calinda%2BChan%2B3.jpg

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-j_Jly3JBHgU/WCQc8FNtmDI/AAAAAAAAH8E/-9DX-q5GFZMGPi18rl5Kj5FSCCR7xaaCgCLcB/s1600/Calinda%2BChan%2B4.jpg

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=93932723763446822&postID=2595597092076333235&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-pkPCzSRdpbk/V_Y8jX1TLVI/AAAAAAAAG2E/jahK-suloEoMLTaFeTq2U9X-i4RQc2ORwCLcB/s1600/Twins%2B1.jpg

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-DepMTAQXnRw/V_Y8joEuVyI/AAAAAAAAG2M/kmV13ibf90k36ysOxPzTAmTHEaRyNhyQgCLcB/s1600/Twins%2B2.jpg

Search URL Search Domain Scan URL

URL: https://3.bp.blogspot.com/-bpgcdJqZc_c/V_Y8jU_9g5I/AAAAAAAAG2I/HWf6xYya3QMEZjkoxIiWoDppEnW5pbBMQCLcB/s1600/Twins%2B3.jpg

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=93932723763446822&postID=1229068778244382728&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/DI4u9IjsbGw
Title: https://www.youtube.com/embed/DI4u9IjsbGw

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=93932723763446822&postID=1709747238848626990&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/-yf1WtBiC78
Title: https://www.youtube.com/embed/-yf1WtBiC78

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=93932723763446822&postID=4394835901261497836&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://js1.bloggerads.net/Click/-1783536430.HG48R2Vn/20070610000001/20100708000034/2/63760175766/19044/2

Search URL Search Domain Scan URL

URL: http://citysky.gq/
Title:

Search URL Search Domain Scan URL

URL: https://rdr.wargaming.net/bipwac7m/?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220
Title: Go to website

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://www.dexpredict.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://calindachan.gq/ HTTP 301
https://www.calindachan.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 58

https://rdr.wargaming.net/bipwac7m/?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220 HTTP 301
https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567

Request Chain 122

https://10697551.fls.doubleclick.net/activityi;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567 HTTP 302
https://10697551.fls.doubleclick.net/activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Request Chain 127

https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%3D7823856120802%3Bp%3DB725FD14-7FDF-50A6-7316-586DE20A88EF&cb=393549218586144900 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%3D7823856120802%3Bp%3DB725FD14-7FDF-50A6-7316-586DE20A88EF&cb=393549218586144900&dcc=t

Request Chain 130

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 132

https://ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=216760769 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=216760769 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=216760769

Request Chain 133

https://secure.adnxs.com/seg?add=24477938&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24477938%26t%3D2

Request Chain 146

https://mc.yandex.com/watch/45727869?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A1%3Adp%3A0%3Als%3A1398019670146%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550188%3Ac%3A1%3Arn%3A603746824%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo! HTTP 302
https://mc.yandex.com/watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A1%3Adp%3A0%3Als%3A1398019670146%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550188%3Ac%3A1%3Arn%3A603746824%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo%21

Request Chain 147

https://mc.yandex.com/watch/71343676?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A2%3Adp%3A0%3Als%3A1066829887526%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550189%3Ac%3A1%3Arn%3A138172241%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo! HTTP 302
https://mc.yandex.com/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A2%3Adp%3A0%3Als%3A1066829887526%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550189%3Ac%3A1%3Arn%3A138172241%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo%21

174 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.calindachan.gq/
Redirect Chain

https://calindachan.gq/
https://www.calindachan.gq/

145 KB
42 KB

312ms
288ms

Document
text/html

2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52e3eee68b2046bda3371e537a2f091a130d27ae579767753d46ba21cb1964f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.calindachan.gq
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
expires: Thu, 24 Jun 2021 15:56:25 GMT
date: Thu, 24 Jun 2021 15:56:25 GMT
cache-control: private, max-age=0
last-modified: Tue, 09 Mar 2021 08:24:22 GMT
etag: W/"47cd1b1e8ea2a1145703b0719d352fbeb6e5397ac3c36af0c344caea72ca8812"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 43104
server: GSE

Redirect headers

location: https://www.calindachan.gq/
date: Thu, 24 Jun 2021 15:56:25 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 224
x-xss-protection: 0
x-frame-options: SAMEORIGIN

GET
H2 200 3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 34ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 04:07:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 10:54:22 GMT
server: sffe
age: 42553
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Fri, 24 Jun 2022 04:07:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658ff80afff4ce47f60badc7e45e7708be3e633ba85e98f56ea956c6a9dbe312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48903
x-xss-protection: 0
server: cafe
etag: 6080690143960962226
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 15:56:26 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 136ms
112ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=93932723763446822&zx=e6a892e8-1238-4e76-b4ac-ae06aa048e33

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 15:56:26 GMT
server: GSE
date: Thu, 24 Jun 2021 15:56:26 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 54ms
26ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b860e937b76fda2dd6bd18f7772588562f1b6cf93b8ebb59605f0bb974be3946

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XdCO56NQFBP6BEG0kL+9Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "6d4b82cd3380844627edbfe403a4c3f9"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-XdCO56NQFBP6BEG0kL+9Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 24 Jun 2021 15:56:26 GMT

GET
H2 200 ShowBanner.aspx Show response
js1.bloggerads.net/ 6 KB
3 KB 764ms
637ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/ShowBanner.aspx?blogid=20100708000034
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 621c41ca362b3613d771197ccaebb1d97b3f99208fb65ef7a8c6f9cb2ea4ba2a

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x: 69
cache-control: private
x-amz-cf-id: 3Bo9xBYbi8fTDzJp2ZAPzKqNDWW5xZv5KcGgl3RrNXQ8ke_-A5S2tg==

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
612 B 22ms
12ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 14:18:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 15:55:23 GMT
server: sffe
age: 178656
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Tue, 29 Jun 2021 14:18:50 GMT

GET
H2 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B1.jpg
1.bp.blogspot.com/-ZaX3C0qEiOM/YEbSk0lFMUI/AAAAAAAAKQ8/P094zI7T0n0DYyvLxCkNHGoTfLJJoi1mQCNcBGAsYHQ/s320/ 43 KB
43 KB 63ms
34ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZaX3C0qEiOM/YEbSk0lFMUI/AAAAAAAAKQ8/P094zI7T0n0DYyvLxCkNHGoTfLJJoi1mQCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B1.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4ceaf06dad03e55d4dadfc82ff2ab3b5fb7e68135d7b021fec29211cd334c5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43619
x-xss-protection: 0
server: fife
etag: "v291a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H2 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B3.jpg
1.bp.blogspot.com/-aEY-hGevyDU/YEbSl8zsULI/AAAAAAAAKRM/buZOqiQIS4Q3jl5J2K7F1HMITMuVcfiSgCNcBGAsYHQ/s320/ 40 KB
40 KB 57ms
27ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-aEY-hGevyDU/YEbSl8zsULI/AAAAAAAAKRM/buZOqiQIS4Q3jl5J2K7F1HMITMuVcfiSgCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B3.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e666968788dcb7e6477a157cb571b66007d7ba7c24effedbbcb318a849c0adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 3.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41185
x-xss-protection: 0
server: fife
etag: "v291c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H2 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B4.png
1.bp.blogspot.com/-7wTnIKvFPBU/YEbSmKEx-II/AAAAAAAAKRQ/VeVEFM_KnBMg8W5EWMrU_dsyDrnUoVSDQCNcBGAsYHQ/s320/ 20 KB
20 KB 39ms
10ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7wTnIKvFPBU/YEbSmKEx-II/AAAAAAAAKRQ/VeVEFM_KnBMg8W5EWMrU_dsyDrnUoVSDQCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B4.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f9c6e38549d7f2cee491968b4563d4f1f5167eded406e261bf6517e5fd4b24ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 4.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20357
x-xss-protection: 0
server: fife
etag: "v291e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H2 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B5.png
1.bp.blogspot.com/-PBuR7NeiD4w/YEbSmVt-tTI/AAAAAAAAKRU/mHB-FeJA1o4HrkCjpAUJ3yTuXbug-cYIgCNcBGAsYHQ/s320/ 19 KB
19 KB 51ms
22ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-PBuR7NeiD4w/YEbSmVt-tTI/AAAAAAAAKRU/mHB-FeJA1o4HrkCjpAUJ3yTuXbug-cYIgCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B5.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75847facdc47958a3363257855849f3e0f7a750d68a3f0bc255432e7ae1a95bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 5.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19361
x-xss-protection: 0
server: fife
etag: "v291c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H2 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B6.png
1.bp.blogspot.com/-dEQlj4CFB_o/YEbSmsGEC9I/AAAAAAAAKRY/d5toPvrKguE1utYUjWXcYlViWkhJd2okgCNcBGAsYHQ/s320/ 11 KB
11 KB 61ms
32ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dEQlj4CFB_o/YEbSmsGEC9I/AAAAAAAAKRY/d5toPvrKguE1utYUjWXcYlViWkhJd2okgCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B6.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9f82ebc46dbcc91148aca1299b0448985e6fd94f3dec1f738e704d6d4fea82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 6.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: fife
etag: "v291c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H2 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B7.png
1.bp.blogspot.com/-FuUnlBIXRVw/YEbSmwzDu0I/AAAAAAAAKRc/gjf_yYUmKYciJlrYGgV9rri56E4Cmxr5QCNcBGAsYHQ/s320/ 17 KB
17 KB 45ms
17ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FuUnlBIXRVw/YEbSmwzDu0I/AAAAAAAAKRc/gjf_yYUmKYciJlrYGgV9rri56E4Cmxr5QCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B7.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17c0c97f7d9cb562b14ccd5a9373f5264bba77a0089b7d395de9f2a5019edf8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 7.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17350
x-xss-protection: 0
server: fife
etag: "v291c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H3-29 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B8.png
1.bp.blogspot.com/-4v3DhgkAqjg/YEbSm481t9I/AAAAAAAAKRg/6PNturf8KX81RFKPJQgLBRH0v6OZBZzKgCNcBGAsYHQ/s320/ 31 KB
31 KB 51ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4v3DhgkAqjg/YEbSm481t9I/AAAAAAAAKRg/6PNturf8KX81RFKPJQgLBRH0v6OZBZzKgCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B8.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00b4fab5425b1399ab7b199ba24a0b527cbb7a9133d7deaac8e5c6a4fee11927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 8.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31922
x-xss-protection: 0
server: fife
etag: "v291e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H3-29 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B9.jpg
1.bp.blogspot.com/-K5KkjEK_oFg/YEbSncjyuFI/AAAAAAAAKRk/3k4Z75d2N3kepzesecGWuvG27YKr7EZygCNcBGAsYHQ/s320/ 15 KB
15 KB 49ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-K5KkjEK_oFg/YEbSncjyuFI/AAAAAAAAKRk/3k4Z75d2N3kepzesecGWuvG27YKr7EZygCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B9.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b7b50ca06843eb2c15681e4cd27533ca59d39e5a2a0af9a2d32a2a5e108c8ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 9.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15789
x-xss-protection: 0
server: fife
etag: "v291d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H3-29 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B10.jpg
1.bp.blogspot.com/-2qaC3qBUwXQ/YEbSkiScolI/AAAAAAAAKQ4/1mPhiWSBaq4Vx8bkeiMewcZlpd55q_NcACNcBGAsYHQ/s320/ 5 KB
5 KB 50ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2qaC3qBUwXQ/YEbSkiScolI/AAAAAAAAKQ4/1mPhiWSBaq4Vx8bkeiMewcZlpd55q_NcACNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B10.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1c41f9b7e7bd4ef21fe6b46f7ee3c5821b5ded7e5167454d407f1b06060bbcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 10.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5090
x-xss-protection: 0
server: fife
etag: "v291b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H3-29 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B11.png
1.bp.blogspot.com/-VX8XTCe0fB0/YEbSk52_2cI/AAAAAAAAKRA/65SeJdKhGDYXJ0ZTo4FY6qKxy-gSkw3wQCNcBGAsYHQ/s320/ 30 KB
30 KB 56ms
14ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-VX8XTCe0fB0/YEbSk52_2cI/AAAAAAAAKRA/65SeJdKhGDYXJ0ZTo4FY6qKxy-gSkw3wQCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B11.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

709c96544678ff20e76361f3fbdb7baf7bdbcc5c0ab3aea9f7a7ef0dc9da708c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 11.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31161
x-xss-protection: 0
server: fife
etag: "v291b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H3-29 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B12.png
1.bp.blogspot.com/-nL86pbNzFTc/YEbSlvgPCjI/AAAAAAAAKRE/5kYafe1OVPQpMbrF3LJnbWNihEh7I_fQQCNcBGAsYHQ/s320/ 103 KB
103 KB 57ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nL86pbNzFTc/YEbSlvgPCjI/AAAAAAAAKRE/5kYafe1OVPQpMbrF3LJnbWNihEh7I_fQQCNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B12.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf5d4381849dff79e2d49dfe82d8675ffc61cb536b59ca6d21e2876125ff81e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 12.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105449
x-xss-protection: 0
server: fife
etag: "v291c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:55 GMT

GET
H3-29 200 5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B13.jpg
1.bp.blogspot.com/-76sNv5nMURw/YEbSl0_OBGI/AAAAAAAAKRI/vVYuOd0U4j8FB0pfhTi3ch8Cz8bQ0CALACNcBGAsYHQ/s320/ 24 KB
24 KB 58ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-76sNv5nMURw/YEbSl0_OBGI/AAAAAAAAKRI/vVYuOd0U4j8FB0pfhTi3ch8Cz8bQ0CALACNcBGAsYHQ/s320/5%2BProven%2BWays%2Bto%2BImprove%2BOn-Page%2BTime%2B13.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c7a09843d67c3a619eda45e7f0bcc3f2ddc1f73f067f3c851f28bd8fdb7bd4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="5 Proven Ways to Improve On-Page Time 13.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24697
x-xss-protection: 0
server: fife
etag: "v291b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Jun 2021 15:54:31 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/ 233 KB
86 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8584719931078042&plah=www.calindachan.gq&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88042
x-xss-protection: 0
server: cafe
etag: 4788847514445276624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 15:56:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/ Frame 4A55 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210621/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Jun 2021 12:48:00 GMT
expires: Thu, 08 Jul 2021 12:48:00 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 11306
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 141 KB
49 KB 63ms
10ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 09:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50591
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 09:30:04 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 54 KB
17 KB 59ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 23:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17642
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jun 2022 23:17:24 GMT

