urlscan.io logo urlscan.io
SecurityTrails logo

sanesecurity.blogspot.com Open in urlscan Pro
2a00:1450:4001:829::2001  Public Scan

Go To Rescan Add Verdict Report
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Submission Tags: falconsandbox
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 59 HTTP transactions. The main IP is 2a00:1450:4001:829::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is sanesecurity.blogspot.com.
This is the only time sanesecurity.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
sanesecurity.blogspot.com
12    2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
img1.blogblog.com
resources.blogblog.com
www.blogblog.com
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
5    52.95.124.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rcm-eu.amazon-adsystem.com
5    52.94.216.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ws-eu.assoc-amazon.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2600:9000:225e:d000:1d:d7f6:39d0:c781 (United States)

ASN16509 (AMAZON-02, US)
images-eu.ssl-images-amazon.com
10    52.94.216.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
fls-eu.amazon-adsystem.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 amazon-adsystem.com
rcm-eu.amazon-adsystem.com — Cisco Umbrella Rank: 45817
fls-eu.amazon-adsystem.com — Cisco Umbrella Rank: 38162
4 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
218 KB
8 google.com
apis.google.com — Cisco Umbrella Rank: 203
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
162 KB
7 blogger.com
www.blogger.com — Cisco Umbrella Rank: 6949
199 KB
5 ssl-images-amazon.com
images-eu.ssl-images-amazon.com — Cisco Umbrella Rank: 4175
103 KB
5 assoc-amazon.com
ws-eu.assoc-amazon.com — Cisco Umbrella Rank: 43800
221 KB
5 blogblog.com
img1.blogblog.com — Cisco Umbrella Rank: 90657
resources.blogblog.com — Cisco Umbrella Rank: 15340
www.blogblog.com — Cisco Umbrella Rank: 36500
3 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
5 KB
2 blogspot.com
sanesecurity.blogspot.com
25 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
644 B
1 gstatic.com
www.gstatic.com
34 KB
0 ayboll.com Failed
edge.ayboll.com Failed
59 13
Domain Requested by
10 fls-eu.amazon-adsystem.com ws-eu.assoc-amazon.com
8 pagead2.googlesyndication.com sanesecurity.blogspot.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 www.blogger.com sanesecurity.blogspot.com
www.blogger.com
apis.google.com
6 apis.google.com sanesecurity.blogspot.com
apis.google.com
www.blogger.com
5 images-eu.ssl-images-amazon.com ws-eu.assoc-amazon.com
5 ws-eu.assoc-amazon.com sanesecurity.blogspot.com
5 rcm-eu.amazon-adsystem.com 5 redirects
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 resources.blogblog.com sanesecurity.blogspot.com
www.blogger.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 sanesecurity.blogspot.com sanesecurity.blogspot.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.gstatic.com apis.google.com
1 www.blogblog.com sanesecurity.blogspot.com
1 img1.blogblog.com sanesecurity.blogspot.com
0 edge.ayboll.com Failed sanesecurity.blogspot.com
59 19

This site contains links to these domains. Also see Links.

Domain
www.virustotal.com
sanesecurity.blogspot.co.uk
sanesecurity.com
www.blogger.com
Subject Issuer Validity Valid
*.blogger.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
ws-eu.assoc-amazon.com
Amazon		 2022-01-28 -
2023-01-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-02-01 -
2023-01-02		 a year crt.sh
fls-eu.amazon-adsystem.com
Amazon		 2022-04-13 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Frame ID: 61D5543DAE16647263825E13DC0F0C49
Requests: 27 HTTP requests in this frame

Frame: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Frame ID: E7B5BC7864470DF81075917B6BF05F19
Requests: 4 HTTP requests in this frame

Frame: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Frame ID: AAC91EB0314F0BDFD04CB9D8075F5F4D
Requests: 4 HTTP requests in this frame

Frame: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Frame ID: 8BCED0B42946956187670FE482EE950E
Requests: 4 HTTP requests in this frame

Frame: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Frame ID: 076BD08341584CFDB2213138F99F5BB6
Requests: 4 HTTP requests in this frame

