candycrushsagafreerewards.blogspot.com Open in urlscan Pro
2a00:1450:400d:807::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://candycrushsagafreerewards.blogspot.com.tr/
Effective URL:
http://candycrushsagafreerewards.blogspot.com/
Submission: On January 05 via api (January 5th 2023, 8:01:56 am UTC) from DE — Scanned from DE

Summary HTTP 67 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 18 domains to perform 67 HTTP transactions. The main IP is 2a00:1450:400d:807::2001, located in Ireland and belongs to GOOGLE, US. The main domain is candycrushsagafreerewards.blogspot.com.

This is the only time candycrushsagafreerewards.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80a::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
3	78.46.57.112 78.46.57.112	24940 (HETZNER-AS) (HETZNER-AS)
1 2	199.232.16.193 199.232.16.193	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
67	21

3 2a00:1450:400d:807::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

candycrushsagafreerewards.blogspot.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
candycrushsagafreerewards.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80a::2009 (Ireland)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.57.112 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.112.57.46.78.clients.your-server.de

ads.lfstmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.16.193 (Vienna, Austria) 1 redirects

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.233.6 (Saint Joseph, United States)

ASN15133 (EDGECAST, US)

cdn.lfstmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 14423 ic.tynt.com — Cisco Umbrella Rank: 6368 de.tynt.com — Cisco Umbrella Rank: 2271	9 KB
8	blogger.com www.blogger.com — Cisco Umbrella Rank: 6833	543 KB
7	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 834 gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856	9 KB
6	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 14712	61 KB
6	lfstmedia.com ads.lfstmedia.com — Cisco Umbrella Rank: 97323 cdn.lfstmedia.com — Cisco Umbrella Rank: 52231	19 KB
5	blogspot.com candycrushsagafreerewards.blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 13556	176 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 163	140 KB
3	facebook.com web.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 9435	2 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 10582 whos.amung.us — Cisco Umbrella Rank: 9585	7 KB
2	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1653	400 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	87 KB
2	imgur.com 1 redirects i.imgur.com — Cisco Umbrella Rank: 4867	67 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 743	40 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145	658 B
1	blogspot.com.tr 1 redirects candycrushsagafreerewards.blogspot.com.tr	446 B
0	fbhaxville.info Failed www.fbhaxville.info Failed fbhaxville.info Failed
0	fileice.net Failed www.fileice.net Failed
67	18

	Domain	Requested by
8	www.blogger.com	candycrushsagafreerewards.blogspot.com apis.google.com www.blogger.com
7	ic.tynt.com	candycrushsagafreerewards.blogspot.com
6	resources.blogblog.com	candycrushsagafreerewards.blogspot.com www.blogger.com
4	bidder.criteo.com	static.criteo.net
4	apis.google.com	candycrushsagafreerewards.blogspot.com apis.google.com www.blogger.com
3	web.facebook.com	connect.facebook.net
3	cdn.lfstmedia.com	ads.lfstmedia.com cdn.lfstmedia.com
3	4.bp.blogspot.com	candycrushsagafreerewards.blogspot.com
3	ads.lfstmedia.com	candycrushsagafreerewards.blogspot.com ads.lfstmedia.com
2	gum.criteo.com	1 redirects static.criteo.net
2	t.dtscout.com	widgets.amung.us t.dtscout.com
2	c2shb.ssp.yahoo.com	ads.lfstmedia.com
2	connect.facebook.net	candycrushsagafreerewards.blogspot.com connect.facebook.net
2	i.imgur.com	1 redirects candycrushsagafreerewards.blogspot.com
2	candycrushsagafreerewards.blogspot.com	candycrushsagafreerewards.blogspot.com
1	mug.criteo.com
1	de.tynt.com	cdn.tynt.com
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	widgets.amung.us	candycrushsagafreerewards.blogspot.com
1	static.criteo.net	ads.lfstmedia.com
1	pagead2.googlesyndication.com	candycrushsagafreerewards.blogspot.com
1	candycrushsagafreerewards.blogspot.com.tr	1 redirects
0	fbhaxville.info Failed	candycrushsagafreerewards.blogspot.com
0	www.fbhaxville.info Failed	candycrushsagafreerewards.blogspot.com
0	www.fileice.net Failed	candycrushsagafreerewards.blogspot.com
67	26

This site contains links to these domains. Also see Links.

Domain
4.bp.blogspot.com
track.cmllk1.info
www.blogger.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.dtscout.com GTS CA 1P5	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://candycrushsagafreerewards.blogspot.com/
Frame ID: 5CB75BD27A80BA6A52BE132CB0FCCF2C
Requests: 50 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5847923814263975503&blogName=Candy+Crush+Saga+Free+Rewards+And+Giv...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://candycrushsagafreerewards.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://candycrushsagafreerewards.blogspot.com/&vt=-3881481740196595841&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 8746EC4A793F101E8F9D0BA3C3B15DAD
Requests: 5 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 65038DEF19E7ED733BFB93394B881146
Requests: 5 HTTP requests in this frame

Frame: http://fbhaxville.info/recentupdates.html
Frame ID: E4A936E4FE0E0BCB01D91E714F20D7FD
Requests: 1 HTTP requests in this frame