GET
H3-29 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
93 B 12ms
11ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 17:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jul 2021 17:34:22 GMT

GET
H3-29 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
425 B 21ms
7ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:34:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 16:57:43 GMT
server: sffe
age: 166923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Tue, 29 Jun 2021 17:34:23 GMT

GET
H3-29 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
116 B 11ms
8ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 00:07:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 18:57:03 GMT
server: sffe
age: 143312
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Wed, 30 Jun 2021 00:07:54 GMT

GET
H3-29 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
184 B 13ms
10ms Image
image/gif 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 02:52:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 15:55:32 GMT
server: sffe
age: 47034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Thu, 01 Jul 2021 02:52:32 GMT

GET
H2 200 Calinda%2BChan%2B1.jpg
4.bp.blogspot.com/-0567vFCijh0/WCQc8A3yoPI/AAAAAAAAH8A/YrKkptho8yg68tlPNChfTiqs49Di0H43gCLcB/s320/ 19 KB
19 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-0567vFCijh0/WCQc8A3yoPI/AAAAAAAAH8A/YrKkptho8yg68tlPNChfTiqs49Di0H43gCLcB/s320/Calinda%2BChan%2B1.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1776a6905bb62517d18f7abbc2502887ed87608674f0d03d4941efa127ec9d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:30 GMT
x-content-type-options: nosniff
age: 116
content-disposition: inline;filename="Calinda Chan 1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19299
x-xss-protection: 0
server: fife
etag: "v1fe7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Jun 2021 15:54:30 GMT

GET
H2 200 Calinda%2BChan%2B2.jpg
3.bp.blogspot.com/-BNF3HS-s7KY/WCQc7uwmsqI/AAAAAAAAH78/G_S4cMCLOYAtxO2VEYjICrUEhm10dR19wCLcB/s320/ 20 KB
20 KB 27ms
3ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-BNF3HS-s7KY/WCQc7uwmsqI/AAAAAAAAH78/G_S4cMCLOYAtxO2VEYjICrUEhm10dR19wCLcB/s320/Calinda%2BChan%2B2.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d46bc1240de17a89350678a7de69fb29d5c7fd80fedb64f5ce23187d2d94254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="Calinda Chan 2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20141
x-xss-protection: 0
server: fife
etag: "v1fe7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:50:07 GMT

GET
H2 200 Calinda%2BChan%2B3.jpg
3.bp.blogspot.com/-34becy7TtA0/WCQc7HfT6kI/AAAAAAAAH74/jUDeka-NQ2sEJONsMG0bGD0t6zkuagv-QCLcB/s320/ 10 KB
11 KB 26ms
2ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-34becy7TtA0/WCQc7HfT6kI/AAAAAAAAH74/jUDeka-NQ2sEJONsMG0bGD0t6zkuagv-QCLcB/s320/Calinda%2BChan%2B3.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

447794c16393c2d2ade368dbae844e16d59636041651b03a98f0c71571279024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="Calinda Chan 3.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10658
x-xss-protection: 0
server: fife
etag: "v1fe7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:50:07 GMT

GET
H2 200 Calinda%2BChan%2B4.jpg
4.bp.blogspot.com/-j_Jly3JBHgU/WCQc8FNtmDI/AAAAAAAAH8E/-9DX-q5GFZMGPi18rl5Kj5FSCCR7xaaCgCLcB/s320/ 28 KB
28 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-j_Jly3JBHgU/WCQc8FNtmDI/AAAAAAAAH8E/-9DX-q5GFZMGPi18rl5Kj5FSCCR7xaaCgCLcB/s320/Calinda%2BChan%2B4.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

93ce9fb9cfa095d1e689528ce483ae18fbbf1eef5372d76bdf04236ec047e380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="Calinda Chan 4.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28498
x-xss-protection: 0
server: fife
etag: "v1fe7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:56 GMT

GET
H2 200 Twins%2B1.jpg
2.bp.blogspot.com/-pkPCzSRdpbk/V_Y8jX1TLVI/AAAAAAAAG2E/jahK-suloEoMLTaFeTq2U9X-i4RQc2ORwCLcB/s320/ 25 KB
25 KB 24ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-pkPCzSRdpbk/V_Y8jX1TLVI/AAAAAAAAG2E/jahK-suloEoMLTaFeTq2U9X-i4RQc2ORwCLcB/s320/Twins%2B1.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eea2609f60338647706f7bf50ffb75b51ca5a16030df792ebdc390054cdfb295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="Twins 1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25491
x-xss-protection: 0
server: fife
etag: "v1b64"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:56 GMT

GET
H3-29 200 Twins%2B2.jpg
4.bp.blogspot.com/-DepMTAQXnRw/V_Y8joEuVyI/AAAAAAAAG2M/kmV13ibf90k36ysOxPzTAmTHEaRyNhyQgCLcB/s320/ 20 KB
20 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-DepMTAQXnRw/V_Y8joEuVyI/AAAAAAAAG2M/kmV13ibf90k36ysOxPzTAmTHEaRyNhyQgCLcB/s320/Twins%2B2.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9fe4df895581f993257ace2a29282a5d486875250933b6cb61329b8aca03e1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="Twins 2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20289
x-xss-protection: 0
server: fife
etag: "v1b64"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:48:56 GMT

GET
H2 200 Twins%2B3.jpg
3.bp.blogspot.com/-bpgcdJqZc_c/V_Y8jU_9g5I/AAAAAAAAG2I/HWf6xYya3QMEZjkoxIiWoDppEnW5pbBMQCLcB/s320/ 27 KB
27 KB 19ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-bpgcdJqZc_c/V_Y8jU_9g5I/AAAAAAAAG2I/HWf6xYya3QMEZjkoxIiWoDppEnW5pbBMQCLcB/s320/Twins%2B3.jpg

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e12a05330af96ca1b43077f0f909de73777a5e92bbf05d5045a9d31a953e063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:54:31 GMT
x-content-type-options: nosniff
age: 115
content-disposition: inline;filename="Twins 3.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27167
x-xss-protection: 0
server: fife
etag: "v1b64"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 24 Jun 2021 16:50:07 GMT

GET
H2 200 ShowAds.aspx Show response
js1.bloggerads.net/ 6 KB
3 KB 641ms
628ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/ShowAds.aspx?blogid=20100708000034
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 0d3628e5e60951418c1af2d9d0adbb4579c61a0654a817a3a3ed2c68bac5f083

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x: 79
cache-control: private
x-amz-cf-id: iTG6d9Tb8JlJLC-7FsF65mPKT0DC5OXHYro-Z4HpKFjm8Zvqki5gUQ==

GET
H2 200 contentads.aspx Show response
js1.bloggerads.net/ 6 KB
3 KB 627ms
624ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/contentads.aspx?blogid=20100708000034
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: dc50e2c1fae2726eb03ca2f85f0c7410ed235512816319ea52a370d6685b744b

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x: 69
cache-control: private
x-amz-cf-id: avKGyWYICtkgAd9O58H3ZfsTTchRmmlqoei0Zt-E3rm2vvrbsYw7Lg==

GET
H2 200 /
c.statcounter.com/11531106/0/97b26a1c/0/ 156 B
685 B 329ms
221ms Image
image/png 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/11531106/0/97b26a1c/0/
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ceec988e9fcfa2dc995f3d3f7cfd7f90cbdbf05dd62ebdf62756fe6b914433

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6647256a7a3b0bf1-AMS
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
content-type: image/png
content-length: 156
cf-request-id: 0ae055b68a00000bf16b209000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 display.php Show response
www.dexpredict.com/a/ 6 KB
2 KB 270ms
164ms Script
application/javascript 35.201.90.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dexpredict.com/a/display.php?r=1436791
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.90.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 210.90.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 1d09399e470759d7f53ee07d697b37ac6ad8a4d06ae0d1d4ced71cccf39e6c2f

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2 200 display.php Show response
www.dexpredict.com/a/ 12 KB
5 KB 298ms
192ms Script
application/javascript 35.201.90.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dexpredict.com/a/display.php?r=2057567
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.90.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 210.90.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 1a69e43604973a1447d3ef4bea61c2862ce63cb46572138b84b5bb65c5a8847e

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <rdr.wargaming.net>; rel=dns-prefetch,<rdr.wargaming.net>; rel=preconnect,<www.dexpredict.com>; rel=dns-prefetch,<www.dexpredict.com>; rel=preconnect
via: 1.1 google

GET
H2 200 cookienotice.js Show response
www.calindachan.gq/js/ 6 KB
2 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.calindachan.gq/js/cookienotice.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.calindachan.gq
referer: https://www.calindachan.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 03:55:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Thu, 01 Jul 2021 15:56:26 GMT

GET
H3-29 200 4165186901-widgets.js Show response
www.blogger.com/static/v1/widgets/ 147 KB
147 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4165186901-widgets.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ceec9e56972e8493cf3c6bd21886a68d6325f6c12babc85ad9dff845b1df92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 06:33:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 00:53:59 GMT
server: sffe
age: 33779
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150551
x-xss-protection: 0
expires: Fri, 24 Jun 2022 06:33:27 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
660 B 845ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.calindachan.gq&callback=_gfp_s_&client=ca-pub-8584719931078042

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8584719931078042&plah=www.calindachan.gq&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

691fd361c868c6de2fa6d1b55c07ef37de235699b57f61235d750d269d54f0f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.calindachan.gq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.calindachan.gq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80FD 603 B
68 B 35ms
32ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8584719931078042&output=html&adk=1812271804&adf=3025194257&lmt=1615278262&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.calindachan.gq%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624550186114&bpp=38&bdt=70&idt=399&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1636043068656&frm=20&pv=2&ga_vid=79965813.1624550187&ga_sid=1624550187&ga_hid=448509473&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060031%2C31060839%2C31061334&oid=3&pvsid=3876172495344729&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=526

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-8584719931078042&output=html&adk=1812271804&adf=3025194257&lmt=1615278262&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.calindachan.gq%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624550186114&bpp=38&bdt=70&idt=399&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1636043068656&frm=20&pv=2&ga_vid=79965813.1624550187&ga_sid=1624550187&ga_hid=448509473&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060031%2C31060839%2C31061334&oid=3&pvsid=3876172495344729&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=526
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Jun 2021 15:56:27 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 16:11:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Jun 2021 15:56:27 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274983153827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27713
x-xss-protection: 0
expires: Thu, 24 Jun 2021 15:56:26 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8584719931078042&c=2&e=2570847921467975139&n=0&t=0&w=2168&x=12

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 110ms
109ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=93932723763446822&zx=e6a892e8-1238-4e76-b4ac-ae06aa048e33

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 15:56:26 GMT
server: GSE
date: Thu, 24 Jun 2021 15:56:26 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 navbar.g Show response
www.blogger.com/ Frame DC08 7 KB
3 KB 127ms
124ms Document
text/html 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=93932723763446822&blogName=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A+(CitySky+Wallpapers+Download...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.calindachan.gq/search&blogLocale=zh_TW&v=2&homepageUrl=https://www.calindachan.gq/&vt=5095529919011734333&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e311cce7f3328d55cd0194929b93429d2d1163d023abe945dfc1442630be5041

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=93932723763446822&blogName=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A+(CitySky+Wallpapers+Download...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.calindachan.gq/search&blogLocale=zh_TW&v=2&homepageUrl=https://www.calindachan.gq/&vt=5095529919011734333&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2664
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 403 / Show response
civadsoo.net/5/856599/ 381 B
778 B 652ms
52ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://civadsoo.net/5/856599/?oo=1
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c1756b762536a1b0e9c6881edd5a708ff24bf2b2bd56178b206107a835f0a36f

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: f2b5605190b06485d17e945a1e3dfb55
pragma: no-cache
date: Thu, 24 Jun 2021 15:56:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.calindachan.gq
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 381
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
civadsoo.net/ 58 KB
20 KB 680ms
79ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://civadsoo.net/tag.min.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

04a1722238c2eb4055efcf3123981dc1cfa9a48e49be8154e4f9d6d66a1e51a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-length: 19531
x-trace-id: a429bce957b4a19a08309bcca8acc6e2
pragma: no-cache
last-modified: Thu, 24 Jun 2021 13:33:29 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3-29 200 logo-16.png
www.blogger.com/img/ 279 B
300 B 15ms
7ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:34:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 10:55:36 GMT
server: sffe
age: 166932
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Tue, 29 Jun 2021 17:34:14 GMT

GET
H2 200 display.php Show response
www.dexpredict.com/ad/ Frame 9828 3 KB
2 KB 208ms
207ms Document
text/html 35.201.90.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dexpredict.com/ad/display.php?stamat=m%7C%2C4Y3e39jPqB1dAN0dEdHP3xP.f94%2CZMkKdRAQlkuDbgTABrav5JQs8F7IVWkr8qs2mfI9nuoyN_uszxrPWIdJjld0hcHMEDz1UGEeNCb9BteLLKSr2ZNKXXWp1k3yCUEe6Rsk9Ss%2C&cbrandom=0.9268100522331122&cbtitle=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A%20(CitySky%20Wallpapers%20Download%3A%20Calinda%20Chan)&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by: Host: www.dexpredict.com
URL: https://www.dexpredict.com/a/display.php?r=1436791
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.90.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 210.90.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: c8caa6b5c0c4a42522b3cae9849b44e6a29a7df05f62b21002c5fd7fda68f754

Request headers

:method: GET
:authority: www.dexpredict.com
:scheme: https
:path: /ad/display.php?stamat=m%7C%2C4Y3e39jPqB1dAN0dEdHP3xP.f94%2CZMkKdRAQlkuDbgTABrav5JQs8F7IVWkr8qs2mfI9nuoyN_uszxrPWIdJjld0hcHMEDz1UGEeNCb9BteLLKSr2ZNKXXWp1k3yCUEe6Rsk9Ss%2C&cbrandom=0.9268100522331122&cbtitle=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A%20(CitySky%20Wallpapers%20Download%3A%20Calinda%20Chan)&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

server: openresty
date: Thu, 24 Jun 2021 15:56:27 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
link: <//www.dexpredict.com>; rel=dns-prefetch,<//www.dexpredict.com>; rel=preconnect,<//www.gaming-adult.com>; rel=dns-prefetch,<//www.gaming-adult.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-29 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ 26 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f14fecc5555605ac3f0ed12bbcac084bd50500568ca2e473f738908ea65fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 02:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9055
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 02:31:30 GMT