Frame: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Frame ID: AE87D1CE9A82C51F3A0C7323723A762A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Frame ID: F352EC91C5D97CE366DE8651A8C98570
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=9100761888144266006&blogName=Sanesecurity+ClamAV+blog:+zero+hour+m...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sanesecurity.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sanesecurity.blogspot.com/&targetPostID=8651835682906753585&blogPostOrPageUrl=http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html&vt=-726664930593923505&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 4290057339D4CBCA9AAD27E508FE4BB6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2391341781227965&output=html&adk=1812271804&adf=3025194257&lmt=1660653010&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsanesecurity.blogspot.com%2F2015%2F11%2F2-invoices-attached-invoices17080258doc.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&dt=1663192175110&bpp=2&bdt=309&idt=269&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7952609882443&frm=20&pv=2&ga_vid=1093234205.1663192175&ga_sid=1663192175&ga_hid=211004888&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069509%2C42531706%2C44772916%2C21066435%2C31062930&oid=2&pvsid=2059649357554911&tmod=1738776652&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Frame ID: 92FEC1D78E72869AA1AE456C98762BD3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08E8B6DCA727FC0A5AC91FBD152724E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 838B035F2707DCF74DCB5451EA30D0D4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sanesecurity ClamAV blog: zero hour malware, phishing and scams: 2 Invoices Attached invoices_17080258.doc Metropolitan, An RR Donnelley Company

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

59
Requests

88 %
HTTPS

73 %
IPv6

13
Domains

19
Subdomains

15
IPs

3
Countries

973 kB
Transfer

1778 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21 HTTP 302
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Request Chain 14
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21 HTTP 302
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Request Chain 15
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21 HTTP 302
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Request Chain 16
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21 HTTP 302
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Request Chain 17
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21 HTTP 302
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2-invoices-attached-invoices17080258doc.html
sanesecurity.blogspot.com/2015/11/ 		88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6b6242f50cc94faa5c1b5af5a773663bd09be53425dfa39e6c546f6301e36fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
17945
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 21:49:34 GMT
ETag
W/"62bdda3df347e14b2dbfd8fec6fe2f0cfc9f17b25db320a49bc874018dcf732b"
Expires
Wed, 14 Sep 2022 21:49:34 GMT
Last-Modified
Tue, 16 Aug 2022 12:30:10 GMT
Server
GSE
X-Content-Type-Options
nosniff
X-Robots-Tag
all,noodp
X-XSS-Protection
1; mode=block
2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:17:02 GMT
x-content-type-options
nosniff
age
5552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35960
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 12:53:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 14 Sep 2023 20:17:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25dabd57f30aaaf74b6055fbaf32aeb876735b6971ee0b93b4002b40980f1e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57910
x-xss-protection
0
server
cafe
etag
13690647551838017479
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 21:49:34 GMT
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 14 Sep 2022 21:49:34 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"77de80bac492065f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 21:49:34 GMT
icon18_email.gif
img1.blogblog.com/img/ 		164 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.blogblog.com/img/icon18_email.gif
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 22:26:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Sep 2022 18:58:19 GMT
Server
sffe
Age
170606
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
image/gif
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
164
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Mon, 19 Sep 2022 22:26:09 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 15:26:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 12:51:49 GMT
server
sffe
age
195781
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 19 Sep 2022 15:26:34 GMT
cookienotice.js
sanesecurity.blogspot.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sanesecurity.blogspot.com/js/cookienotice.js
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 21:11:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Sep 2022 18:57:18 GMT
Server
sffe
Age
520666
Vary
Accept-Encoding
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
6513
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Thu, 15 Sep 2022 21:11:49 GMT
3753684042-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3753684042-widgets.js
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:25:18 GMT
x-content-type-options
nosniff
age
5057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157917
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 20:54:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 14 Sep 2023 20:25:18 GMT
widget.js
edge.ayboll.com/ayboll/js/ 		0
0
authorization.css
www.blogger.com/dyn-css/ 		1 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9100761888144266006&zx=dff5e68a-9c8c-46a2-89d4-b03b40afcecc
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Sep 2022 21:49:35 GMT
server
GSE
date
Wed, 14 Sep 2022 21:49:35 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 09:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51176
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Sep 2023 09:14:23 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf07c075da69c03b60f61f26c51893f539b263c10147c58668f3481eeda9827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 00:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16714
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 00:16:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 13:11:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
31075
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
67
X-XSS-Protection
0
Server
cafe
ETag
13036835877489095579
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1209600
Timing-Allow-Origin
*
Expires
Wed, 28 Sep 2022 13:11:40 GMT
cm
ws-eu.assoc-amazon.com/widgets/ Frame E7B5
Redirect Chain
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
877b79970489f168c813cc480cde2a80951a4ada5e66813b7aa6d2fe23f112d1