Frame: http://cdn.lfstmedia.com/~cdn/Ads/ad_shared/static/406.html?requestUri=%2Fgate%2Fext_bid%2Fslot76431&msgCode=1005
Frame ID: 7B5D68E0D9E94A9DDA599522CFEF5B82
Requests: 1 HTTP requests in this frame

Frame: http://cdn.lfstmedia.com/~cdn/Ads/ad_shared/static/406.html?requestUri=%2Fgate%2Fext_bid%2Fslot76432&msgCode=1005
Frame ID: A48C3CCF7242497FBF48EA78E2FD0540
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=candycrushsagafreerewards.blogspot.com
Frame ID: 592285662B24D760D1824BAAD2ACBB82
Requests: 2 HTTP requests in this frame

Frame: https://web.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df398e2528f6ecac%26domain%3Dcandycrushsagafreerewards.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcandycrushsagafreerewards.blogspot.com%252Ff378502e4700c38%26relation%3Dparent.parent&color_scheme=light&container_width=568&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FCandy-Crush-Saga-Free-Gifts%2F436923533085129&layout=standard&locale=en_US&sdk=joey&send=false&show_faces=true&width=The%20pixel%20width%20of%20the%20plugin
Frame ID: 4014F9641E8402FED7FBC76C24EA4D56
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a0295d01c60c8%26domain%3Dcandycrushsagafreerewards.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcandycrushsagafreerewards.blogspot.com%252Ff378502e4700c38%26relation%3Dparent.parent&color_scheme=light&container_width=568&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FCandy-Crush-Saga-Free-Gifts%2F436923533085129&layout=standard&locale=en_US&sdk=joey&send=false&show_faces=true&width=The%20pixel%20width%20of%20the%20plugin
Frame ID: B60F7D3CC047BAA49E120ADF69705C52
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33bd8e54ad3138%26domain%3Dcandycrushsagafreerewards.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcandycrushsagafreerewards.blogspot.com%252Ff378502e4700c38%26relation%3Dparent.parent&color_scheme=light&container_width=568&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F645532775470454%2F&layout=standard&locale=en_US&sdk=joey&send=false&show_faces=true&width=The%20pixel%20width%20of%20the%20plugin
Frame ID: 43ACA643CB3D65933A329AA397610D62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Candy Crush Saga Free Rewards And GiveawaysCandy Crush Saga Rewards and Giveaways

Page URL History Show full URLs

http://candycrushsagafreerewards.blogspot.com.tr/ HTTP 302
http://candycrushsagafreerewards.blogspot.com/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

67
Requests

61 %
HTTPS

60 %
IPv6

18
Domains

26
Subdomains

21
IPs

6
Countries

1163 kB
Transfer

1864 kB
Size

5
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://4.bp.blogspot.com/-atHN3PuIV5M/Ul9w7o8LYkI/AAAAAAAAAHo/X4zEF-hKLRs/s1600/combo3.png

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-1ZPKrt9ro0M/Ul9xCT8U-II/AAAAAAAAAHw/yPkt16WhTDU/s1600/combo2.png

Search URL Search Domain Scan URL

URL: http://4.bp.blogspot.com/-10EFlpSvP2A/Ul9xLUgVb-I/AAAAAAAAAH4/TtFIN1cT8c0/s1600/combo3.png

Search URL Search Domain Scan URL

URL: http://track.cmllk1.info/SHks
Title: DOWNLOAD APP

Search URL Search Domain Scan URL

URL: http://track.cmllk1.info/SHn2
Title: DOWNLOAD APP

Search URL Search Domain Scan URL

URL: http://track.cmllk1.info/SHn4
Title: DOWNLOAD APP

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5847923814263975503&postID=3794800515589711025&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5847923814263975503&postID=3794800515589711025&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5847923814263975503&postID=3794800515589711025&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5847923814263975503&postID=3794800515589711025&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5847923814263975503&postID=3794800515589711025&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://candycrushsagafreerewards.blogspot.com.tr/ HTTP 302
http://candycrushsagafreerewards.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://i.imgur.com/UhyUG47.png HTTP 301
https://i.imgur.com/UhyUG47.png

Request Chain 24

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 66

https://gum.criteo.com/sid/json?origin=publishertag&domain=candycrushsagafreerewards.blogspot.com&sn=ChromeSyncframe&so=0&topUrl=candycrushsagafreerewards.blogspot.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=a4DSh3x3OW9FMU5oQyt2M3k4aGM5TTM4bmk4NXFxYWJ4eFBGM3YxMTBhaXZmdnBzZFJwK0JFaFNEMVdaVzRFQUYzRTd6elc5QVlNbnJTUEc0NWlGaFdlZG1kTmErckVvK20ycXcxUGJnUXhCbVJQbTJtTGJGMDNBMTZjaG9rb1YxSTRmdTRJV2VwaTdhOXVoVDQ3YkprYllJZTZFQWJBRVBndHFJeHFGTHlRUjRYRGI5R3hBS1BuS3lKUW1LdUxWeEV5S1pMcGllME9QK3Nja0pVbEVzVW5nZ3ZBUzk5QmNKckxnQVorRWxZdW5hSURzTjhLcUR4ZFo1eFo3THhHYnlnMVREZWM1RFI3aitlc2pkaFJlaWJJYlRUSlNPL1dKTTQzc0NubW5sdWYrUFpNcHhPN2poNGRqSlI1NDgzd1RReVpyRnw&cppv=2