GET
H2 200 ba_ad.min.css
d1ypub5wfz82gq.cloudfront.net/AdsService/CSS/ 2 KB
1 KB 455ms
10ms Stylesheet
text/css 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/CSS/ba_ad.min.css?v=180717001
Requested by: Host: js1.bloggerads.net
URL: https://js1.bloggerads.net/ShowBanner.aspx?blogid=20100708000034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c54705ff81c41734998845d446da3cc9a1a7269d9d7624a88374f4bd6a191f3d

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 13:14:40 GMT
content-encoding: gzip
etag: W/"b69acb5624e3d21:0"
last-modified: Mon, 12 Jun 2017 02:33:56 GMT
server: Microsoft-IIS/7.5
age: 12834
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: lvEZLSVs9H2YwDpQPvUFw_YYbva9NjKFfEW2hxcEt18l5dxtBBzOBg==

GET
H2 200 ba.min.js Show response
d1ypub5wfz82gq.cloudfront.net/AdsService/JS/ 10 KB
4 KB 454ms
10ms Script
application/x-javascript 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/JS/ba.min.js?v=180717001
Requested by: Host: js1.bloggerads.net
URL: https://js1.bloggerads.net/ShowBanner.aspx?blogid=20100708000034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 89dcb3390a9e880629766a40e67647ddd69fc2753ec4ae24024f5a4561b8f01d

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 04:28:07 GMT
content-encoding: gzip
etag: W/"32c75823614d41:0"
last-modified: Thu, 05 Jul 2018 08:02:25 GMT
server: Microsoft-IIS/7.5
age: 41646
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -oUMPeo4WzedaDRFhCoqZkXNouYnuaBzy-RRUh475bR85TEjN7jUew==

GET
H2 200 getads.aspx Show response
js1.bloggerads.net/ 948 B
1 KB 638ms
637ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/getads.aspx?blogid=20100708000034&fid=1&c=b1239349250&d=1&sh5=1&sflash=0&isc=0&w=1600&isw=0&hw=880&cw=0
Requested by: Host: js1.bloggerads.net
URL: https://js1.bloggerads.net/ShowBanner.aspx?blogid=20100708000034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 819d042e8eb250bb9967f2bfe39119dcfc813b4d07c0740904eff88457d7f360

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
x: 79
cache-control: private
content-length: 948
x-amz-cf-id: nqMEN84mvDXJwxkH7tkefmut3TkblRepNfE8KR8WWK7_FeUKxCf2Iw==

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

39ms
18ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4668
content-length: 40120
cf-request-id: 0ae055bace00004e9d5039d000000001
last-modified: Fri, 28 May 2021 01:36:32 GMT
server: cloudflare
etag: "60b04920-9cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LWgGxYEFBTEUTDBkyeis2cj7K2iFS%2BDnYpariMoiqiVut7eiter%2FxUABoV5maUa84PwXQXnApWRuM0kYS2pXW3HhR70fWTxBkESqIbYEJeCcKMVAW2BG8fzBCQyIXuo8ZvaV7XoBzUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 664725714a8c4e9d-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: js1.bloggerads.net
URL: https://js1.bloggerads.net/ShowBanner.aspx?blogid=20100708000034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5957
date: Thu, 24 Jun 2021 14:17:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 24 Jun 2021 16:17:09 GMT

GET
H2

200

5386_PL1 Show response
worldoftanks.eu/join/ Frame 1E85
Redirect Chain

https://rdr.wargaming.net/bipwac7m/?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220
https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Ee...

33 KB
6 KB

268ms
53ms

Document
text/html

92.223.20.123
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Requested by: Host: www.dexpredict.com
URL: https://www.dexpredict.com/a/display.php?r=2057567
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.223.20.123 Luxembourg, Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS: ed-sl-a123.fe.core.pw
Software: nginx /
Resource Hash: eef72f91472a7e02f3a8019551275bb35a1ba293f0a4b1033612a14ab4a31a73

Request headers

:method: GET
:authority: worldoftanks.eu
:scheme: https
:path: /join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

server: nginx
date: Thu, 24 Jun 2021 15:56:27 GMT
content-type: text/html
vary: Accept-Encoding Accept-Encoding
expires: Fri, 25 Jun 2021 15:56:27 GMT
cache-control: max-age=86400
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 24 Jun 2021 15:56:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Set-Cookie: STIDREFERRAL=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure enctid=ccbyz98ig749; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure teclient=1624550187499705259; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache

GET
H2 204 i.php
www.dexpredict.com/script/ 0
61 B 176ms
172ms Image
text/plain 35.201.90.210
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dexpredict.com/script/i.php?stamat=m%7C%2C%2Cwja_I2FqoGU3BJ9GH0dEdHP3xP.908%2CQOZOyV-FlMRItOPSeRPOEJ0jii1y2blDOqsOxKzOa32KL-k5trvWR8aTAN4gy60Ep93oYtZ48YVsbvpiwvKZg7sQv2YzBI3ZwD71zMYGSt_cugc-DP0BljB7QK-ZNMwIqteuCSwOtBeUqgRkglL7qTn0pXLF4BTXvcIW1hkkeXpbq6JQP6aPHahVPY2bNCJLu9kgc-N4Es0SSE6nMzXfp1v0rvKqyXBbH-i6BMShd7Aes1JzXZ6e8GadvXb446dWmIAWQkcia-yOiENlGVH8uOjYljtp7w8ustquf--uZpP_LmLdeZ_PijL-oYT8jvLHkKINg4Om8siHC3Nskr7PVOB6SfWq6A8--UBSIlwIp2arqJ5QR_6KwQJVmNb45VsTKAmFuEDuMl0CQaXEcx7GRw%2C%2C
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.90.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 210.90.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 15:56:27 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

GET
H2 200 getads.aspx Show response
js1.bloggerads.net/ 1 KB
1 KB 372ms
369ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/getads.aspx?blogid=20100708000034&fid=2&c=b1469881973&d=1&sh5=1&sflash=0&isc=0&w=1600&isw=0&hw=250&cw=0
Requested by: Host: js1.bloggerads.net
URL: https://js1.bloggerads.net/ShowAds.aspx?blogid=20100708000034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: ddfa97050e8eced74d80132c91833b81404564bdcb4f506a0822d1e639a1f60f

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x: 69
cache-control: private
x-amz-cf-id: xNgD1QXisAKkEcr-kdiv0wa8zM69szRa7mPvgny1-e0n49fLCsevdA==

GET
H2 200 getads.aspx Show response
js1.bloggerads.net/ 1 KB
942 B 643ms
642ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/getads.aspx?blogid=20100708000034&fid=2&c=b5744200&d=1&sh5=1&sflash=0&isc=1&w=1600&isw=0&hw=880&cw=0
Requested by: Host: js1.bloggerads.net
URL: https://js1.bloggerads.net/contentads.aspx?blogid=20100708000034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 981603e37bad397f86a5e954e2ac7dc93b7602abaeefc6dda00b6f9ae1e27180

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x: 79
cache-control: private
x-amz-cf-id: _bTYNRL9yemfDgQmHM3eBiXMJaA-v1KiL-ZFt6e7V1wton2nSM9RqA==

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 77 KB
28 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a212353a7dc416f71554308bd27222e1bb3b3e0ce1f9b9f2301735f92cef67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:50:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28194
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 20:23:52 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Jun 2021 16:40:11 GMT

GET
H2 200 dd7010dfb728498aa1dd24ee6b4631f1.jpg
d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19044/ 53 KB
54 KB 8ms
7ms Image
image/jpeg 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19044/dd7010dfb728498aa1dd24ee6b4631f1.jpg
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: b6cf74e4b25552d895de4b33e35b99c9480e197ebc08d7f6df6e1bc37104b0ea

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 05:26:41 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Wed, 22 Apr 2020 02:13:09 GMT
server: Microsoft-IIS/7.5
age: 37766
x-powered-by: ASP.NET
etag: "eb9f82914b18d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 54722
x-amz-cf-id: vmr181SJrhNbGBTFDyvSYLdAx7m_IuTLyEFIK6xiLoz6FpBSpCU4CA==

GET
H3-29 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame DC08 54 KB
20 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=93932723763446822&blogName=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A+(CitySky+Wallpapers+Download...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.calindachan.gq/search&blogLocale=zh_TW&v=2&homepageUrl=https://www.calindachan.gq/&vt=5095529919011734333&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.bnEFfFZ9cyI.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e4c6a2963d2f1966e65304b327e435965f66c01ad2c22b9da636b770dfe1e55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s8TLtfwgho0Jlx6l2MX/VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "2f833259b70b8fc0d60c939935311197"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-s8TLtfwgho0Jlx6l2MX/VQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 24 Jun 2021 15:56:27 GMT

GET
H2 200 b.png
d1ypub5wfz82gq.cloudfront.net/AdsService/images/ 1 KB
2 KB 14ms
11ms Image
image/png 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/images/b.png?t=20170508v1
Requested by: Host: d1ypub5wfz82gq.cloudfront.net
URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/CSS/ba_ad.min.css?v=180717001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 1eb7795d3cb8974ee7c2a946f07ba60c07ae841962037b08fb99cb6f0f28fec0

Request headers

Referer: https://d1ypub5wfz82gq.cloudfront.net/AdsService/CSS/ba_ad.min.css?v=180717001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 11:49:26 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
etag: "a4b95c80d0d21:0"
last-modified: Fri, 19 May 2017 09:14:47 GMT
server: Microsoft-IIS/7.5
age: 14944
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1301
x-amz-cf-id: X1wItQSRleJrR-ZOHTtSOP711f-nKgNOKG3C9x-kBEmnBlYRHNNvMg==

GET
H3-29 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame DC08 907 B
928 B 13ms
11ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:17:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 16:54:12 GMT
server: sffe
age: 113914
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Wed, 30 Jun 2021 08:17:53 GMT

GET
H3-29 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame DC08 117 B
138 B 14ms
11ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 12:28:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 23:53:58 GMT
server: sffe
age: 98890
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Wed, 30 Jun 2021 12:28:17 GMT

GET
H2 200 19044
js1.bloggerads.net/Impression/-1783536430.HG48R2Vn/20100708000034/63760175766/2/2/ 43 B
359 B 353ms
351ms Image
image/gif 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js1.bloggerads.net/Impression/-1783536430.HG48R2Vn/20100708000034/63760175766/2/2/19044?c=b1469881973
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: image/gif
x: 79
cache-control: private
content-length: 43
x-amz-cf-id: JE1Hid5cvLLf_vaERyCRxCVStXwIFDEPvPW_tSfsC9R9xjzPjYBS5g==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame DC08 120 KB
41 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 01:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41292
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:21:40 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 01:50:35 GMT

GET
H2 200 c57b7d5179f8446f02c761cf62b7f5e9_4362.gif
crrepo.com/extban/261732420/creatives/23279294/ Frame 9828 208 KB
209 KB 66ms
27ms Image
image/gif 2606:4700:3038::6815:eb71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crrepo.com/extban/261732420/creatives/23279294/c57b7d5179f8446f02c761cf62b7f5e9_4362.gif
Requested by: Host: www.dexpredict.com
URL: https://www.dexpredict.com/ad/display.php?stamat=m%7C%2C4Y3e39jPqB1dAN0dEdHP3xP.f94%2CZMkKdRAQlkuDbgTABrav5JQs8F7IVWkr8qs2mfI9nuoyN_uszxrPWIdJjld0hcHMEDz1UGEeNCb9BteLLKSr2ZNKXXWp1k3yCUEe6Rsk9Ss%2C&cbrandom=0.9268100522331122&cbtitle=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A%20(CitySky%20Wallpapers%20Download%3A%20Calinda%20Chan)&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b76effe9eb7ccc773a851fb822c5e415da5f82932dcd385280f1864c6678a0

Request headers

Referer: https://www.dexpredict.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4645
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae055ba8f0000020d4829f000000001
last-modified: Tue, 25 May 2021 11:14:43 GMT
server: cloudflare
etag: W/"60acdc23-34056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yP34YDEAzahJAAfxZJHTy2RTS0%2FnJ%2BXSZElqAejPYBPMr1s3D4%2Bp6JSiTF3Y4OHBw7sKDnru9n3xH78ZEU%2Ben3CXjJqXfaVByzMM%2F2bf9aWebX8hTZgrZFlP9t%2BgOjQy8QvRoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 66472570ed7f020d-ZRH

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
636 B 15ms
14ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4150
cf-polished: origSize=1191
cf-request-id: 0ae055baec00004e9d40278000000001
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qVZd5YJrJIl6pEt6mGCRrKA0R%2BG%2FrgGMGgUbQI%2FeQoX9LASInZJbLr3DEqEz17HhMPIMdr1jEfwnB8cp7vFTkB7LGBR3RYrkKGl3u%2BomgAI%2FKIyto5E2BprzACvBDPxWCP3M%2B06wSm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 664725717aff4e9d-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame 1E85 6 KB
839 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Requested by

Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5712c0131d5a6e11f6c7004507d348fd2d08cda882f5b5825d2ed5a15a2aee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 15:55:16 GMT
server: ESF
date: Thu, 24 Jun 2021 15:56:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Jun 2021 15:56:27 GMT

GET
H2 200 js.4f048be827489257e393.js Show response
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/ Frame 1E85 129 KB
45 KB 36ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/js.4f048be827489257e393.js
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6149bfb02a86d6115969140d3e372a72da850ef65e8f6766091d289d78e02930

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 11:27:53 GMT
server: nginx
etag: W/"5c90d239-205d6"
x-cached-since: 2021-06-23T16:41:04+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
expires: Sat, 07 Nov 2020 13:26:44 GMT

GET
H2 200 css.4f048be827489257e393.js Show response
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/ Frame 1E85 73 KB
18 KB 39ms
10ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/css.4f048be827489257e393.js
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0f103718c62f24a6775f5a910438714019abffe33986f5b52909b05f2177ef1e

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 11:27:53 GMT
server: nginx
etag: W/"5c90d239-123e6"
x-cached-since: 2021-06-22T17:13:24+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
expires: Thu, 27 May 2021 17:09:25 GMT