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44898
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Sep 2022 21:49:35 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Sep 2022 21:49:35 GMT
Location
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Server
Server
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZW4XP1RKE0QCBRGTRKEK
tabs_gradient_light.png
www.blogblog.com/1kt/awesomeinc/ 		182 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.blogblog.com/1kt/awesomeinc/tabs_gradient_light.png
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Mon, 12 Sep 2022 23:17:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Sep 2022 22:01:09 GMT
Server
sffe
Age
167499
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
image/png
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
182
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Mon, 19 Sep 2022 23:17:56 GMT
cm
ws-eu.assoc-amazon.com/widgets/ Frame AAC9
Redirect Chain
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ccce4c46ac5831ee09af4f9e4aff84ffb25be235c31e1770737f33fab93f0f02

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44974
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Sep 2022 21:49:35 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Length
398
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Sep 2022 21:49:35 GMT
Location
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Server
Server
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
72GERSD7H1YMY1A6DJ98
cm
ws-eu.assoc-amazon.com/widgets/ Frame 8BCE
Redirect Chain
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2536f6f0939d11c5668e1ed1ea2f7c822a14a669dc4df058d9ebbc3dc6359864

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44891
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Sep 2022 21:49:35 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Sep 2022 21:49:35 GMT
Location
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Server
Server
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PQHF95KM6ZFZWGRW0841
cm
ws-eu.assoc-amazon.com/widgets/ Frame 076B
Redirect Chain
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cebf6d528e85821575554d4aebb4336e3fe88341437058022f20ad3b9c1c476d

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44926
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Sep 2022 21:49:35 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Length
389
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Sep 2022 21:49:35 GMT
Location
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Server
Server
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZQ6DQF9GSH0VJTA4HS4S
cm
ws-eu.assoc-amazon.com/widgets/ Frame AE87
Redirect Chain
  • https://rcm-eu.amazon-adsystem.com/e/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
  • https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9c502f6640092ba4cadaa274d9722e54efc1869b934eeba8f7bfaec5608f0a42