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
candycrushsagafreerewards.blogspot.com/
Redirect Chain

http://candycrushsagafreerewards.blogspot.com.tr/
http://candycrushsagafreerewards.blogspot.com/

39 KB
11 KB

347ms
263ms

Document
text/html

2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://candycrushsagafreerewards.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2b272565e658c9f8bf8f747c1c3d61456be8919230e1630301281242ed0d98a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 10535
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 08:01:50 GMT
ETag: W/"945cec98afd3154cc8bb81c4e02e8a89ae4a2fb41094ec66c477581e428a7467"
Expires: Thu, 05 Jan 2023 08:01:50 GMT
Last-Modified: Wed, 08 Dec 2021 03:17:33 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 189
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Jan 2023 08:01:50 GMT
Expires: Thu, 05 Jan 2023 08:01:50 GMT
Location: http://candycrushsagafreerewards.blogspot.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 160ms
30ms Stylesheet
text/css 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 12:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 20:04:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 04 Jan 2024 12:11:27 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 193ms
100ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 08:01:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ec76424fc4148a81"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 08:01:51 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 144ms
143ms Stylesheet
text/css 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5847923814263975503&zx=adfbb9d9-550f-4104-8df1-ef9518f830a4

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 05 Jan 2023 08:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 08:01:51 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getad Show response
ads.lfstmedia.com/ 36 KB
14 KB 118ms
14ms Script
application/javascript 78.46.57.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.lfstmedia.com/getad?site=195321
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: HTTP/1.1
Server: 78.46.57.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.57.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 317b86fbce85a1f080df7edd82a24244573878d4b0e0d1e587cb859514a1bb43

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Aug 2022 13:06:12 GMT
Server: nginx
ETag: W/"62fa44c4-8f74"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET mygate.php
www.fileice.net/gateway/ 0
0

GET bootstrap.min.css
candycrushsagafreerewards.blogspot.com/assets/css/ 0
0

GET main.css
candycrushsagafreerewards.blogspot.com/assets/css/ 0
0

GET bootstrap-responsive.min.css
candycrushsagafreerewards.blogspot.com/assets/css/ 0
0

GET
H2

200

UhyUG47.png
i.imgur.com/
Redirect Chain

http://i.imgur.com/UhyUG47.png
https://i.imgur.com/UhyUG47.png

66 KB
66 KB

221ms
118ms

Image
image/png

199.232.16.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/UhyUG47.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Server

199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8bfc3b8d67834d682489e21abc3c12dbafa575af1637d3769095b2df9df5ec1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 285182
x-cache: HIT, MISS
content-length: 67706
x-served-by: cache-iad-kcgs7200079-IAD, cache-vie6324-VIE
last-modified: Mon, 22 Jul 2013 16:02:31 GMT
server: cat factory 1.0
x-timer: S1672905711.314262,VS0,VE100
etag: "045957025dc317db272e4ca09fab99e8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

X-Served-By: cache-vie6374-VIE
Date: Thu, 05 Jan 2023 08:01:51 GMT
Strict-Transport-Security: max-age=300
Server: cat factory 1.0
X-Timer: S1672905711.192866,VS0,VE0
X-Cache: HIT
Access-Control-Allow-Methods: GET, OPTIONS
Location: https://i.imgur.com/UhyUG47.png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Retry-After: 0
X-Cache-Hits: 0

GET
H/1.1 200
OK combo3.png
4.bp.blogspot.com/-atHN3PuIV5M/Ul9w7o8LYkI/AAAAAAAAAHo/X4zEF-hKLRs/s320/ 54 KB
54 KB 374ms
345ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-atHN3PuIV5M/Ul9w7o8LYkI/AAAAAAAAAHo/X4zEF-hKLRs/s320/combo3.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd53ea1313c492d935558e68099b7322152fa3578434b2d2302bade4adae4077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v7b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="combo3.png"
Timing-Allow-Origin: *
Content-Length: 55199
X-XSS-Protection: 0
Expires: Fri, 06 Jan 2023 08:01:51 GMT

GET
H/1.1 200
OK combo2.png
4.bp.blogspot.com/-1ZPKrt9ro0M/Ul9xCT8U-II/AAAAAAAAAHw/yPkt16WhTDU/s320/ 53 KB
54 KB 361ms
332ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-1ZPKrt9ro0M/Ul9xCT8U-II/AAAAAAAAAHw/yPkt16WhTDU/s320/combo2.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e45d920d38195822f10950cbc3b92c81e89795d518dcff7dcf2447a3005ef5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v7d"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="combo2.png"
Timing-Allow-Origin: *
Content-Length: 54567
X-XSS-Protection: 0
Expires: Fri, 06 Jan 2023 08:01:51 GMT

GET
H/1.1 200
OK combo3.png
4.bp.blogspot.com/-10EFlpSvP2A/Ul9xLUgVb-I/AAAAAAAAAH4/TtFIN1cT8c0/s320/ 54 KB
54 KB 365ms
335ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-10EFlpSvP2A/Ul9xLUgVb-I/AAAAAAAAAH4/TtFIN1cT8c0/s320/combo3.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd53ea1313c492d935558e68099b7322152fa3578434b2d2302bade4adae4077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v7f"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="combo3.png"
Timing-Allow-Origin: *
Content-Length: 55199
X-XSS-Protection: 0
Expires: Fri, 06 Jan 2023 08:01:51 GMT