GET
H2 200 WOT_History_1920x1080_40.jpg
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/videoback/elements/freeze/3154040/ Frame 1E85 364 KB
365 KB 9ms
8ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/videoback/elements/freeze/3154040/WOT_History_1920x1080_40.jpg
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:37:07 GMT
server: nginx
etag: "5c90d463-5b11c"
x-cached-since: 2021-06-24T07:40:52+00:00
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 373020
expires: Thu, 24 Jun 2021 07:40:02 GMT

GET
H2 200 logo_1546528190.png
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/logo/elements/src/3154001/ Frame 1E85 7 KB
7 KB 11ms
6ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/logo/elements/src/3154001/logo_1546528190.png
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:27:50 GMT
server: nginx
etag: "5c90d236-1a06"
x-cached-since: 2021-06-23T23:05:31+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 6662
expires: Fri, 25 Jun 2021 23:05:31 GMT

GET
H2 200 wg_logo_1546947794.png
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/PL/copyright/elements/logo_image/1/ Frame 1E85 2 KB
2 KB 8ms
5ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/PL/copyright/elements/logo_image/1/wg_logo_1546947794.png
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:27:50 GMT
server: nginx
etag: "5c90d236-624"
x-cached-since: 2021-06-24T14:12:16+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 1572
expires: Thu, 24 Jun 2021 14:11:41 GMT

GET
H2 200 pegi7.png
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/rating_list/elements/list1/elements/image/3154160/ Frame 1E85 3 KB
3 KB 8ms
6ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/rating_list/elements/list1/elements/image/3154160/pegi7.png
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 091c432155540f06eca320832ad227fdf0fa1cd129dac0388ff6b3bc3c579bdd

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:27:50 GMT
server: nginx
etag: "5c90d236-d44"
x-cached-since: 2021-06-23T19:55:07+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 3396
expires: Mon, 21 Jun 2021 18:40:08 GMT

GET
H2 200 pegi_viol.png
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/rating_list/elements/list2/elements/image/3154160/ Frame 1E85 5 KB
5 KB 8ms
6ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/rating_list/elements/list2/elements/image/3154160/pegi_viol.png
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 19fc3be1cc7cd043521359a10bc4be64ed7fc8cefb177e4baddbde045f2ee41c

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:27:50 GMT
server: nginx
etag: "5c90d236-13a2"
x-cached-since: 2021-06-23T23:34:23+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 5026
expires: Sat, 07 Nov 2020 13:26:44 GMT

GET
H2 200 pegi_online.png
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/rating_list/elements/list3/elements/image/3154160/ Frame 1E85 6 KB
6 KB 9ms
5ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/variative_content/EN/rating_list/elements/list3/elements/image/3154160/pegi_online.png
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ea6d0293bd2a0947ba0d1c560aee36396d1d7d571537f84021b4fadfba623a14

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:27:50 GMT
server: nginx
etag: "5c90d236-1820"
x-cached-since: 2021-06-23T15:33:19+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 6176
expires: Sat, 22 May 2021 15:24:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1E85 482 KB
98 KB 20ms
17ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58Z37MT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce678a5295d1fa2656f65c4f368df87e0f4f9be67496ef79fbf744fc31322681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100377
x-xss-protection: 0
expires: Thu, 24 Jun 2021 15:56:27 GMT

GET
H2 206 WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ Frame 1E85 256 KB
0 16ms
6ms Media
video/webm 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://worldoftanks.eu/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
server: nginx
etag: "752911-583e06c461b00"
x-cached-since: 2021-06-10T06:46:45+00:00
content-type: video/webm
Content-Range: bytes 0-7678224/7678225
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 7678225
expires: Fri, 10 Jun 2022 06:46:45 GMT

GET
DATA 200
OK truncated
/ Frame 1E85 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3d1346adddf23ce81ce0fd7fa1974c9c78b476b288a6424cef0d7544160b4d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 2599b00ad37d2e60b0ab86a3bcd2b566.png
cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/ Frame 1E85 3 KB
3 KB 7ms
6ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-wglc.gcdn.co/uploads/public/layouts/2019_03_19__11_27_48_videoback/2599b00ad37d2e60b0ab86a3bcd2b566.png
Requested by: Host: worldoftanks.eu
URL: https://worldoftanks.eu/join/5386_PL1?pub_id=2057567&xid=16245501860628675500100114859335801&xid_param1=2057567&xid_param2=248273220&sid=SIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg&enctid=ccbyz98ig749&lpsn=WOT_WLAP_Global_SOI&foris=1&teclient=1624550187499705259&utm_source=networks&utm_medium=affiliate&utm_campaign=bipwac7m&utm_content=2057567
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 624f82bf95cec1a78e0751f6124e924e7e923e0581b66997aec145dd14bbcbba

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:27 GMT
last-modified: Tue, 19 Mar 2019 11:27:51 GMT
server: nginx
etag: "5c90d237-d56"
x-cached-since: 2021-06-23T20:57:02+00:00
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800, public
cache: HIT
accept-ranges: bytes
content-length: 3414
expires: Fri, 11 Jun 2021 20:55:13 GMT

GET
DATA 200
OK truncated
/ Frame 1E85 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f40105ee1b6962a6a02570a968c7c690caba15490e3d456978e0648bf5404d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 252 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac92bcfa28eaff47258e9605aeb2c504917b80f861571a2d75c28c3dd1a94aa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 447 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0776cc287769a86ab030d70d3cb63cf6996b0583edc61191cf50d5a0fe4abb80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8d344a717b441f6abd1c21b214314a6443146cba44b8c225f87ef287b7831b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 441 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 052adb1ac898a8918ac9ff0704ee4d2cd282fe766a5c0de8e5e09ea417b6e99d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 430 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27d2f738bc11fbfb7c7af8efabb0030e03ef75909c870ca052a867da7f2eeb33

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65fd549db52b4b12e6fa11cf626ea3d3214e693253ba80de862b09ca46679dec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 258 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93276a6876e4698e0491191930dac2403a5d446048abe40cb0fc8661f29a2b05

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 426 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d18600e7677d2c84e31cddd50ff9fc2cde2bf74ab4a049c98e3613032c8460c2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52c162943e5392d51bd534cbdd72655502972d9cd5b908bd1e057e078e76ca15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 558 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35adf751a991c30caa1b9662049134700331ce56992fdc3d586d93b1cc8d02d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 320 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6df5ea7df89feecad0a793c93e6231239ce316df79c9846cb73d8366663e179e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f73e6af371eba16138589ec3d81dbfa6761d2efd162f087d9812c731f0733df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 446 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29ffe440aca69fbd253d9a359ad33e9415990da3765430e48de038dad55431bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70868835ac5f7bc32838a476dc708705ac4dbdedfa29cd308fb3b9e0a167abca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3adb8c422ebcb60634eb521d7db7d8cdb61c832e9ffd902b05fd60d901b7a793

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4154cbba41b9f445411d869bc223921d00d77ac7d41905a3547e365a3a7fdf0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 378 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f65a266e9b87eaa1506e01d2ecd974362a22a292ed3d31b65634752b9451c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 1009 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61f6420b36d798c7b7fd372000335c7dc5a63b57210e614caa6285fd72fffb8a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 856f1c3170cf33d6426fcc7d50c8b246d522190ff207f8b4a78f16ab38ed62c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 581ca0044c7f3f2680eec98b3941d4b9f8e3a8ca1862620782229c05c2fe3ec8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 359 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe3a8dc895bd7f597b383a3716dfff76789cd633160d30133371299d3241520

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 541 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3b2bb6f883ba0a5b362d7d5c9339b12b397e2651f03aa6bf461d9873527b381

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 448 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f49ed414b1242b08b0db0b7d438c942310985d4cbd8e7b11a4d71b9c250df89d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a00d5f4d802d0b93811bc29f7813bf2ae52abb4d828bde53038db010dc884ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E85 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e04cdab9a3bdbb6637ed88612083b13247fd18d9fb629a41e48db53127a5573

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1E85 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://worldoftanks.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:28:07 GMT
x-content-type-options: nosniff
age: 167300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 17:28:07 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1E85 10 KB
10 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a665b3ad14cb2075a396c2c542ea83c928fbcfb08160330bdec73177c63cc97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://worldoftanks.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 10:51:01 GMT
x-content-type-options: nosniff
age: 191126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9908
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 10:51:01 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1E85 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://worldoftanks.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 19:34:25 GMT
x-content-type-options: nosniff
age: 159722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 19:34:25 GMT

GET
H3-29 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1E85 12 KB
12 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://worldoftanks.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 03:26:27 GMT
x-content-type-options: nosniff
age: 45000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 03:26:27 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1E85 12 KB
12 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e13e58861d0d8000aa6c0b58204094359a1614ab079848ba8ba3a7f06028066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://worldoftanks.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 19:34:25 GMT
x-content-type-options: nosniff
age: 159722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12080
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:36 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 19:34:25 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1E85 6 KB
6 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:400,700&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea0579ddbb8b5673229268100d442a73d500d5bbcbcb86b7510d1ad8a9e2d5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://worldoftanks.eu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 13:40:54 GMT
x-content-type-options: nosniff
age: 180934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5808
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 13:40:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 37ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210621&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ce90e2e0c42b86375b00a554c31fb7c2b4f98fdede5a6433aec39168668c2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7937
x-xss-protection: 0

GET
H2 200 1050234869-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
7 KB 14ms
9ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/1050234869-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/4165186901-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 01:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 02:54:23 GMT
server: sffe
age: 52496
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6542
x-xss-protection: 0
expires: Fri, 24 Jun 2022 01:21:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1E85 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58Z37MT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 980
date: Thu, 24 Jun 2021 15:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 24 Jun 2021 17:40:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 1E85 94 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58Z37MT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-xss-protection: 0
pragma: public
x-fb-debug: GKDyfuqWQFz6S17CZrIbn1iWG2TSVQz0M9XhmgkI08lJDls60OO1usprpqmWLFfp+kcqJQsTr7vT0VAl7AxriA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 24 Jun 2021 15:56:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 1E85 30 KB
9 KB 50ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref: Ref A: C28394B31F8E4D5AB42C0BFF57E77A56 Ref B: FRAEDGE1308 Ref C: 2021-06-24T15:56:28Z
etag: "0d2a696ff53d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9008

GET
H3-29

200

activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D1624550186... Show response
10697551.fls.doubleclick.net/ Frame 1FA8
Redirect Chain

https://10697551.fls.doubleclick.net/activityi;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D1624550...
https://10697551.fls.doubleclick.net/activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%...

1 KB
683 B

125ms
65ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10697551.fls.doubleclick.net/activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58Z37MT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

e9e184a14b756326463f2cfb6f4afa0a8507314ed8ec41f8ab6a4fa58adbfde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10697551.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://worldoftanks.eu/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 15:56:28 GMT
expires: Thu, 24 Jun 2021 15:56:28 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 658
x-xss-protection: 0
set-cookie: IDE=AHWqTUmD-zmTfNHIBeQaNvrZBB_50ByYT2bMXvKfvhPKbtA0keqQVlAEQLW8mX9RSQQ; expires=Tue, 19-Jul-2022 15:56:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 15:56:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10697551.fls.doubleclick.net/activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 1E85 219 KB
70 KB 46ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0787fb611575c72525848d8e7bd72fb5d5d2252043c6ac833380d1f36ba87ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: br
last-modified: Tue, 22 Jun 2021 16:02:15 GMT
etag: "60d2023f-11667"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71271
expires: Thu, 24 Jun 2021 16:56:28 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ Frame 1E85 24 KB
10 KB 267ms
89ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

05d9cc2d48e07a8936fdd242ade799e8a30e53614ae506a1b789ace79d61eccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 23 Jun 2021 12:45:43 GMT
server: nginx
etag: W/"60d32cf7-60c9"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 24 Jun 2021 16:56:28 GMT

GET
H/1.1 200
OK campaign_data_gtm_sender.js Show response
tenor.wargaming.net/assets/campaigns/static/ Frame 1E85 19 KB
7 KB 171ms
54ms Script
application/javascript 92.223.21.23
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.223.21.23 Luxembourg, Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS: ed-v-platform-edcrowd-2-vip-2101-fe.fe.core.pw
Software: openresty /
Resource Hash: 2fdf96c93ca806e280a916694711653bcf3f0e0294693ed086e34e7e5d51368a

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 15:56:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 09:17:28 GMT
Server: openresty
ETag: W/"60a77aa8-4ced"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 1E85 3 KB
2 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c8e8858a647da18f977643185f1d74b72ad73eb82eab19e09e0b25dc972f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vkmWbKGM3P2JcThN/TYcSQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Jun 2021 15:58:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: +9lR4YBgyE+t2Lim9YWmqZxK9IOsDBm1eWGzRV4cnjWFc57hwk0l0fegVtTDRM+KjmwSArth6oFMXr4ctXeCCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: bfc2acd05f0561d10066ecec661693e0
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Jun 2021 15:56:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "77a13388ad3db65e75372a28ad8aaf73"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 8DD9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%...
https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%...