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
44953
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Sep 2022 21:49:35 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Length
395
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Sep 2022 21:49:35 GMT
Location
https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Server
Server
Strict-Transport-Security
max-age=300; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Q28VADW0KWYBC5MC0DTJ
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_2?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a12093d85affc0a515133dd45f6209cc860efaee464ddc6405bffa26e6049b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 00:16:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12091
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 00:16:40 GMT
share_buttons_20_3.png
www.blogger.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:43:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Sep 2022 08:50:34 GMT
server
sffe
age
47188
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5080
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 21 Sep 2022 08:43:07 GMT
logo-16.png
www.blogger.com/img/ 		279 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.blogger.com/img/logo-16.png
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 21:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 11 Sep 2022 05:54:56 GMT
Server
sffe
Age
260807
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
image/png
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
279
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Sun, 18 Sep 2022 21:22:48 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b598fd9dcbe524f583f6123d36e33eafb1cee62d1b489d727fdc88c122a9b024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124742
x-xss-protection
0
server
cafe
etag
3304240534040524948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 14 Sep 2022 21:49:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/ Frame F352 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 06:07:26 GMT
etag
8616628553774171045
expires
Wed, 28 Sep 2022 06:07:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9100761888144266006&zx=dff5e68a-9c8c-46a2-89d4-b03b40afcecc
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Sep 2022 21:49:35 GMT
server
GSE
date
Wed, 14 Sep 2022 21:49:35 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 4290 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=9100761888144266006&blogName=Sanesecurity+ClamAV+blog:+zero+hour+m...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sanesecurity.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sanesecurity.blogspot.com/&targetPostID=8651835682906753585&blogPostOrPageUrl=http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html&vt=-726664930593923505&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7380dddbae5e31ec3a5c8b538b2bf4ba9cc82ff33145c2afdaadb8ecc68181ad
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2680
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 21:49:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_2?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52048031b53c89d04e4b67fd2e795a0fb440c66d8dc87a918e3f827196ecdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33858
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 14:44:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 22:37:04 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sanesecurity.blogspot.com&callback=_gfp_s_&client=ca-pub-2391341781227965
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b588f81d8eca029803b2c2a58718286b675cb8feeccd4aa9a8ab55bf8a711189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sanesecurity.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 21:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sanesecurity.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 21:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fsanesecurity.blogspot.com%2F2015%2F11%2F2-invoices-attached-invoices17080258doc.html&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: sanesecurity.blogspot.com
URL: http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 21:49:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 92FE 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2391341781227965&output=html&adk=1812271804&adf=3025194257&lmt=1660653010&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsanesecurity.blogspot.com%2F2015%2F11%2F2-invoices-attached-invoices17080258doc.html&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&dt=1663192175110&bpp=2&bdt=309&idt=269&shv=r20220912&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7952609882443&frm=20&pv=2&ga_vid=1093234205.1663192175&ga_sid=1663192175&ga_hid=211004888&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069509%2C42531706%2C44772916%2C21066435%2C31062930&oid=2&pvsid=2059649357554911&tmod=1738776652&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 21:49:35 GMT
expires
Wed, 14 Sep 2022 21:49:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 4290 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=9100761888144266006&blogName=Sanesecurity+ClamAV+blog:+zero+hour+m...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sanesecurity.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sanesecurity.blogspot.com/&targetPostID=8651835682906753585&blogPostOrPageUrl=http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html&vt=-726664930593923505&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
028afb4a5d6a68c0d13eaf91ec9e9e5d103b8be40aedac868798d472d375aa96
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20369
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Wed, 14 Sep 2022 21:49:35 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"31f52d39e8c831aa"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 21:49:35 GMT
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 4290 		907 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=9100761888144266006&blogName=Sanesecurity+ClamAV+blog:+zero+hour+m...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sanesecurity.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sanesecurity.blogspot.com/&targetPostID=8651835682906753585&blogPostOrPageUrl=http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html&vt=-726664930593923505&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 19:47:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 14:50:46 GMT
server
sffe
age
180122
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 19 Sep 2022 19:47:33 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 4290 		117 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=9100761888144266006&blogName=Sanesecurity+ClamAV+blog:+zero+hour+m...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sanesecurity.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sanesecurity.blogspot.com/&targetPostID=8651835682906753585&blogPostOrPageUrl=http://sanesecurity.blogspot.com/2015/11/2-invoices-attached-invoices17080258doc.html&vt=-726664930593923505&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 00:05:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 12:50:13 GMT
server
sffe
age
423823
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 17 Sep 2022 00:05:52 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame 4290 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 00:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42575
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 00:15:38 GMT
UK_Associates_22-7-14_Banner_Video_728x90.gif
images-eu.ssl-images-amazon.com/images/G/02/associates/maitri/banner/ Frame E7B5 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.ssl-images-amazon.com/images/G/02/associates/maitri/banner/UK_Associates_22-7-14_Banner_Video_728x90.gif
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5ce9e22666592a592e23095f5f7bb3b520349e3e0592a605ec7c067598ff7913