GET boxavail.png
www.fbhaxville.info/images/ 0
0

GET
H/1.1 200
OK cookienotice.js Show response
candycrushsagafreerewards.blogspot.com/js/ 6 KB
3 KB 62ms
61ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://candycrushsagafreerewards.blogspot.com/js/cookienotice.js

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Jan 2023 03:13:03 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Thu, 12 Jan 2023 08:01:51 GMT

GET
H2 200 3675762886-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
153 KB 32ms
30ms Script
text/javascript 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3675762886-widgets.js

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c3597fab0ce649ba89abe43afe195539c1f2f5bbe75f6477df94f4caf65637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 02:45:27 GMT
x-content-type-options: nosniff
age: 278184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156297
x-xss-protection: 0
last-modified: Sun, 01 Jan 2023 22:50:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 02 Jan 2024 02:45:27 GMT

GET
H2 200 body_background_birds.png
resources.blogblog.com/blogblog/data/1kt/watermark/ 22 KB
22 KB 107ms
48ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/watermark/body_background_birds.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 23:43:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2023 21:55:47 GMT
server: sffe
age: 116286
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22568
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 10 Jan 2023 23:43:45 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 173 KB
57 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aceab2a83a86b7ddd5dd7d4720a346dfc02ef4a5075d095e99c524c7f7647b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57913
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:32:54 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 57ms
28ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 19:14:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 46059
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Wed, 18 Jan 2023 19:14:12 GMT

GET
H2 200 body_overlay_birds.png
resources.blogblog.com/blogblog/data/1kt/watermark/ 3 KB
4 KB 59ms
47ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/watermark/body_overlay_birds.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:43:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2023 01:50:19 GMT
server: sffe
age: 159526
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3523
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 10 Jan 2023 11:43:05 GMT

GET
H2 200 post_background_birds.png
resources.blogblog.com/blogblog/data/1kt/watermark/ 103 B
216 B 50ms
49ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/watermark/post_background_birds.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 06:21:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 31 Dec 2022 12:50:49 GMT
server: sffe
age: 351627
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 08 Jan 2023 06:21:24 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 679ms
679ms Stylesheet
text/css 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5847923814263975503&zx=adfbb9d9-550f-4104-8df1-ef9518f830a4

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 05 Jan 2023 08:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 08:01:51 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 8746 7 KB
3 KB 660ms
659ms Document
text/html 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5847923814263975503&blogName=Candy+Crush+Saga+Free+Rewards+And+Giv...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://candycrushsagafreerewards.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://candycrushsagafreerewards.blogspot.com/&vt=-3881481740196595841&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1149ad55325ee7139b6eb92b45bede148c91609ce3648cd61fe6e09d73455864

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2616
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 05 Jan 2023 08:01:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET main.css
candycrushsagafreerewards.blogspot.com/assets/css/ 0
0

GET bootstrap-responsive.min.css
candycrushsagafreerewards.blogspot.com/assets/css/ 0
0

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

88ms
17ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd1f838ca386266e78de280b671b6e7f2f2bb2a5befe5fb92b4aaaca506c096b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 08:01:52 GMT
content-md5: yt9CA2NHeiNKR3shxaCNGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Qn8e1+eSMQ0h8MnOZklSN9ETvfds2VMpqQyei2A9Dqc3AChXVPo9Hvmjj2uwaF3NHuaKvfnARFMwkbl3Kga5bQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 7dcf1b6ebf2dfeda66d37dd62700d4f7
cross-origin-opener-policy: same-origin-allow-popups
etag: "0a001d071e41944eac06a7bd079d5c97"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 08:13:55 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK banner.js Show response
cdn.lfstmedia.com/~cdn/JS/02/4.2.1/modules/ 8 KB
4 KB 138ms
7ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.lfstmedia.com/~cdn/JS/02/4.2.1/modules/banner.js
Requested by: Host: ads.lfstmedia.com
URL: http://ads.lfstmedia.com/getad?site=195321
Protocol: HTTP/1.1
Server: 192.229.233.6 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 02b9e5c542557aa16e77b4ab60651d200718920312c51b68b052a22ed649d3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 23:16:10 GMT
Server: ECS (frb/669E)
Age: 420
Etag: "6246363a-209c+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Content-Length: 3353
Expires: Thu, 05 Jan 2023 08:11:51 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 6503 121 KB
40 KB 115ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.lfstmedia.com
URL: http://ads.lfstmedia.com/getad?site=195321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Jan 2023 08:01:51 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 260ms
51ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d34088160040&pos=8a96912a017676d23203d346dbd20046&cmd=bid
Requested by: Host: ads.lfstmedia.com
URL: http://ads.lfstmedia.com/getad?site=195321
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 13c51a9665398c53d30698f0463faed99302cc747653bba30a9f528677d979bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://candycrushsagafreerewards.blogspot.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK slot76432 Show response
ads.lfstmedia.com/gate/ext_bid/ 103 B
339 B 13ms
13ms Script
application/x-javascript 78.46.57.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.lfstmedia.com/gate/ext_bid/slot76432?adkey=7b9&ad_size=300x250&jsonp=LSM_SlotObj_1.onLoad&__location=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F&__referrer=&__screen=1600x1200&__flash=0.0.0&__position=1&__offsetX=665&__offsetY=1001&__visibility=1&__wn=0&__sf=0&__fif=0&__if=0&__ao=&__modules=banner&__bgver=4.2.1&__stamp=1672905711835&__pp=1
Requested by: Host: ads.lfstmedia.com
URL: http://ads.lfstmedia.com/getad?site=195321
Protocol: HTTP/1.1
Server: 78.46.57.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.57.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 707c6a208bb67a4dca20a1778e0238d8c3eef8d795a77fb47a18d9eb9f06afa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET recentupdates.html
fbhaxville.info/ Frame E4A9 0
0