64 B
760 B

224ms
223ms

Document
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%3D7823856120802%3Bp%3DB725FD14-7FDF-50A6-7316-586DE20A88EF&cb=393549218586144900&dcc=t
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://worldoftanks.eu/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A5VWnQEBzUDzr9vSEzcdjMM|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://worldoftanks.eu/

Response headers

Server: Server
Date: Thu, 24 Jun 2021 15:56:28 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A5VWnQEBzUDzr9vSEzcdjMM; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 15:56:28 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 15:56:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

Redirect headers

Server: Server
Date: Thu, 24 Jun 2021 15:56:28 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3Db725fd14-7fdf-50a6-7316-586de20a88ef%26type%3DUNKNOWN%26m%3D3&ex-fch=416613&ex-src=https://worldoftanks.eu/&ex-hargs=v%3D1.0%3Bc%3D7823856120802%3Bp%3DB725FD14-7FDF-50A6-7316-586DE20A88EF&cb=393549218586144900&dcc=t
Set-Cookie: ad-id=A5VWnQEBzUDzr9vSEzcdjMM|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 15:56:28 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 hmx000000000054.js Show response
u360.d-bi.fr/ Frame 1E85 10 KB
4 KB 227ms
66ms Script
application/javascript 3.248.13.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://u360.d-bi.fr/hmx000000000054.js

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.13.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-13-47.eu-west-1.compute.amazonaws.com

Software

hmxps /

Resource Hash

a2a78ba837e008f9bbef6b99c516b80f38084e60613e47f9b43a8230a4115a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
cache-control: public, max-age=60
x-myname: 0ca44190a60401517
server: hmxps
content-encoding: gzip
strict-transport-security: max-age=63072000
content-type: application/javascript

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1334208/ Frame 1E85 70 KB
23 KB 149ms
43ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1334208/tfa.js
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f767dca9d470e07145ebd98e385b659e2ee82a360d41cbfb81ef22ed26dcd1d0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fyelCQR.vdUzjWvvOoSZFdaLNpOMLmWm
content-encoding: gzip
etag: "c6bb407c96bac251ea853a9fcc2d5ec4"
age: 83
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 23465
x-amz-id-2: 5JVG2SdOsUDVuC6Gj9rVNQMtGsmslF/q58dArS1MPdYoO6W9MOJe2RA5/+V/mZIhI1O35PsdXCg=
x-served-by: cache-hhn11542-HHN
last-modified: Wed, 16 Jun 2021 10:51:08 GMT
server: AmazonS3
x-timer: S1624550188.415737,VS0,VE0
date: Thu, 24 Jun 2021 15:56:28 GMT
vary: Accept-Encoding
x-amz-request-id: XM5MADPGYY5FVQS3
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 68
x-cache-hits: 4

GET
H2

200

oct.js Show response
static.ads-twitter.com/ Frame 1E85
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

143ms
46ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
via: 1.1 varnish
last-modified: Mon, 21 Jun 2021 21:05:34 GMT
age: 58651
etag: "cf581d46c3059bf617cb7f732c21a59e+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1624550188.446287,VS0,VE0
x-served-by: cache-hhn11567-HHN

Redirect headers

x-tw-cdn: VZ
Date: Thu, 24 Jun 2021 15:56:28 GMT
Server: ECS (frb/6763)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H/1.1 200
OK retargeting.js Show response
c.imedia.cz/js/ Frame 1E85 25 KB
9 KB 61ms
19ms Script
application/javascript 2a02:598:a::79:33
SEZNAM-

General

Check archive.org

Show headers Download Go to

Full URL: https://c.imedia.cz/js/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:598:a::79:33 , Czech Republic, ASN43037 (SEZNAM-, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 84117cfabf1791283340c3930a9fe11c450e412280de4603b6271ce58b95c2ee

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 15:56:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Nov 2020 07:36:50 GMT
Server: nginx
ETag: W/"5fbb6692-65d8"
Vary: Accept-Encoding
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
access-control-allow-origin: *
Cache-Control: no-cache, private, max-age=0, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Thu, 24 Jun 2021 15:56:27 GMT

GET
H3-29

200

5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_75...
adservice.google.com/ddm/fls/z/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/ Frame 1E85
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9463992;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;d...
https://ad.doubleclick.net/ddm/activity/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwa...
https://adservice.google.com/ddm/fls/z/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac...

42 B
63 B

57ms
53ms

Image
image/gif

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=216760769

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9463992;dc_pre=CK3hm4fRsPECFZXOsgodhS0EPg;type=acqpa00;cat=woteu000;u2=https://worldoftanks.eu/join/5386_PL1;u3=WOT_WLAP_Global_SOI;u4=affiliate;u5=bipwac7m;match_id=1624550187499705259;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=216760769
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 1E85
Redirect Chain

https://secure.adnxs.com/seg?add=24477938&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24477938%26t%3D2

43 B
1022 B

464ms
462ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24477938%26t%3D2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 15:56:28 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 08bd7375-90f9-44de-9e6f-f69a087f0e83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 15:56:28 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 051560ad-5fd1-4c20-a838-62be038c5168
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24477938%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D1624550186062867550010...
10697551.fls.doubleclick.net/ Frame 1E85 0
0 61ms
52ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10697551.fls.doubleclick.net/activityi;register_conversion=1;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 4051313055-lbx__zh_tw.js Show response
www.blogger.com/static/v1/jsbin/ 377 KB
377 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/4051313055-lbx__zh_tw.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/4165186901-widgets.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a2b0088aa1ccc63098e272ff4d098dc8cb386798dde7838833e9827613ef90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 02:38:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 01:57:40 GMT
server: sffe
age: 134279
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 386407
x-xss-protection: 0
expires: Thu, 23 Jun 2022 02:38:29 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 24 Jun 2021 15:56:28 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 1E85 246 KB
73 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c98560224d87fbd5a03ee95a2bd9d69c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

313d564fb7e012422c077165d31f2c174db39ef48bf2672c9e6256fa20d7e882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://worldoftanks.eu
Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: q3kCOO4/zaHX7JcMHQp5wA==
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Jun 2022 15:03:28 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74301
x-fb-rlafr: 0
x-fb-debug: lDHZ2POefIl32iVnu9G1vUDJC3/ZYC27CymFdMjZF7orEIxqxkUMW0gWW6qP3o/VrwY4RJluFWtrri4EpfousQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: bb95f5d2777635215d6c8256ed5b762a
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Jun 2021 15:56:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8ef0686654301946999f3e6d7a766e72"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 1E85 11 KB
5 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.41

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: HzFY7vurEnfi1Nqs/ua+gv0f/YVMdDYFJEyeWHwor3OYr2YUc518ae3shdab3+CX7NfM8LfVVp65uxb6YJDxcQ==
x-frame-options: DENY
date: Thu, 24 Jun 2021 15:56:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 722630277830558 Show response
connect.facebook.net/signals/config/ Frame 1E85 262 KB
75 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/722630277830558?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bfe39f0c36c3620ee0bc1b2365128845ac3f189f830fce112643860d4d9ecca5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76658
x-xss-protection: 0
pragma: public
x-fb-debug: CQaoaFYvflejkSx5Xg6cAvEo9HcYGrLpZjiDhWZkgrM/pOnvQ0GjPgeL917n5ZagXleU2/RFbRvYITiAv/Z2pg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 24 Jun 2021 15:56:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 26043906.js Show response
bat.bing.com/p/action/ Frame 1E85 0
151 B 29ms
28ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26043906.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 15:56:27 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 6D80057CF50F4F8D9EEF5AA56FFCAAE9 Ref B: FRAEDGE1308 Ref C: 2021-06-24T15:56:28Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 1E85 0
149 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26043906&tm=gtm001&Ver=2&mid=79efb40c-fe9e-4ba9-85a4-71d937fd5ca3&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=World%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo!&kw=World%20of%20Tanks%20to%20nagradzana%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Wybieraj%20spo%C5%9Br%C3%B3d%20ponad%20550%20ameryka%C5%84skich,%20radzieckich,%20niemieckich,%20francuskich,%20brytyjskich,%20japo%C5%84skich,%20chi%C5%84skich,%20czechos%C5%82owackich,%20szwedzkich,%20w%C5%82oskich%20i%20polskich%20pojazd%C3%B3w%20pancernych%20i%20do%C5%82%C4%85cz%20do%20za%C5%BCartych,%20dru%C5%BCynowych%20pojedynk%C3%B3w%20gracz%20przeciwko%20graczowi%20ju%C5%BC%20od%20samego%20pocz%C4%85tku.&p=https%3A%2F%2Fwww.calindachan.gq%2F&r=&lt=1219&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=536507
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 24 Jun 2021 15:56:27 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 632A8F6F52CB4C0CBB014CF862290B78 Ref B: FRAEDGE1308 Ref C: 2021-06-24T15:56:28Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C996 12 KB
5 KB 18ms
12ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 24 Jun 2021 15:51:47 GMT
expires: Fri, 24 Jun 2022 15:51:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F79 783 B
782 B 26ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6eeea2f152be01f89d5adfc79f108b4e7c48b87e169a7c831ec0fbf953bc219d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IFKXvmSXJOtanlwaGVMm5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

expires: Thu, 24 Jun 2021 15:56:28 GMT
date: Thu, 24 Jun 2021 15:56:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IFKXvmSXJOtanlwaGVMm5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 206 WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ Frame 1E85 10 KB
10 KB 7ms
5ms Media
video/webm 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f77b026e0303541dc691732031bace797a9ebc1b41bd8459fc74573ee381c1a8

Request headers

Referer: https://worldoftanks.eu/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=7667712-

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
server: nginx
etag: "752911-583e06c461b00"
x-cached-since: 2021-06-10T06:46:45+00:00
content-type: video/webm
Content-Range: bytes 7667712-7678224/7678225
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 10513
expires: Fri, 10 Jun 2022 06:46:45 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 1E85 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=251539438869375&ev=fb_page_view&dl=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&rl=https%3A%2F%2Fwww.calindachan.gq%2F&if=true&ts=1624550188454&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Jun 2021 15:56:28 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/45727869/ Frame 1E85
Redirect Chain

https://mc.yandex.com/watch/45727869?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_par...
https://mc.yandex.com/watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_p...

335 B
417 B

46ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A1%3Adp%3A0%3Als%3A1398019670146%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550188%3Ac%3A1%3Arn%3A603746824%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo%21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c1dc9816def90ce27d187e130a69fd6870fd88a14b223b8443bf9d92b5a6df89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 24-Jun-2021 15:56:28 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://worldoftanks.eu
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Thu, 24-Jun-2021 15:56:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Thu, 24-Jun-2021 15:56:28 GMT
location: /watch/45727869/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A1%3Adp%3A0%3Als%3A1398019670146%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550188%3Ac%3A1%3Arn%3A603746824%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo%21
strict-transport-security: max-age=31536000
access-control-allow-origin: https://worldoftanks.eu
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 24-Jun-2021 15:56:28 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71343676/ Frame 1E85
Redirect Chain

https://mc.yandex.com/watch/71343676?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_par...
https://mc.yandex.com/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_p...

316 B
370 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A2%3Adp%3A0%3Als%3A1066829887526%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550189%3Ac%3A1%3Arn%3A138172241%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo%21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4831eeca99586988b43953f8786daff154fcc0a49dba02c1ec43e1ca3b135d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 24-Jun-2021 15:56:28 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://worldoftanks.eu
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Thu, 24-Jun-2021 15:56:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Thu, 24-Jun-2021 15:56:28 GMT
location: /watch/71343676/1?wmode=7&page-url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&page-ref=https%3A%2F%2Fwww.calindachan.gq%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afp%3A1067%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A2%3Adp%3A0%3Als%3A1066829887526%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550189%3Ac%3A1%3Arn%3A138172241%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1624550186973%3Ads%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C106%2C95%2C1219%2C1219%2C0%2C943%3Adsn%3A2%2C213%2C53%2C2%2C554%2C0%2C%2C117%2C95%2C1219%2C1219%2C0%2C943%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo%21
strict-transport-security: max-age=31536000
access-control-allow-origin: https://worldoftanks.eu
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 24-Jun-2021 15:56:28 GMT

GET
H3-29 200 1718251885070520 Show response
connect.facebook.net/signals/config/ Frame 1E85 262 KB
75 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1718251885070520?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ba2bfb23ec0f2c230170e64d353ef80de7e47defe56bbfc60e000f1c6d2ff52

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76739
x-xss-protection: 0
pragma: public
x-fb-debug: SmPynYiSyWDZ2OscXyA8Az2Wb9N/TyylepzZ5AvQG9XrbNivX2EicVpWIWyOG5xB9O/Bp4+S54a8r71bjpCTTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 24 Jun 2021 15:56:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 1E85 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&rl=https%3A%2F%2Fwww.calindachan.gq%2F&if=true&ts=1624550188544&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&it=1624550188379&coo=false&tm=1&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 24 Jun 2021 15:56:28 GMT

GET
H2 206 WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ Frame 1E85 320 KB
0 6ms
5ms Media
video/webm 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://worldoftanks.eu/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=196608-

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
server: nginx
etag: "752911-583e06c461b00"
x-cached-since: 2021-06-10T06:46:45+00:00
content-type: video/webm
Content-Range: bytes 196608-7678224/7678225
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 7481617
expires: Fri, 10 Jun 2022 06:46:45 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 1E85 43 B
186 B 49ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Tue, 22 Jun 2021 16:02:15 GMT
etag: "60d2023f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 24 Jun 2021 16:56:28 GMT

GET
H2 200 000000000054.gif
u360.d-bi.fr/ Frame 1E85 43 B
255 B 69ms
69ms Image
image/gif 3.248.13.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u360.d-bi.fr/000000000054.gif?c=D454609AC23B2F899887E0A724CDEC83-36f369caac98&cgen=1&user_id=YW5vbnltb3Vz&step=b3RoZXI=&hmxtagid=4.3.0&u=aHR0cHM6Ly93b3JsZG9mdGFua3MuZXUvam9pbi81Mzg2X1BMMT9wdWJfaWQ9MjA1NzU2NyZ4aWQ9MTYyNDU1MDE4NjA2Mjg2NzU1MDAxMDAxMTQ4NTkzMzU4MDEmeGlkX3BhcmFtMT0yMDU3NTY3JnhpZF9wYXJhbTI9MjQ4MjczMjIwJnNpZD1TSURLaXNZMk5VMjQtbkJ0OVlsQUJDcERHNzhIbDl5Wjl3V1AxOG9UTkhWQmp1NUhzcF84TWN4bFkyRWV5NnBPcVBRWmRRWVJfZ1BMNEFZNFlUWGpxOFFpZ1A2NHhyZGFPUGducWFaOVpyV0lIVGhHaUJ3MG5XTmI4S00ySXFwVEUwbWNBaU5lUHF0SE0wNk1nJmVuY3RpZD1jY2J5ejk4aWc3NDkmbHBzbj1XT1RfV0xBUF9HbG9iYWxfU09JJmZvcmlzPTEmdGVjbGllbnQ9MTYyNDU1MDE4NzQ5OTcwNTI1OSZ1dG1fc291cmNlPW5ldHdvcmtzJnV0bV9tZWRpdW09YWZmaWxpYXRlJnV0bV9jYW1wYWlnbj1iaXB3YWM3bSZ1dG1fY29udGVudD0yMDU3NTY3&hmxts=1624550188601&hmxtzoffset=LTEyMA==&hmxtzname=RXVyb3BlL0Jlcmxpbg==&navlang=ZW4tVVM=&hmxdnt=MA==&r=aHR0cHM6Ly93d3cuY2FsaW5kYWNoYW4uZ3Ev&hmx_send_ts=1624550188605&hmx_new_session=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.13.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-13-47.eu-west-1.compute.amazonaws.com
Software: hmxps /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 15:56:28 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate
server: hmxps
content-type: image/gif
x-myname: 0e3c1b6c2f72989ab
expires: Mon, 21 Jan 1980 12:00:00 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ Frame 1E85 43 B
890 B 86ms
85ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3084594;u=https%3A//worldoftanks.eu/join/5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;r=https%3A//www.calindachan.gq/;st=1624550187916;pid=USER_ID;title=World%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo!;s=1600*1200;vp=1600*1146;touch=0;hds=1;flash=;sid=78c2986565127fe3;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9//4g/0/0/;lvid=1624550188608%3A1624550188610%3A1%3A3e25c915dd50a7b18ab14f841afc90d3;opts=dl;_=0.5934048234956872