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 15:33:55 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
age
22541
edge-cache-tag
x-cache-301,/images/G/02/associates/maitri/banner/UK_Associates_22-7-14_Banner_Video_728x90
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
8327
surrogate-key
x-cache-301 /images/G/02/associates/maitri/banner/UK_Associates_22-7-14_Banner_Video_728x90
last-modified
Tue, 22 Jul 2014 14:34:20 GMT
server
Server
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
5d1a01d0-befd-4cfa-b5f3-3193c87677d8
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
967SGwGv2g2ip9KFH3Z-SEMDKqqNkGwkAjd4uGB65j5cTXpSj_fyvg==
expires
Thu, 15 Sep 2022 15:33:55 GMT
json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame E7B5 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663192175951&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22GB%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
041a6e01-3b00-419e-9561-f03dfa2c2cb4
Content-Length
43
Content-Type
image/gif
/
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/ Frame E7B5 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1663192175951&p=%7B%22program%22%3A%222%22%2C%22tag%22%3A%22sanesecurity-21%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fsanesecurity.blogspot.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=48&l=ur1&category=pcvideogames&banner=0ARHTTTPV6PH0V84N202&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
740069f0-3023-480e-b12c-f8debf1f55c6
Content-Length
43
Content-Type
image/gif
XCM_Manual_1234696_1240678_UK_uk_uk_handmade_2020_gb_en_3206862_234x60_en_GB.jpg
images-eu.ssl-images-amazon.com/images/G/02/handmade/2020/associates/personalgifting/ Frame AAC9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.ssl-images-amazon.com/images/G/02/handmade/2020/associates/personalgifting/XCM_Manual_1234696_1240678_UK_uk_uk_handmade_2020_gb_en_3206862_234x60_en_GB.jpg
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c289ebce8e42db64bcbe971249860787a5dfde85e8657556d5f56696e090ee25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:06:13 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
age
6203
edge-cache-tag
x-cache-000,/images/G/02/handmade/2020/associates/personalgifting/XCM_Manual_1234696_1240678_UK_uk_uk_handmade_2020_gb_en_3206862_23
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
3803
surrogate-key
x-cache-000 /images/G/02/handmade/2020/associates/personalgifting/XCM_Manual_1234696_1240678_UK_uk_uk_handmade_2020_gb_en_3206862_23
last-modified
Wed, 22 Jul 2020 16:08:06 GMT
server
Server
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
7706b47c-5665-4148-8540-0515c171beb6
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
W8B35uCIixMd0Ak4NslRpQke11mNEz6OaM4h7prTurI03ZU_W5YPAg==
expires
Thu, 15 Sep 2022 20:06:13 GMT
json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame AAC9 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663192175954&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22GB%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
eee33187-e997-449f-99ac-acf897720553
Content-Length
43
Content-Type
image/gif
/
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/ Frame AAC9 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1663192175954&p=%7B%22program%22%3A%222%22%2C%22tag%22%3A%22sanesecurity-21%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fsanesecurity.blogspot.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=ukexplorehandmade&banner=1R65NVSVQC7JXRR4CSG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
d13acacc-3226-49ce-98b2-1a4850e0145f
Content-Length
43
Content-Type
image/gif
UK_Associates_HomeGarden_10-07-14_234x60.gif
images-eu.ssl-images-amazon.com/images/G/02/associates/maitri/banner/ Frame 8BCE 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.ssl-images-amazon.com/images/G/02/associates/maitri/banner/UK_Associates_HomeGarden_10-07-14_234x60.gif
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
025261444d1d70893cec90ee1b9cfc0cd31c8326e364c2b2a033a97d67ad4ded