GET boxavail.png
www.fbhaxville.info/images/ 0
0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
308 B 256ms
50ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d34088160040&pos=8a96912a017676d23203d346dbd20046&cmd=bid
Requested by: Host: ads.lfstmedia.com
URL: http://ads.lfstmedia.com/getad?site=195321
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 07ff7c034a97281f2e501071dc897b69a298183abebdf66d5cde504873a9e2d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:52 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://candycrushsagafreerewards.blogspot.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK slot76431 Show response
ads.lfstmedia.com/gate/ext_bid/ 103 B
339 B 23ms
13ms Script
application/x-javascript 78.46.57.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.lfstmedia.com/gate/ext_bid/slot76431?adkey=c1f&ad_size=300x250&jsonp=LSM_SlotObj_2.onLoad&__location=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F&__referrer=&__screen=1600x1200&__flash=0.0.0&__position=2&__offsetX=665&__offsetY=2450&__visibility=1&__wn=0&__sf=0&__fif=0&__if=0&__ao=&__modules=banner&__bgver=4.2.1&__stamp=1672905711839&__pp=1
Requested by: Host: ads.lfstmedia.com
URL: http://ads.lfstmedia.com/getad?site=195321
Protocol: HTTP/1.1
Server: 78.46.57.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.57.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 71efa416be5b80a02bbedac255ed1e047fffaeecf68ea9c0e2945c8fc6221f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK classic.js Show response
widgets.amung.us/ 13 KB
7 KB 39ms
19ms Script
application/x-javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.amung.us/classic.js
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:51 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Wed, 04 Jan 2023 16:55:16 GMT
Server: cloudflare
Age: 2409
etag: W/"63b5af74-32c5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
Connection: keep-alive
CF-RAY: 784ab03b1f26bb50-FRA
expires: Fri, 06 Jan 2023 07:21:42 GMT

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 30ms
30ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 23:17:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2023 02:49:53 GMT
server: sffe
age: 117887
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 10 Jan 2023 23:17:04 GMT

GET
H3 200 body_background_navigator.png
resources.blogblog.com/blogblog/data/1kt/watermark/ 34 KB
34 KB 31ms
30ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/watermark/body_background_navigator.png

Requested by

Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9754838f8b597bda799ff6a75743fbc1b7ba671e79ed618b7b7e14017d3345ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:25:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2023 10:56:04 GMT
server: sffe
age: 160568
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 10 Jan 2023 11:25:43 GMT

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 54ms
22ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F&j=
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
x-t: 0.56
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0phn1%2BZ8X%2ByXoSk8jd4uDSmU0a6yI0fJ1rMq9HnSV4bGJ8TAwqMF9xtoHNmrgLUZwQKvsWK4Yx440VP9rLxWLsVFOiPX4hegtC0DY5Yhv29ahHn5oiez8ve4BFbuQQyRWj5JFA1obPsKkz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 784ab03bd90cbbaa-FRA
expires: Thu, 05 Jan 2023 08:01:50 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 30 B
314 B 151ms
126ms Script
text/javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=shppk7ih2ob9&t=Candy%20Crush%20Saga%20Free%20Rewards%20And%20Giveaways&c=c&x=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F&y=&a=0&d=1.457&v=27&r=2220
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b4a706eaacb50ae85434d1893b348eee75a1bf27db8347dc0f8238b0ac605a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 08:01:52 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 784ab03bcaeb2c4d-FRA

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6503 174 B
452 B 221ms
18ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=13220729245

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ce1c31b4af63da2d04a2561c675a7ca7ecb123de158a4c585c8e4c58c1e41b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://candycrushsagafreerewards.blogspot.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 161

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6503 174 B
452 B 220ms
17ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=8618770481

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

698ec23f7000b2c4c686a811a4099683d96d3c12b942d0a49cad2c6417a26dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://candycrushsagafreerewards.blogspot.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 160

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 8746 54 KB
20 KB 62ms
62ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=5847923814263975503&blogName=Candy+Crush+Saga+Free+Rewards+And+Giv...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://candycrushsagafreerewards.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://candycrushsagafreerewards.blogspot.com/&vt=-3881481740196595841&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8c7a73b00b68e5b2547715c54ec90d75bd48c1e1016de1178f38be47547a3a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 08:01:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e203b3eb7c1b4f6d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 08:01:52 GMT

GET
H3 200 icons_orange.png
resources.blogblog.com/img/navbar/ Frame 8746 915 B
938 B 30ms
29ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_orange.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 23:23:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2023 20:04:25 GMT
server: sffe
age: 117523
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 10 Jan 2023 23:23:09 GMT