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://worldoftanks.eu
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://worldoftanks.eu
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: https://worldoftanks.eu
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ Frame 1E85 43 B
890 B 87ms
87ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3084594;u=https%3A//worldoftanks.eu/join/5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;r=https%3A//www.calindachan.gq/;st=1624550187916;pid=USER_ID;s=1600*1200;vp=1600*1146;touch=0;hds=1;flash=;sid=78c2986565127fe3;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1624550186973/////554/556/558/558/771/587/771/824/826/837/943/943/1038/1219/1219/1219;ni=9//4g/0/0/;lvid=1624550188608%3A1624550188612%3A2%3A3e25c915dd50a7b18ab14f841afc90d3;opts=dl;_=0.12468524573710438;e=RT/load;et=1624550188611

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://worldoftanks.eu
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://worldoftanks.eu
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: https://worldoftanks.eu
access-control-allow-headers: *

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 1E85 31 B
234 B 242ms
150ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o5hs7&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.calindachan.gq%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 24 Jun 2021 15:56:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8bce87ba96e6a1f9af11177a9c6ce00d52d42861df6dc48cea9e439ccda4ec6a
x-transaction: d5f71c26d4c29b91
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 1E85 43 B
118 B 241ms
149ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o5hs7&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.calindachan.gq%2F&tw_document_href=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 24 Jun 2021 15:56:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c2c69a89d3881503c33a7f4c8e586b7ed928927a06762d5f97fc026af3a97595
x-transaction: 4722fef270cc2da9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ Frame 1E85 31 B
658 B 239ms
148ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o5hsb&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.calindachan.gq%2F&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 24 Jun 2021 15:56:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8bce87ba96e6a1f9af11177a9c6ce00d52d42861df6dc48cea9e439ccda4ec6a
x-transaction: 1c96b3af4b4cb813
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ Frame 1E85 43 B
455 B 239ms
148ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.0&p_id=Twitter&p_user_id=0&txn_id=o5hsb&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=1&tw_document_referrer=https%3A%2F%2Fwww.calindachan.gq%2F&tw_document_href=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 24 Jun 2021 15:56:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c2c69a89d3881503c33a7f4c8e586b7ed928927a06762d5f97fc026af3a97595
x-transaction: e5c32e373ec663f2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
Ok retargeting
c.seznam.cz/ Frame 1E85 43 B
511 B 57ms
17ms Image
image/gif 2a02:598:2::60
SEZNAM-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.seznam.cz/retargeting?id=127219&url=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:598:2::60 , Czech Republic, ASN43037 (SEZNAM-, CZ),

Reverse DNS

Software

nginx /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 15:56:28 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP="NON DSP COR TAI NOR UNI", policyref="/w3c/p3p.xml"
Connection: keep-alive
Strict-Transport-Security: max-age=63072000
Content-Type: image/gif
Content-Length: 43

GET
H3-29 200 /
www.facebook.com/tr/ Frame 1E85 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=722630277830558&ev=PageView&dl=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&rl=https%3A%2F%2Fwww.calindachan.gq%2F&if=true&ts=1624550188635&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&it=1624550188379&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 24 Jun 2021 15:56:28 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame 1E85 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1718251885070520&ev=PageView&dl=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&rl=https%3A%2F%2Fwww.calindachan.gq%2F&if=true&ts=1624550188641&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&it=1624550188379&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 24 Jun 2021 15:56:28 GMT

GET
H2 200 dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500...
adservice.google.com/ddm/fls/z/ Frame 1FA8 42 B
107 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567

Requested by

Host: 10697551.fls.doubleclick.net
URL: https://10697551.fls.doubleclick.net/activityi;dc_pre=CJrHmIfRsPECFeIi0wod8gsBkA;src=10697551;type=pagev0;cat=allvi0;ord=6821894696096;gtm=2wg6g0;u1=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;ps=1;~oref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10697551.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 71343676 Show response
mc.yandex.com/watch/ Frame 1E85 43 B
73 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71343676?page-url=goal%3A%2F%2Fworldoftanks.eu%2FWOWS_All-visitors_LP_set&page-ref=https%3A%2F%2Fworldoftanks.eu%2Fjoin%2F5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A17qw5la3isc39an05%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A573%3Acn%3A2%3Adp%3A1%3Als%3A1066829887526%3Ahid%3A387962893%3Az%3A120%3Ai%3A20210624175628%3Aet%3A1624550189%3Ac%3A1%3Arn%3A180025395%3Au%3A16245501881038575250%3Aw%3A1600x1146%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1624550186973%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1624550189%3At%3AWorld%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo!

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Thu, 24-Jun-2021 15:56:28 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://worldoftanks.eu
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 24-Jun-2021 15:56:28 GMT

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame C996 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 08:36:29 GMT

GET
H2 206 WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ Frame 1E85 64 KB
0 7ms
5ms Media
video/webm 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://worldoftanks.eu/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=524288-

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
server: nginx
etag: "752911-583e06c461b00"
x-cached-since: 2021-06-10T06:46:45+00:00
content-type: video/webm
Content-Range: bytes 524288-7678224/7678225
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 7153937
expires: Fri, 10 Jun 2022 06:46:45 GMT

GET
H2 206 WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ Frame 1E85 7 MB
7 MB 6ms
6ms Media
video/webm 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4461dd1e13bb95d81f2569ba45def6282d613c3870a997550eb301079b253269

Request headers

Referer: https://worldoftanks.eu/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=589824-

Response headers

x-id: fr5-up-gc31
date: Thu, 24 Jun 2021 15:56:28 GMT
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
server: nginx
etag: "752911-583e06c461b00"
x-cached-since: 2021-06-10T06:46:45+00:00
content-type: video/webm
Content-Range: bytes 589824-7678224/7678225
cache-control: max-age=290304000, public
cache: HIT
Content-Length: 7088401
expires: Fri, 10 Jun 2022 06:46:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210621&jk=3876172495344729&bg=!hYalhsLNAAZktE7iZLQ7ACkAdvg8WqIaz33PnrN91LrRH3y_qc_DtfxmV3ZxooRZBDVjA2RSZ6pP3QIAAAEJUgAAAAxoAQcKABB0e4wTmqh_a3ItZCTPpzsPmQJsaguRPVNQT6P0Locas1vqfhKqfEAAkY99EW5P3NqzPdJkYL3A-_-BGFnbO6f1P3TeU7hG3N-hm8mSoMK4WT_sO2UKEIcJ2_kNcsecfAgxt-8IyRVT2qT9guUI9EexOiw1Ljve2RpPyv1ySY2VtxDUs46ej6Y7mJltu_LoeZFdAIIfG8Rq9VHqcN_y1f4Z9bGo1Cmu4LK2vW5DxkwxkjDnB-PY8rbOKSkb_2SheavOUb7YNOYVIKUOkzkvxcQpJGVqKVW7PW6uR7Dn0iDCB-HWNsmyve7eCIGDIDVx3WqGhRB5C-8Hz90khRPyuzS3QihAF74B-Nn0gQ4xxx4pTlg3LSIkBBx6IsgoWUsmZttSj6RFNBryr-mhKvEPrppcYY6_epG-6KDwAKT5CtYpaKZNA99bmIBbG3uRFCJOOTQS99KoJyOK3jm9tBH2iTQQ9z9en0MmdYe6svFB3WR60NAi27G-6migD3H85vU6IFxASlA54ZTjXJrxZLSq29rzULOGberVqHIy96XPyKQR5htjdhAOkBBdkpIvSa1YDiPZkQ08RFcn9Gn9lqEsLgrTQiRAB-IKs4P91yfU5t2ogDq1jkCkqjT5vNhtEvgQkbsVeDLQWGBA_G_cYDCF6WYjnfXYNsFTvKyX8Neor53cawmVChWwiSpKh6DpP7Hj2OkGUCoNOJE9Mx2P-T9x24VlQdShesp2I9pmB5BuXXcmd-anpoxm0b0hrFXHLfFCrspK7xTA7M7VBKm03tQztcNcZTRoG69A1KFxlCABGJcS6ZtX1vD7xa-6DHrLXBzvxKdSPa9Am0gpwMfSxOlC_fE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 i.php
www.dexpredict.com/script/ Frame 9828 0
40 B 172ms
171ms Image
text/plain 35.201.90.210
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dexpredict.com/script/i.php?stamat=m%7C%2C%2CQhejY3OmtGU3BE9GH0dEdHP3xP.940%2COnH-8SYQ4a87w-_3uy_bKkuHfwNroFqeOnay0cXMfhpzEe59nDu82r_5Thv1YAENut6rbXnJ87iz_D43TszEXvy4CnGSP5WF9rfoddd15yD-aX2N6AtKZbMALjrj4ceJuE_Dp38eLDz4MRl26H6iCBed0VqSmzv2R_epoUf6gIkrSkOPD0k69Mgy5vxIXeSJibTkiSv4LKwRa7OHn_JOeZlDhkFmtIsad5c2UG6VCQrbtytGWIxVbXbZWnprfpc7PaMAwkkKJ3LKmg4XMRXiNEh7X1S2p96IJkBWPvTcpQPFs1IIyj_51elQZTFRDqCYgQBMP7kDZ7N6yTVfRsFv88_Q5XjCpqjosXaYqt_I1rmbj9YASo6d-H1QY2_miJ6OXqbjv62VVuzLJePuTXO5BHqOAadqr3YIm3YTQDj7njw%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.90.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 210.90.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dexpredict.com/ad/display.php?stamat=m%7C%2C4Y3e39jPqB1dAN0dEdHP3xP.f94%2CZMkKdRAQlkuDbgTABrav5JQs8F7IVWkr8qs2mfI9nuoyN_uszxrPWIdJjld0hcHMEDz1UGEeNCb9BteLLKSr2ZNKXXWp1k3yCUEe6Rsk9Ss%2C&cbrandom=0.9268100522331122&cbtitle=%E5%A4%A9%E7%A9%BA%E6%A1%8C%E9%9D%A2%EF%BC%9A%E9%99%B3%E8%8B%91%E8%94%9A%20(CitySky%20Wallpapers%20Download%3A%20Calinda%20Chan)&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 15:56:29 GMT
via: 1.1 google
referrer-policy: no-referrer
server: openresty
alt-svc: clear

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
496 B 546ms
142ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: c935d23da77ef2e1168f4d128f232e889d0076e3a9e95dfc53c32b6cf2d35e79

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.calindachan.gq
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 305 B
942 B 605ms
194ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.calindachan.gq&u=https%3A%2F%2Fwww.calindachan.gq%2F&xr=0&adid=ad-6AAAABE734968D2F67D47D6BAE8992&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4944526452560458&impr=%2F%2Fjs1.bloggerads.net%2FucFunnelImpression%2F-584440113.xZ4b8B2F%2F20100708000034%2F63760175774%2F1%3FReferer%3Dhttps%253a%252f%252fwww.calindachan.gq%252f
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: fe50813df7b00184be8821eeb6e9acf7f986f6719ba219cbf8ee2435c887f18f

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
x-width: 728
x-height: 90
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.calindachan.gq
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 305
x-adstyle: banner

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 305 B
943 B 622ms
200ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.calindachan.gq&u=https%3A%2F%2Fwww.calindachan.gq%2F&xr=0&adid=ad-9A222727AD3E7BEDF446A3D6632DD74A&w=160&h=600&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.370117032214589&impr=%2F%2Fjs1.bloggerads.net%2FucFunnelImpression%2F-1783536430.HG48R2Vn%2F20100708000034%2F63760175766%2F2%3FReferer%3Dhttps%253a%252f%252fwww.calindachan.gq%252f
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 39c02ba4a4c300e45c834227ebe0c62d6fbab1c827fa180d11c2689aef749ed8

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
x-width: 160
x-height: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.calindachan.gq
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 305
x-adstyle: banner

POST
H3-29 200 /
www.facebook.com/tr/ Frame 1E85 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryGPD4SrNt4StoW8vQ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 24 Jun 2021 15:56:30 GMT
content-type: text/plain
access-control-allow-origin: https://worldoftanks.eu
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 305 B
943 B 624ms
213ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.calindachan.gq&u=https%3A%2F%2Fwww.calindachan.gq%2F&xr=0&adid=ad-D2333E9DE6B989460D349AD98DE466A4&w=300&h=250&ver=UCX_WEB-20200113&pos=3&seq=2&cb=0.5612974701543616&impr=%2F%2Fjs1.bloggerads.net%2FucFunnelImpression%2F-584439911.1JS4V5wk%2F20100708000034%2F63760175775%2F4%3FReferer%3Dhttps%253a%252f%252fwww.calindachan.gq%252f
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7a51bdbe4882f8e43307bf9b1e40a0e52eef9704d0907e205e3f8e1c6a8dc7c2

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
x-width: 300
x-height: 250
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.calindachan.gq
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 305
x-adstyle: banner

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 305 B
943 B 622ms
205ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.calindachan.gq&u=https%3A%2F%2Fwww.calindachan.gq%2F&xr=0&adid=ad-D2333E9DE6B989460D349AD98DE466A4&w=300&h=250&ver=UCX_WEB-20200113&pos=3&seq=3&cb=0.484839722982249&impr=%2F%2Fjs1.bloggerads.net%2FucFunnelImpression%2F-584439911.1JS4V5wk%2F20100708000034%2F63760175775%2F4%3FReferer%3Dhttps%253a%252f%252fwww.calindachan.gq%252f
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7a51bdbe4882f8e43307bf9b1e40a0e52eef9704d0907e205e3f8e1c6a8dc7c2

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
x-width: 300
x-height: 250
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.calindachan.gq
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 305
x-adstyle: banner

POST
H3-29 200 /
www.facebook.com/tr/ Frame 1E85 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxuHA3Q6hrXvrYNVY