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:36 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
age
27420
edge-cache-tag
x-cache-269,/images/G/02/associates/maitri/banner/UK_Associates_HomeGarden_10-07-14_234x60
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
4086
surrogate-key
x-cache-269 /images/G/02/associates/maitri/banner/UK_Associates_HomeGarden_10-07-14_234x60
last-modified
Tue, 15 Jul 2014 12:10:08 GMT
server
Server
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
c0239dd6-01bc-4aa5-ae1b-19aaa416576d
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
U5OiYkMRDKuawdEN20gO3AEeht25qeuOzhy77EyBBtv0z4TpHs-ebA==
expires
Thu, 15 Sep 2022 14:12:36 GMT
json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 8BCE 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663192175959&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22GB%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
f5c0d41e-91e9-4f53-b90e-2242211da09a
Content-Length
43
Content-Type
image/gif
/
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 8BCE 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1663192175959&p=%7B%22program%22%3A%222%22%2C%22tag%22%3A%22sanesecurity-21%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fsanesecurity.blogspot.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=42&l=ur1&category=homegarden&banner=19XS2GQT2TQ8VFETFB02&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
1cb9974a-3cce-4d7d-bc33-89501c1eb093
Content-Length
43
Content-Type
image/gif
UK-EN_012522_SpringSitewide_ACQ_ASC_160x600_CV14.jpg
images-eu.ssl-images-amazon.com/images/G/02/AmazonMusic/2022/Marketing/SWSpring_DMUX-5871/Associates/DV4/ Frame AE87 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.ssl-images-amazon.com/images/G/02/AmazonMusic/2022/Marketing/SWSpring_DMUX-5871/Associates/DV4/UK-EN_012522_SpringSitewide_ACQ_ASC_160x600_CV14.jpg
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c8b6e3a303a7942132d8db20dc95f502628bae7bfd24f3f4e19bf0db8892e9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:42:45 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
age
53770
edge-cache-tag
x-cache-324,/images/G/02/AmazonMusic/2022/Marketing/SWSpring_DMUX-5871/Associates/DV4/UK-EN_012522_SpringSitewide_ACQ_ASC_160x600_CV
x-nginx-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-length
52731
surrogate-key
x-cache-324 /images/G/02/AmazonMusic/2022/Marketing/SWSpring_DMUX-5871/Associates/DV4/UK-EN_012522_SpringSitewide_ACQ_ASC_160x600_CV
last-modified
Thu, 04 Aug 2022 22:21:08 GMT
server
Server
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
f4453351-494f-4f48-8e77-ec4f3bab6839
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
c3MUU0hPn65YzDJwlh0sngz5n0wPpkRL0bJCMwu3n8PzvT11QhJXdQ==
expires
Thu, 15 Sep 2022 06:53:26 GMT
json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame AE87 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663192175962&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22GB%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
d74b7c20-9947-417d-9647-e96493698ec8
Content-Length
43
Content-Type
image/gif
/
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/ Frame AE87 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1663192175963&p=%7B%22program%22%3A%222%22%2C%22tag%22%3A%22sanesecurity-21%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fsanesecurity.blogspot.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=14&l=ur1&category=musicunlimited&banner=16V7DWTSFYFDMBGWKDG2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
913ceec8-e10c-4a76-aea8-56bfbcdcb2c3
Content-Length
43
Content-Type
image/gif
AssocAdsDesktop_2728-CIPLAY-UK-60DaysIn_250x250.jpg%20%C2%A0
images-eu.ssl-images-amazon.com/images/G/02/digital/video/merch/subs/marketing/associates/ciplay/60daysin/ Frame 076B 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-eu.ssl-images-amazon.com/images/G/02/digital/video/merch/subs/marketing/associates/ciplay/60daysin/AssocAdsDesktop_2728-CIPLAY-UK-60DaysIn_250x250.jpg%20%C2%A0
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d000:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fff93e34609ba2a101c450e15bce6b7f252adf098211a5bb4da650dd13a789e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:36 GMT
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
edge-cache-tag
x-cache-652,/images/G/02/digital/video/merch/subs/marketing/associates/ciplay/60daysin/AssocAdsDesktop_2728-CIPLAY-UK-60DaysIn_250x2
x-nginx-cache-status
EXPIRED
x-cache