GET
H3 200 arrows-blue.png
resources.blogblog.com/img/navbar/ Frame 8746 104 B
127 B 31ms
30ms Image
image/png 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-blue.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:44:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Jan 2023 06:51:06 GMT
server: sffe
age: 94671
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 11 Jan 2023 05:44:01 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
388 B 54ms
54ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=candycrushsagafreerewards.blogspot.com&_ss=o9kqxz2669&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=35o2&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b1edfc53cf369c72cc598cc15fd5a10db55f1928c45996004d34e293930b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:52 GMT
x-t: 0.14
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGaiJEX8MXPdgNTsl2o2NEsGBtyLl%2B9rxcABbthI6QuL6F4U7EGPP1SbGdtWyOqMaMe%2F75S2lserTpL0lY%2F3BJFZFehX5PWbIAp2apLZo9OQv32HyKrA8UXIc%2FfNjxE1Z%2Faddefjz9ceYu4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 784ab03c19a2bbaa-FRA
expires: Thu, 05 Jan 2023 08:01:51 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 302 KB
85 KB 34ms
16ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=3ee44775a54351963530f666430d42a1

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81586efac265ee5a03cb0b6ef2b77feffe6918c56dca96d25651866f062b7f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Origin: http://candycrushsagafreerewards.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 08:01:52 GMT
content-md5: DWwh8VKjLcpIeff9l4ScPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86791
x-fb-rlafr: 0
x-fb-debug: QPQ0d7I4NFYspZ12GWVtrIW7IYxglljTua3nMjneTyYlslkd4iu/KgqTloBYpQKzoJgcCk8UwDuMmvuYo6BO+A==
x-fb-content-md5: 03417716171ff62039f32a36e297cf53
cross-origin-opener-policy: same-origin-allow-popups
etag: "eb1b1c5ba0c3db94246e0dd432bbf5c4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 07:51:45 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 8746 126 KB
42 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 15:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 15:47:00 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 76ms
22ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 08:01:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
age: 234201
etag: W/"62d96946-4599"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 784ab03d0c7f9bc2-FRA
expires: Sun, 08 Jan 2023 08:01:52 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 523ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0&t=Candy%20Crush%20Saga%20Free%20Rewards%20And%20Giveaways&cu=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H2 204 events
bidder.criteo.com/csm/ Frame 6503 0
238 B 16ms
16ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: http://candycrushsagafreerewards.blogspot.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK 406.html Show response
cdn.lfstmedia.com/~cdn/Ads/ad_shared/static/ Frame 7B5D 146 B
496 B 8ms
7ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.lfstmedia.com/~cdn/Ads/ad_shared/static/406.html?requestUri=%2Fgate%2Fext_bid%2Fslot76431&msgCode=1005
Requested by: Host: cdn.lfstmedia.com
URL: http://cdn.lfstmedia.com/~cdn/JS/02/4.2.1/modules/banner.js
Protocol: HTTP/1.1
Server: 192.229.233.6 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 00398de66f8a9a69b9576240affd8210e5ed24456788f6dbf24d6bfe6dd8b094

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Age: 9934160
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 118
Content-Type: text/html
Date: Thu, 05 Jan 2023 08:01:52 GMT
Etag: "5adfcf2e-92+gzip"
Expires: Fri, 05 Jan 2024 08:01:52 GMT
Last-Modified: Wed, 25 Apr 2018 00:43:26 GMT
Server: ECS (frb/67BC)
Vary: Accept-Encoding
X-Cache: HIT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 6503 0
238 B 16ms
15ms Ping
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 08:01:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: http://candycrushsagafreerewards.blogspot.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK 406.html Show response
cdn.lfstmedia.com/~cdn/Ads/ad_shared/static/ Frame A48C 146 B
496 B 7ms
7ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.lfstmedia.com/~cdn/Ads/ad_shared/static/406.html?requestUri=%2Fgate%2Fext_bid%2Fslot76432&msgCode=1005
Requested by: Host: cdn.lfstmedia.com
URL: http://cdn.lfstmedia.com/~cdn/JS/02/4.2.1/modules/banner.js
Protocol: HTTP/1.1
Server: 192.229.233.6 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 00398de66f8a9a69b9576240affd8210e5ed24456788f6dbf24d6bfe6dd8b094

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Age: 9934160
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 118
Content-Type: text/html
Date: Thu, 05 Jan 2023 08:01:52 GMT
Etag: "5adfcf2e-92+gzip"
Expires: Fri, 05 Jan 2024 08:01:52 GMT
Last-Modified: Wed, 25 Apr 2018 00:43:26 GMT
Server: ECS (frb/67BC)
Vary: Accept-Encoding
X-Cache: HIT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
252 B 482ms
107ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!shppk7ih2ob9&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 05 Jan 2023 08:01:52 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Fri, 06 Jan 2023 08:01:52 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0&t=Candy%20Crush%20Saga%20Free%20Rewards%20And%20Giveaways&cu=http%3A%2F%2Fcandycrushsagafreerewards.blogspot.com%2F
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 112ms
111ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0&t=Candy%20Crush%20Saga%20Free%20Rewards%20And%20Giveaways
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
111ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!shppk7ih2ob9&lm=0&ts=1672905712188&dn=TC&iso=0
Requested by: Host: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Thu, 05 Jan 2023 08:01:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 4046960807-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 30ms
29ms Stylesheet
text/css 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/4046960807-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3675762886-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69bbef00f16d3c95a1aadf497326cd66630aa0ed70e1a3b32f460b78afd1dfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 19:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6531
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 13:52:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 03 Jan 2024 19:46:50 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5922 15 KB
6 KB 81ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=candycrushsagafreerewards.blogspot.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 08:01:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 676480
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 like.php Show response
web.facebook.com/plugins/ Frame 4014 0
3 KB 171ms
113ms Document
text/html 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df398e2528f6ecac%26domain%3Dcandycrushsagafreerewards.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcandycrushsagafreerewards.blogspot.com%252Ff378502e4700c38%26relation%3Dparent.parent&color_scheme=light&container_width=568&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FCandy-Crush-Saga-Free-Gifts%2F436923533085129&layout=standard&locale=en_US&sdk=joey&send=false&show_faces=true&width=The%20pixel%20width%20of%20the%20plugin