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 24 Jun 2021 15:56:30 GMT
content-type: text/plain
access-control-allow-origin: https://worldoftanks.eu
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 15E1 807 B
654 B 27ms
26ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.calindachan.gq/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 5977
cf-request-id: 0ae055c52700004e9d641cc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o5A0m6Q%2B5pzB49DWjISWCc5o66g6kOBwa22bzaP0FCMmqjFMG8ULWG4M1QjgLI1Y75p2rvkBS6tHgvJxiU8JunJ8ilQGG1KJ0u%2F58%2B3wcbPL9UpBHehKF5bX8glw%2FYZLxepKOuOmJO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 66472581d8254e9d-FRA
content-encoding: br

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
266 B 445ms
151ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 15E1 67 KB
24 KB 150ms
53ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

69be2b3422c16d57c5daf8b004e4a6e4d5e5c8a17d0606ddc31fa3e4049cd62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "911 / 281 of 1000 / last-modified: 1624544423"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23723
x-xss-protection: 0
expires: Thu, 24 Jun 2021 15:56:30 GMT

GET
H2 200 PassBack Show response
js1.bloggerads.net/Ads/ Frame 78D8 195 B
575 B 657ms
657ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=3
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: b67940754933137d303396e326507059e67af1f377a6e6d3a522ff901d9be386

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:30 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
x: 79
cache-control: no-cache, no-store, must-revalidate
content-length: 195
x-amz-cf-id: m9IAC7qvCEGp4ND0rqyK_dJwoU0VdmLtNgpt-4b34h-11AGN17DDlA==
expires: -1

GET
H2 200 PassBack Show response
js1.bloggerads.net/Ads/ Frame 068D 255 B
636 B 635ms
635ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=6
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 09d4ef613ef2576bce945af520b1d6814968316ee05e69c5ba2f9a4750dab239

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:30 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
x: 79
cache-control: no-cache, no-store, must-revalidate
content-length: 255
x-amz-cf-id: 1kqgY7Gwmd6mobCIY8JePqePSu8hu6v01yT5JIQ3KBdODDjRwhhmOg==
expires: -1

GET
H3-29 200 pubads_impl_2021062202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 15E1 326 KB
113 KB 58ms
57ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d07d35aa498106b4fb484c4589d42df6814abf2831bd8df6433da5590a849b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Jun 2021 16:11:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116146
x-xss-protection: 0
expires: Thu, 24 Jun 2021 15:56:30 GMT

GET
H2 200 PassBack Show response
js1.bloggerads.net/Ads/ Frame 969D 275 B
655 B 641ms
641ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=8
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 9da66f56abb6488c938e874f9fc162eecef50cb89cab65f2554b448cbe837ac2

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:31 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
x: 69
cache-control: no-cache, no-store, must-revalidate
content-length: 275
x-amz-cf-id: nOdZqjo7Pp35Gvl2nRIZ6DlsKAsKSQ9J98n6a-_incgfZVsnaBKHpw==
expires: -1

GET
H2 200 PassBack Show response
js1.bloggerads.net/Ads/ Frame C274 224 B
604 B 655ms
655ms Script
application/x-javascript 13.225.87.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js1.bloggerads.net/Ads/PassBack?MaterialSize=8
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-69.fra2.r.cloudfront.net
Software: nginx / ASP.NET
Resource Hash: 7caca8d61afc124d25dc3e039cefdf6855c93048cdb9021023e4fd95b4b69610

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:31 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-aspnetmvc-version: 4.0
server: nginx
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA2-C2
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
content-type: application/x-javascript; charset=utf-8
x: 79
cache-control: no-cache, no-store, must-revalidate
content-length: 224
x-amz-cf-id: bwC9KFVoqCOPg-uql3okr2gfon5L6IBW3ogF-uHext_WD9cgtn6Vyw==
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 15E1 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 15E1 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 15E1 330 B
160 B 77ms
76ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=128549069378393&correlator=888369785285161&output=ldjh&impl=fifs&eid=31060784%2C31061674%2C31061410%2C31061335%2C31061662&vrg=2021062202&ptt=17&sc=1&sfv=1-0-38&ecs=20210624&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1624550190770&dlt=1624550190403&idt=347&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=9ibbjbfpubzu&ifi=1&ifk=923963767&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fwww.calindachan.gq%2F&top=https%3A%2F%2Fwww.calindachan.gq%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1718863520.1624550191&ga_sid=1624550191&ga_hid=195826378&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4f21b24ffd4cdfb6847abcd3f84e70e39fcaec72aa6e391809d1d47cac2a182d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 204A 6 KB
3 KB 46ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 24 Jun 2021 15:56:30 GMT
expires: Fri, 24 Jun 2022 15:56:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 15E1 10 KB
8 KB 32ms
31ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77c3f24e2771cf00d2719eb0fa90543ca12fd1d74a4241a82c581d6733ae1aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7960
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 15E1 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062202.js?31061674

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 15:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 24 Jun 2021 15:56:30 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 25E3 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 24 Jun 2021 15:51:47 GMT
expires: Fri, 24 Jun 2022 15:51:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96DC 783 B
532 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad2702015273a664b5ba418971d168eb26243cbb073feaac14a252b3160248fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8pR6N+UOVNFWCYI+gIdiEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Thu, 24 Jun 2021 15:56:30 GMT
date: Thu, 24 Jun 2021 15:56:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8pR6N+UOVNFWCYI+gIdiEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 25E3 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 08:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 08:36:29 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E1 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062202&jk=128549069378393&bg=!m5ilmNzNAAZktE7iZLQ7ACkAdvg8WtFcGklQjYPH2MKQr_XanClAL3avIz_lyKnx2WsRN33Kh-2ObwIAAAB_UgAAAAxoAQeZAogF6ru364D22KL8Dp36qbUygjtHNJODIxO8t-5IHaZ444pbEAR4YwLfqSSEpQjyLXrTD4djTvvvwVtQ3pbgJ8RsXSw-0iCN_3MuS7l6Cq9dAPkCq1RrKXlkGOiBpLaVe62M6TqJGnAECA4Vz5YC_AZLgnQ5oJB4V1aKz8cy3F_gUfOoP9DqnAENDYBze-hW3AbM5ORrOmKHcTolutVXV6D-0mv2tJ8u46nCyGCoRuJbyam2sAMXzvE6nh3hfUoLKIxX1K299RUOnaRL9wyabfAnsiPzFHjq2Ypv4gj2rx6garNl_LmI6cNsPqa-uU9tmhYVOm2XMVECp7g_x25FjFX1rYx7Sb3n7kl5Ez06veMr41ghFQYBo68P6yTMFwF5Y-WM2ja5Vv2wYv9uR921dWxjY2Eh-GUQIaU7xico_CD83VdqdEKDW_c_OhB9bI2KU3fY8tjArUKqjRGPIUF1CP265og6kdtuCZIl_oKhFbSyB75hCKxbb_3m6fHrHPtCqqZ1Rma8ojf_u5Lum4eNaC3xkFVhA3zbfxwF7OMFwhVyptjyyZuXLA3-3ZBV96cBQvsQwjyfFRXj6TPmb0RYsWSY_GnK3Qu9pCEXkajNout08RvfKP0SfMvGq3oajZSZFTjc1xYjrcckNTwdP-sJqjjJCV59uP-QANymxNFmUpMVVsxCie3bWaYTws2c0xQfGRb2oA--FwCx3cpY4OYXlEqEd5Jd7Ru9DSUSQQ39wYpOaf83wQ7JG7rryMuRNzwL_82kV1NSAiapTjFrzuf0OBb7AH-49Qk6ZXvhMMzsiyxEHmHJLoAJLvWKhGwSAIgHzg3LCmyWoAQzUv47pLpFY3rL75La9ob578s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 15:56:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2c44430dd35247e8a5c12b5a9a993ead.png
d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19174/ Frame 78D8 96 KB
97 KB 10ms
10ms Image
image/png 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19174/2c44430dd35247e8a5c12b5a9a993ead.png
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 44d5f3a8c7ae820305ccd1cfd1d4ce2525a4e46a2bc124ac33c4a514c920bf72

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 04:40:10 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Fri, 06 Nov 2020 07:07:22 GMT
server: Microsoft-IIS/7.5
age: 40562
x-powered-by: ASP.NET
etag: "de757379bb4d61:0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 98685
x-amz-cf-id: mNLzi7kZruen2b5z7ioE84Z5AyVu-_nFlM6J_N29Z6U21pZu-qmGvw==

GET
H2 200 df6daa93d6714ec3a388bec2208fdab8.jpg
d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19047/ Frame 068D 76 KB
76 KB 9ms
9ms Image
image/jpeg 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19047/df6daa93d6714ec3a388bec2208fdab8.jpg
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 5a4ad25707abf3c3b585439bd0ca7ed89550d11f8ac75d3c1fbdcadeba9154c2

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 03:32:21 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Wed, 22 Apr 2020 02:15:47 GMT
server: Microsoft-IIS/7.5
age: 44630
x-powered-by: ASP.NET
etag: "80c8a0ef4b18d61:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 77384
x-amz-cf-id: zpc6lU2dcM5Gdq6XSEJNRHmWCP8lG94c9_vaqdrPmfeauJLFCHcpWA==

GET
H2 200 0a7d5f9ccf544604b73be09c6b262021.png
d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19147/ Frame 969D 132 KB
133 KB 10ms
10ms Image
image/png 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2020/19147/0a7d5f9ccf544604b73be09c6b262021.png
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 15c57d80d78012119d91f0541bd7bd792801d69624da0408f54611ecba97ae51

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 02:49:53 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Sun, 20 Sep 2020 11:59:04 GMT
server: Microsoft-IIS/7.5
age: 47179
x-powered-by: ASP.NET
etag: "cef79d6f458fd61:0"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 135349
x-amz-cf-id: kb0rExjJBpUpU2HsOmFx4-gtX-0WAzrc3R982ZvbEd5ng02tXbdv8A==

GET
H2 200 c1ef6f6c6508457b86730ec2b6f330c2.jpg
d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2021/19258/ Frame C274 69 KB
70 KB 20ms
20ms Image
image/jpeg 2600:9000:21f3:4600:13:78a7:5e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ypub5wfz82gq.cloudfront.net/AdsService/AdsMaterial/2021/19258/c1ef6f6c6508457b86730ec2b6f330c2.jpg
Requested by: Host: www.calindachan.gq
URL: https://www.calindachan.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4600:13:78a7:5e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d2f9a49772373893d3548f6fb615523a88b081615ebd6bbf191ebcc25efc9a29

Request headers

Referer: https://www.calindachan.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 11:34:56 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 11:03:51 GMT
server: Microsoft-IIS/7.5
age: 15674
x-powered-by: ASP.NET
etag: "b68a191e8d66d71:0"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 71104
x-amz-cf-id: gvHn-9i7BpApDcbulYt3CkRZxIRbIGfzpm96kmO8SvWuZsQoQYZZ7g==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK wiki.html Show response
eergithi.com/ Frame 6632 7 KB
2 KB 213ms
52ms Document
text/html 188.42.224.33
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://eergithi.com/wiki.html

Requested by

Host: www.calindachan.gq
URL: https://www.calindachan.gq/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.224.33 , Luxembourg, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

57315b91194383a56350bb2239e01bb279c9bc15ca1cb5c13c62461990b2d7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Host: eergithi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.calindachan.gq/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.calindachan.gq/

Response headers

Server: nginx
Date: Thu, 24 Jun 2021 15:56:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *
Content-Encoding: gzip

POST
H2 200 tracker
top-fwz1.mail.ru/ Frame 1E85 43 B
674 B 86ms
86ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3084594;u=https%3A//worldoftanks.eu/join/5386_PL1%3Fpub_id%3D2057567%26xid%3D16245501860628675500100114859335801%26xid_param1%3D2057567%26xid_param2%3D248273220%26sid%3DSIDKisY2NU24-nBt9YlABCpDG78Hl9yZ9wWP18oTNHVBju5Hsp_8McxlY2Eey6pOqPQZdQYR_gPL4AY4YTXjq8QigP64xrdaOPgnqaZ9ZrWIHThGiBw0nWNb8KM2IqpTE0mcAiNePqtHM06Mg%26enctid%3Dccbyz98ig749%26lpsn%3DWOT_WLAP_Global_SOI%26foris%3D1%26teclient%3D1624550187499705259%26utm_source%3Dnetworks%26utm_medium%3Daffiliate%26utm_campaign%3Dbipwac7m%26utm_content%3D2057567;r=https%3A//www.calindachan.gq/;st=1624550187916;pid=USER_ID;title=World%20of%20Tanks%20-%20darmowa%20gra%20akcji%20typu%20MMO%20o%20tematyce%20pancernej.%20Pobierz%20teraz%20i%20graj%20za%20darmo!;s=1600*1200;vp=1600*1146;touch=0;hds=1;flash=;sid=78c2986565127fe3;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9//4g/0/0/;detect=0;lvid=1624550188608%3A1624550203613%3A3%3A3e25c915dd50a7b18ab14f841afc90d3;opts=dl;_=0.6369296882110007;e=PVT/15