RefreshHit from cloudfront
content-length
33183
surrogate-key
x-cache-652 /images/G/02/digital/video/merch/subs/marketing/associates/ciplay/60daysin/AssocAdsDesktop_2728-CIPLAY-UK-60DaysIn_250x2
last-modified
Tue, 21 Jul 2020 22:05:42 GMT
server
Server
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400,public
x-amz-ir-id
1a72c7bd-cd50-48a9-8ea7-cbd92f0b932f
accept-ranges
bytes
timing-allow-origin
https://www.amazon.co.uk
x-amz-cf-id
S4uvTVNU82CQpDLdDG2rBImlyIQ1F-rXHHd5l65k9qok-3FIsPvl3Q==
expires
Thu, 15 Sep 2022 10:42:04 GMT
json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 076B 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1663192175976&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22GB%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
f27aefc7-7a06-4bd9-a449-066c7405ae4d
Content-Length
43
Content-Type
image/gif
/
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 076B 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1663192175976&p=%7B%22program%22%3A%222%22%2C%22tag%22%3A%22sanesecurity-21%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fsanesecurity.blogspot.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/cm?o=2&p=22&l=ur1&category=channels&banner=16YG71ZFXKGP91C4N9R2&f=ifr&linkID={{link_id}}&t=sanesecurity-21&tracking_id=sanesecurity-21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ws-eu.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 21:49:35 GMT
x-amzn-RequestId
f4e8d6ef-6e9c-425e-b45a-e90aa6aaf97f
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750e646cd5f397b3daff82413523806512e8231d8bbd0243f568ba277c90c68d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 21:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11170
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2391341781227965&plah=sanesecurity.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 21:49:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08E8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 20:54:06 GMT
expires
Thu, 14 Sep 2023 20:54:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 838B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20d78ea49f7cdff3caad63ab5a532dadf7bcc427e2f2a8790a599bfefeb82ba9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nkDoTqnl9VRnkW91U_2nqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sanesecurity.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nkDoTqnl9VRnkW91U_2nqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 21:49:36 GMT
expires
Wed, 14 Sep 2022 21:49:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 838B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220912&jk=2059649357554911&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 08E8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 12:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 12:57:31 GMT
generate_204
tpc.googlesyndication.com/ Frame 08E8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h3QwVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 21:49:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220912&jk=2059649357554911&bg=!JCelJ2PNAAbG3AOo5tw7ACkAdvg8WtXw4JA7O5Zz9SMLsWjHmxAw6gklczO24sOjqotfd1VFRH2exQIAAABKUgAAAANoAQcKAHEWLfPNXBhmcdj1GbHlLKFdW-snexfcY0QsgSn1jG1qcTcI4qqVv_hhQ3ZXRufhx-jLwefH8W3pZFjtawzRovnFuIyPKEsMI0sL28MWM88luiKxZFLcnlEHVYOOW_ik3vbIPNFq3G0EJ40WsQ_1C2ylgZkC2m-uDxrWM_uXeKzQ6ssjXEgmOmCxe4KI4Uj4ZTzjZ1ohoejFskqkIoWuq3XLTrVkv3flpxt9wutAKtWRhaj31msCeJQWLf5fu0SmIDiOeS1NaxniWfEPInLJpAb7bqqslIX1tdmdMKFOIYqD2hOspWv_8B4zLyk-3tAl5xAeYh3V2UOXqYg4AH-sCvlB-uwuDANJR5L0mLdFzWKaqEsAF73E55n-cIjwSU9q6-hOJhHNvkeqofT44AoKn37SVxWM15uua45WAVe1BZI8evV8DROwg2QFJaitJC_vsMC-KT0eV-vV4Pv9QZYYL7HDLfJz6s2u8t96PlfqQDEKD-7TV4GvMnej8JaOLu8tW-JIBM7pnfXXWFDH26XAwmQYD4fh3_JL1RjSFrANkVmf3xLMGSjbOTMpD6zlev3myUMBao7KMeG4o8WthcO5oZVnvX2V_xWwJ7wu8lsscwnzBey4i7_HgaxIWaOGsiEvatMaz2pW6ZDX-_nO0fj7GrwXULDjO5BnG_49eW3VzCuF4HNAETSIacuDrfiAfZDQcWYVKpPaQrOXmuvT7vlpmluYZ98rPkLMy8NP0mBC1yePgHg6vpf5tCVN7h9ObeIcJyK3RBS4D6cEnxbu_j-TTWofhQ7IaFlqmDK2fwulmcDnkWPIOcvkEe2_MZBcab3nSynaRgNJtyeeafRRRQ8c9LMyBmHdPzYuJuk2V9EDEQOolit7jb2NaDoOcAnywzBRKfQLtYfpdDGXLRw1qCStwe2ESO-puHLNwEECBrHP2v0PPvdqRYEY8n_2y24pMujnjbL3yzOBhDC1vf9TBfMu3jR8iGGmLnIEi63M-Eit9bWzz-h76-SUdh1VhFg_ImV0q7RxUEFUG2gpd2ugdGBoOAaTEUC1nT537EZAKPbQRqbh6OXHqul7XSz6wfzgeDYfGHpzhxlyXO95yYYtF01eJWzheAThan19aYbcLnqiYZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sanesecurity.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
edge.ayboll.com
URL
http://edge.ayboll.com/ayboll/js/widget.js