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ee44775a54351963530f666430d42a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 Jan 2023 08:01:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: Sn46wDop81QU0Byv5B71CmTs8Gir+VJPAm8t0A3PpacvF1ZnOjRIfLBGa2g4GMzYBx47ozEkrkcX7bXhawgzng==
x-xss-protection: 0

GET
H2 200 like.php Show response
web.facebook.com/plugins/ Frame B60F 0
117 B 169ms
116ms Document
text/html 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a0295d01c60c8%26domain%3Dcandycrushsagafreerewards.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcandycrushsagafreerewards.blogspot.com%252Ff378502e4700c38%26relation%3Dparent.parent&color_scheme=light&container_width=568&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FCandy-Crush-Saga-Free-Gifts%2F436923533085129&layout=standard&locale=en_US&sdk=joey&send=false&show_faces=true&width=The%20pixel%20width%20of%20the%20plugin

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ee44775a54351963530f666430d42a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 Jan 2023 08:01:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: qYlfzPnY3rYp4/kc1mIppRyAIItaFJ3wADmeLvy25oeWlBv7LtQmv3iIjGXH9GlQS0doRGEoLJCraVRyTHvJqQ==
x-xss-protection: 0

GET
H2 200 like.php Show response
web.facebook.com/plugins/ Frame 43AC 0
116 B 159ms
114ms Document
text/html 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33bd8e54ad3138%26domain%3Dcandycrushsagafreerewards.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fcandycrushsagafreerewards.blogspot.com%252Ff378502e4700c38%26relation%3Dparent.parent&color_scheme=light&container_width=568&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F645532775470454%2F&layout=standard&locale=en_US&sdk=joey&send=false&show_faces=true&width=The%20pixel%20width%20of%20the%20plugin

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ee44775a54351963530f666430d42a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://candycrushsagafreerewards.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 Jan 2023 08:01:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: uz/3UBrt1dzu1uwSzm19QTog3cX9bUd4/LjcvRbA8oPt0+CdDrbMqOxEq+G0lfqomVIjPe4auo5KFDu/z/Y4lA==
x-xss-protection: 0

GET
H3 200 2023311418-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 368 KB
368 KB 31ms
31ms Script
text/javascript 2a00:1450:400d:80a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2023311418-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3675762886-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2009 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c97b5869068dd129a067e2e373285c87b23d3553cd042286860cd393d0e08c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candycrushsagafreerewards.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 02:49:18 GMT
x-content-type-options: nosniff
age: 277955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376365
x-xss-protection: 0
last-modified: Sun, 01 Jan 2023 22:50:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 02 Jan 2024 02:49:18 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5922
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=candycrushsagafreerewards.blogspot.com&sn=ChromeSyncframe&so=0&topUrl=candycrushsagafreerewards.blogspot.com&cw=1&lsw=1&topicsavail=0&fled...
https://mug.criteo.com/sid?cpp=a4DSh3x3OW9FMU5oQyt2M3k4aGM5TTM4bmk4NXFxYWJ4eFBGM3YxMTBhaXZmdnBzZFJwK0JFaFNEMVdaVzRFQUYzRTd6elc5QVlNbnJTUEc0NWlGaFdlZG1kTmErckVvK20ycXcxUGJnUXhCbVJQbTJtTGJGMDNBMTZjaG...

476 B
685 B

75ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=a4DSh3x3OW9FMU5oQyt2M3k4aGM5TTM4bmk4NXFxYWJ4eFBGM3YxMTBhaXZmdnBzZFJwK0JFaFNEMVdaVzRFQUYzRTd6elc5QVlNbnJTUEc0NWlGaFdlZG1kTmErckVvK20ycXcxUGJnUXhCbVJQbTJtTGJGMDNBMTZjaG9rb1YxSTRmdTRJV2VwaTdhOXVoVDQ3YkprYllJZTZFQWJBRVBndHFJeHFGTHlRUjRYRGI5R3hBS1BuS3lKUW1LdUxWeEV5S1pMcGllME9QK3Nja0pVbEVzVW5nZ3ZBUzk5QmNKckxnQVorRWxZdW5hSURzTjhLcUR4ZFo1eFo3THhHYnlnMVREZWM1RFI3aitlc2pkaFJlaWJJYlRUSlNPL1dKTTQzc0NubW5sdWYrUFpNcHhPN2poNGRqSlI1NDgzd1RReVpyRnw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6dac9e6b55d5def77cadc3ca923fcc242616b7b73f62a389cf3c13b80616355e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 08:01:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2347336
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 08:01:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=a4DSh3x3OW9FMU5oQyt2M3k4aGM5TTM4bmk4NXFxYWJ4eFBGM3YxMTBhaXZmdnBzZFJwK0JFaFNEMVdaVzRFQUYzRTd6elc5QVlNbnJTUEc0NWlGaFdlZG1kTmErckVvK20ycXcxUGJnUXhCbVJQbTJtTGJGMDNBMTZjaG9rb1YxSTRmdTRJV2VwaTdhOXVoVDQ3YkprYllJZTZFQWJBRVBndHFJeHFGTHlRUjRYRGI5R3hBS1BuS3lKUW1LdUxWeEV5S1pMcGllME9QK3Nja0pVbEVzVW5nZ3ZBUzk5QmNKckxnQVorRWxZdW5hSURzTjhLcUR4ZFo1eFo3THhHYnlnMVREZWM1RFI3aitlc2pkaFJlaWJJYlRUSlNPL1dKTTQzc0NubW5sdWYrUFpNcHhPN2poNGRqSlI1NDgzd1RReVpyRnw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 761108
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.fileice.net
URL: http://www.fileice.net/gateway/mygate.php?id=412b442f44786a4277305a74