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://worldoftanks.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Jun 2021 15:56:43 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://worldoftanks.eu
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://worldoftanks.eu
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: https://worldoftanks.eu
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1334208/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"BroadRetargeting","id":1100244,"tim":1624550188593}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1334208/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"BroadRetargeting","id":1334209,"tim":1624550188593}'. TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
10697551.fls.doubleclick.net
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a9384e32878d841b5067b4e56ba8d5b4.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ads.aralego.com
adservice.google.com
adservice.google.de
adservice.google.pl
agent.aralego.com
analytics.twitter.com
apis.google.com
bat.bing.com
c.imedia.cz
c.seznam.cz
c.statcounter.com
calindachan.gq
cdn-wglc.gcdn.co
cdn.aralego.net
cdn.taboola.com
cdn2wotcom.gcdn.co
civadsoo.net
connect.facebook.net
crrepo.com
d1ypub5wfz82gq.cloudfront.net
eergithi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js1.bloggerads.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
rdr.wargaming.net
resources.blogblog.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.ads-twitter.com
sync.aralego.com
t.co
tenor.wargaming.net
top-fwz1.mail.ru
tpc.googlesyndication.com
u360.d-bi.fr
worldoftanks.eu
www.blogger.com
www.calindachan.gq
www.dexpredict.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.22.52.65
104.244.42.133
104.244.42.67
13.225.87.69
139.45.197.239
142.250.184.226
142.250.186.70
162.210.196.208
185.33.220.242
188.42.224.33
192.96.200.41
199.232.136.157
199.232.137.44
216.239.34.21
216.58.212.166
217.69.133.145
2600:9000:21f3:4600:13:78a7:5e80:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:467
2606:4700:3038::6815:eb71
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2009
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:598:2::60
2a02:598:a::79:33
2a02:6b8::1:119
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
3.248.13.47
35.201.90.210
52.95.124.170
92.223.20.123
92.223.21.23
92.223.27.99
00b4fab5425b1399ab7b199ba24a0b527cbb7a9133d7deaac8e5c6a4fee11927
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04a1722238c2eb4055efcf3123981dc1cfa9a48e49be8154e4f9d6d66a1e51a6
052adb1ac898a8918ac9ff0704ee4d2cd282fe766a5c0de8e5e09ea417b6e99d
05d9cc2d48e07a8936fdd242ade799e8a30e53614ae506a1b789ace79d61eccf
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0776cc287769a86ab030d70d3cb63cf6996b0583edc61191cf50d5a0fe4abb80
0787fb611575c72525848d8e7bd72fb5d5d2252043c6ac833380d1f36ba87ea1
08ceec9e56972e8493cf3c6bd21886a68d6325f6c12babc85ad9dff845b1df92
091c432155540f06eca320832ad227fdf0fa1cd129dac0388ff6b3bc3c579bdd
09d4ef613ef2576bce945af520b1d6814968316ee05e69c5ba2f9a4750dab239
0b6f2b483d98fa2e9d31cda09a7bc5a92c7a34a01e2be8160d6efd9e9e41e178
0ba2bfb23ec0f2c230170e64d353ef80de7e47defe56bbfc60e000f1c6d2ff52
0d3628e5e60951418c1af2d9d0adbb4579c61a0654a817a3a3ed2c68bac5f083
0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015
0f103718c62f24a6775f5a910438714019abffe33986f5b52909b05f2177ef1e
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15c57d80d78012119d91f0541bd7bd792801d69624da0408f54611ecba97ae51
1776a6905bb62517d18f7abbc2502887ed87608674f0d03d4941efa127ec9d39
17c0c97f7d9cb562b14ccd5a9373f5264bba77a0089b7d395de9f2a5019edf8b
18b76effe9eb7ccc773a851fb822c5e415da5f82932dcd385280f1864c6678a0
19fc3be1cc7cd043521359a10bc4be64ed7fc8cefb177e4baddbde045f2ee41c
1a69e43604973a1447d3ef4bea61c2862ce63cb46572138b84b5bb65c5a8847e
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c41f9b7e7bd4ef21fe6b46f7ee3c5821b5ded7e5167454d407f1b06060bbcba
1d09399e470759d7f53ee07d697b37ac6ad8a4d06ae0d1d4ced71cccf39e6c2f
1d46bc1240de17a89350678a7de69fb29d5c7fd80fedb64f5ce23187d2d94254
1eb7795d3cb8974ee7c2a946f07ba60c07ae841962037b08fb99cb6f0f28fec0
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27d2f738bc11fbfb7c7af8efabb0030e03ef75909c870ca052a867da7f2eeb33
29ffe440aca69fbd253d9a359ad33e9415990da3765430e48de038dad55431bb
2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637
2e4c6a2963d2f1966e65304b327e435965f66c01ad2c22b9da636b770dfe1e55
2fdf96c93ca806e280a916694711653bcf3f0e0294693ed086e34e7e5d51368a
3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967
313d564fb7e012422c077165d31f2c174db39ef48bf2672c9e6256fa20d7e882
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
35adf751a991c30caa1b9662049134700331ce56992fdc3d586d93b1cc8d02d5
39c02ba4a4c300e45c834227ebe0c62d6fbab1c827fa180d11c2689aef749ed8
3adb8c422ebcb60634eb521d7db7d8cdb61c832e9ffd902b05fd60d901b7a793
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3ce90e2e0c42b86375b00a554c31fb7c2b4f98fdede5a6433aec39168668c2ca
3e12a05330af96ca1b43077f0f909de73777a5e92bbf05d5045a9d31a953e063
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
4461dd1e13bb95d81f2569ba45def6282d613c3870a997550eb301079b253269
447794c16393c2d2ade368dbae844e16d59636041651b03a98f0c71571279024
44d5f3a8c7ae820305ccd1cfd1d4ce2525a4e46a2bc124ac33c4a514c920bf72
44f65a266e9b87eaa1506e01d2ecd974362a22a292ed3d31b65634752b9451c5
4831eeca99586988b43953f8786daff154fcc0a49dba02c1ec43e1ca3b135d2f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ceaf06dad03e55d4dadfc82ff2ab3b5fb7e68135d7b021fec29211cd334c5f8
4f21b24ffd4cdfb6847abcd3f84e70e39fcaec72aa6e391809d1d47cac2a182d
4f40105ee1b6962a6a02570a968c7c690caba15490e3d456978e0648bf5404d5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52c162943e5392d51bd534cbdd72655502972d9cd5b908bd1e057e078e76ca15
52e3eee68b2046bda3371e537a2f091a130d27ae579767753d46ba21cb1964f1
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c8e8858a647da18f977643185f1d74b72ad73eb82eab19e09e0b25dc972f1f
56a2b0088aa1ccc63098e272ff4d098dc8cb386798dde7838833e9827613ef90
57315b91194383a56350bb2239e01bb279c9bc15ca1cb5c13c62461990b2d7b9
581ca0044c7f3f2680eec98b3941d4b9f8e3a8ca1862620782229c05c2fe3ec8
5a4ad25707abf3c3b585439bd0ca7ed89550d11f8ac75d3c1fbdcadeba9154c2
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
6149bfb02a86d6115969140d3e372a72da850ef65e8f6766091d289d78e02930
61f6420b36d798c7b7fd372000335c7dc5a63b57210e614caa6285fd72fffb8a
621c41ca362b3613d771197ccaebb1d97b3f99208fb65ef7a8c6f9cb2ea4ba2a
624f82bf95cec1a78e0751f6124e924e7e923e0581b66997aec145dd14bbcbba
658ff80afff4ce47f60badc7e45e7708be3e633ba85e98f56ea956c6a9dbe312
65fd549db52b4b12e6fa11cf626ea3d3214e693253ba80de862b09ca46679dec
669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972
691fd361c868c6de2fa6d1b55c07ef37de235699b57f61235d750d269d54f0f0
69be2b3422c16d57c5daf8b004e4a6e4d5e5c8a17d0606ddc31fa3e4049cd62e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df5ea7df89feecad0a793c93e6231239ce316df79c9846cb73d8366663e179e
6e13e58861d0d8000aa6c0b58204094359a1614ab079848ba8ba3a7f06028066
6eeea2f152be01f89d5adfc79f108b4e7c48b87e169a7c831ec0fbf953bc219d
70868835ac5f7bc32838a476dc708705ac4dbdedfa29cd308fb3b9e0a167abca
709c96544678ff20e76361f3fbdb7baf7bdbcc5c0ab3aea9f7a7ef0dc9da708c
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
75847facdc47958a3363257855849f3e0f7a750d68a3f0bc255432e7ae1a95bc
77c3f24e2771cf00d2719eb0fa90543ca12fd1d74a4241a82c581d6733ae1aa1
7a00d5f4d802d0b93811bc29f7813bf2ae52abb4d828bde53038db010dc884ec
7a51bdbe4882f8e43307bf9b1e40a0e52eef9704d0907e205e3f8e1c6a8dc7c2
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
7caca8d61afc124d25dc3e039cefdf6855c93048cdb9021023e4fd95b4b69610
7e04cdab9a3bdbb6637ed88612083b13247fd18d9fb629a41e48db53127a5573
7f73e6af371eba16138589ec3d81dbfa6761d2efd162f087d9812c731f0733df
7f88073b6bd53a5d04bfc7ba673d070d3dfb92e1627bebf96c998c8c347eb0d8
819d042e8eb250bb9967f2bfe39119dcfc813b4d07c0740904eff88457d7f360
84117cfabf1791283340c3930a9fe11c450e412280de4603b6271ce58b95c2ee
856f1c3170cf33d6426fcc7d50c8b246d522190ff207f8b4a78f16ab38ed62c6
89dcb3390a9e880629766a40e67647ddd69fc2753ec4ae24024f5a4561b8f01d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
93276a6876e4698e0491191930dac2403a5d446048abe40cb0fc8661f29a2b05
93ce9fb9cfa095d1e689528ce483ae18fbbf1eef5372d76bdf04236ec047e380
96f14fecc5555605ac3f0ed12bbcac084bd50500568ca2e473f738908ea65fc5
981603e37bad397f86a5e954e2ac7dc93b7602abaeefc6dda00b6f9ae1e27180
9c8d344a717b441f6abd1c21b214314a6443146cba44b8c225f87ef287b7831b
9da66f56abb6488c938e874f9fc162eecef50cb89cab65f2554b448cbe837ac2
9e666968788dcb7e6477a157cb571b66007d7ba7c24effedbbcb318a849c0adc
9fe4df895581f993257ace2a29282a5d486875250933b6cb61329b8aca03e1ee
a2a78ba837e008f9bbef6b99c516b80f38084e60613e47f9b43a8230a4115a99
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5712c0131d5a6e11f6c7004507d348fd2d08cda882f5b5825d2ed5a15a2aee7
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a665b3ad14cb2075a396c2c542ea83c928fbcfb08160330bdec73177c63cc97e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9ceec988e9fcfa2dc995f3d3f7cfd7f90cbdbf05dd62ebdf62756fe6b914433
a9f82ebc46dbcc91148aca1299b0448985e6fd94f3dec1f738e704d6d4fea82e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac92bcfa28eaff47258e9605aeb2c504917b80f861571a2d75c28c3dd1a94aa7
ad2702015273a664b5ba418971d168eb26243cbb073feaac14a252b3160248fb
b67940754933137d303396e326507059e67af1f377a6e6d3a522ff901d9be386
b6cf74e4b25552d895de4b33e35b99c9480e197ebc08d7f6df6e1bc37104b0ea
b7b50ca06843eb2c15681e4cd27533ca59d39e5a2a0af9a2d32a2a5e108c8ddd
b860e937b76fda2dd6bd18f7772588562f1b6cf93b8ebb59605f0bb974be3946
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bfe39f0c36c3620ee0bc1b2365128845ac3f189f830fce112643860d4d9ecca5
c1756b762536a1b0e9c6881edd5a708ff24bf2b2bd56178b206107a835f0a36f
c1dc9816def90ce27d187e130a69fd6870fd88a14b223b8443bf9d92b5a6df89
c3b2bb6f883ba0a5b362d7d5c9339b12b397e2651f03aa6bf461d9873527b381
c4154cbba41b9f445411d869bc223921d00d77ac7d41905a3547e365a3a7fdf0
c54705ff81c41734998845d446da3cc9a1a7269d9d7624a88374f4bd6a191f3d
c7a09843d67c3a619eda45e7f0bcc3f2ddc1f73f067f3c851f28bd8fdb7bd4a5
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8caa6b5c0c4a42522b3cae9849b44e6a29a7df05f62b21002c5fd7fda68f754
c935d23da77ef2e1168f4d128f232e889d0076e3a9e95dfc53c32b6cf2d35e79
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce678a5295d1fa2656f65c4f368df87e0f4f9be67496ef79fbf744fc31322681
ce8edccdc98a1f67c6d81ce452ac32192a9fc0c7a2828ea2dc6747c291cb5919
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5d4381849dff79e2d49dfe82d8675ffc61cb536b59ca6d21e2876125ff81e4
d07d35aa498106b4fb484c4589d42df6814abf2831bd8df6433da5590a849b2a
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d18600e7677d2c84e31cddd50ff9fc2cde2bf74ab4a049c98e3613032c8460c2
d2f9a49772373893d3548f6fb615523a88b081615ebd6bbf191ebcc25efc9a29
dc50e2c1fae2726eb03ca2f85f0c7410ed235512816319ea52a370d6685b744b
ddfa97050e8eced74d80132c91833b81404564bdcb4f506a0822d1e639a1f60f
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe3a8dc895bd7f597b383a3716dfff76789cd633160d30133371299d3241520
e311cce7f3328d55cd0194929b93429d2d1163d023abe945dfc1442630be5041
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1346adddf23ce81ce0fd7fa1974c9c78b476b288a6424cef0d7544160b4d1
e9e184a14b756326463f2cfb6f4afa0a8507314ed8ec41f8ab6a4fa58adbfde8
ea0579ddbb8b5673229268100d442a73d500d5bbcbcb86b7510d1ad8a9e2d5c9
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
ea6d0293bd2a0947ba0d1c560aee36396d1d7d571537f84021b4fadfba623a14
eb4af6a8adde85f07754ae5db2fba4846d72c45ac43c0b623ddc44bbc1ed7375
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
eea2609f60338647706f7bf50ffb75b51ca5a16030df792ebdc390054cdfb295
eef72f91472a7e02f3a8019551275bb35a1ba293f0a4b1033612a14ab4a31a73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
f43b8157f081f2ef6498945d4d93824c586dda2bd7b0952c8c95b3eaddb7791e
f49ed414b1242b08b0db0b7d438c942310985d4cbd8e7b11a4d71b9c250df89d
f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2
f767dca9d470e07145ebd98e385b659e2ee82a360d41cbfb81ef22ed26dcd1d0
f77b026e0303541dc691732031bace797a9ebc1b41bd8459fc74573ee381c1a8
f8a212353a7dc416f71554308bd27222e1bb3b3e0ce1f9b9f2301735f92cef67
f9c6e38549d7f2cee491968b4563d4f1f5167eded406e261bf6517e5fd4b24ce
fe50813df7b00184be8821eeb6e9acf7f986f6719ba219cbf8ee2435c887f18f

www.calindachan.gq Open in urlscan Pro 2a00:1450:4001:82f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

100 %HTTPS

61 %IPv6

42 Domains

60 Subdomains

52 IPs

8 Countries

10412 kBTransfer

13698 kBSize

0 Cookies

34 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.calindachan.gq Open in urlscan Pro
2a00:1450:4001:82f::2013 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

100 %
HTTPS

61 %
IPv6

42
Domains

60
Subdomains

52
IPs

8
Countries

10412 kB
Transfer

13698 kB
Size

0
Cookies

174 HTTP transactions
28 data transactions