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| ayboll object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter boolean| google_empty_script_included function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| help object| hgb object| userfeedback object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: http://edge.ayboll.com/ayboll/js/widget.js
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
edge.ayboll.com
fls-eu.amazon-adsystem.com
googleads.g.doubleclick.net
images-eu.ssl-images-amazon.com
img1.blogblog.com
pagead2.googlesyndication.com
partner.googleadservices.com
rcm-eu.amazon-adsystem.com
resources.blogblog.com
sanesecurity.blogspot.com
tpc.googlesyndication.com
ws-eu.assoc-amazon.com
www.blogblog.com
www.blogger.com
www.google.com
www.gstatic.com
edge.ayboll.com
142.250.181.226
2600:9000:225e:d000:1d:d7f6:39d0:c781
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2009
52.94.216.147
52.94.216.221
52.95.124.70
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
025261444d1d70893cec90ee1b9cfc0cd31c8326e364c2b2a033a97d67ad4ded
028afb4a5d6a68c0d13eaf91ec9e9e5d103b8be40aedac868798d472d375aa96
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
20d78ea49f7cdff3caad63ab5a532dadf7bcc427e2f2a8790a599bfefeb82ba9
2536f6f0939d11c5668e1ed1ea2f7c822a14a669dc4df058d9ebbc3dc6359864
25dabd57f30aaaf74b6055fbaf32aeb876735b6971ee0b93b4002b40980f1e60
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce9e22666592a592e23095f5f7bb3b520349e3e0592a605ec7c067598ff7913
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b6242f50cc94faa5c1b5af5a773663bd09be53425dfa39e6c546f6301e36fd2
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7380dddbae5e31ec3a5c8b538b2bf4ba9cc82ff33145c2afdaadb8ecc68181ad
750e646cd5f397b3daff82413523806512e8231d8bbd0243f568ba277c90c68d
807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad
877b79970489f168c813cc480cde2a80951a4ada5e66813b7aa6d2fe23f112d1
9c502f6640092ba4cadaa274d9722e54efc1869b934eeba8f7bfaec5608f0a42
a12093d85affc0a515133dd45f6209cc860efaee464ddc6405bffa26e6049b1e
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52048031b53c89d04e4b67fd2e795a0fb440c66d8dc87a918e3f827196ecdbd
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
b588f81d8eca029803b2c2a58718286b675cb8feeccd4aa9a8ab55bf8a711189
b598fd9dcbe524f583f6123d36e33eafb1cee62d1b489d727fdc88c122a9b024
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c289ebce8e42db64bcbe971249860787a5dfde85e8657556d5f56696e090ee25
c8b6e3a303a7942132d8db20dc95f502628bae7bfd24f3f4e19bf0db8892e9c1
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
caf07c075da69c03b60f61f26c51893f539b263c10147c58668f3481eeda9827
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccce4c46ac5831ee09af4f9e4aff84ffb25be235c31e1770737f33fab93f0f02
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cebf6d528e85821575554d4aebb4336e3fe88341437058022f20ad3b9c1c476d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
fff93e34609ba2a101c450e15bce6b7f252adf098211a5bb4da650dd13a789e4