Domain: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/assets/css/bootstrap.min.css

Domain: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/assets/css/main.css

Domain: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/assets/css/bootstrap-responsive.min.css

Domain: www.fbhaxville.info
URL: http://www.fbhaxville.info/images/boxavail.png

Domain: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/assets/css/main.css

Domain: candycrushsagafreerewards.blogspot.com
URL: http://candycrushsagafreerewards.blogspot.com/assets/css/bootstrap-responsive.min.css

Domain: fbhaxville.info
URL: http://fbhaxville.info/recentupdates.html

Domain: www.fbhaxville.info
URL: http://www.fbhaxville.info/images/boxavail.png

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-20 08:41:50	Name: m Value: 1
.dtscout.com/	1970-01-20 08:42:00	Name: oa Value: 1
.dtscout.com/	1970-01-20 11:05:45	Name: df Value: 1672905711
.criteo.com/	1970-01-20 18:03:21	Name: uid Value: a9abec66-1ff9-4092-bd24-c79db1708e17
.candycrushsagafreerewards.blogspot.com/	1970-01-20 18:03:21	Name: cto_bundle Value: 4tRZal85MSUyRlNBcDBJOGZTUU8yWTFVS2FSTDQ4RlZ0cWc4dG1Td3pBeHRmdnNtbXVVTE1sMmk4dFhTaVdEMnlaT0ZtJTJCemJ3VSUyRnZmT2h0SFJjamE4NklwV2FXZVhES284M0RJbkdhWlpUNHF1RDM1OU1wdjVWcTRNWDJWQWlERkJUNll4cUlDJTJGakdidE9XaGJWY2VlTHNlR3dSQnprdVBQYVdsWlBtSEY2b25nTGlaN2UxOTZDMTcxcGQ2MmVDZUVvWUpReA

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.fileice.net/gateway/mygate.php?id=412b442f44786a4277305a74 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
security	error	URL: http://candycrushsagafreerewards.blogspot.com/(Line 643) Message: Refused to apply style from 'http://candycrushsagafreerewards.blogspot.com/assets/css/bootstrap-responsive.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: http://candycrushsagafreerewards.blogspot.com/(Line 643) Message: Refused to apply style from 'http://candycrushsagafreerewards.blogspot.com/assets/css/main.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: http://www.fbhaxville.info/images/boxavail.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: http://candycrushsagafreerewards.blogspot.com/(Line 643) Message: Refused to apply style from 'http://candycrushsagafreerewards.blogspot.com/assets/css/bootstrap.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: http://candycrushsagafreerewards.blogspot.com/(Line 649) Message: Refused to apply style from 'http://candycrushsagafreerewards.blogspot.com/assets/css/main.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: http://candycrushsagafreerewards.blogspot.com/(Line 650) Message: Refused to apply style from 'http://candycrushsagafreerewards.blogspot.com/assets/css/bootstrap-responsive.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: http://www.fbhaxville.info/images/boxavail.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
ads.lfstmedia.com
apis.google.com
bidder.criteo.com
c2shb.ssp.yahoo.com
candycrushsagafreerewards.blogspot.com
candycrushsagafreerewards.blogspot.com.tr
cdn.lfstmedia.com
cdn.tynt.com
connect.facebook.net
de.tynt.com
fbhaxville.info
gum.criteo.com
i.imgur.com
ic.tynt.com
mug.criteo.com
pagead2.googlesyndication.com
resources.blogblog.com
static.criteo.net
t.dtscout.com
web.facebook.com
whos.amung.us
widgets.amung.us
www.blogger.com
www.fbhaxville.info
www.fileice.net
candycrushsagafreerewards.blogspot.com
fbhaxville.info
www.fbhaxville.info
www.fileice.net
104.18.36.173
178.250.0.157
192.229.233.6
199.232.16.193
2606:4700:10::6816:4bab
2606:4700:21::8d65:780b
2a00:1450:4001:812::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2009
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
35.157.246.167
67.202.105.31
67.202.105.33
78.46.57.112
00398de66f8a9a69b9576240affd8210e5ed24456788f6dbf24d6bfe6dd8b094
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9
02b9e5c542557aa16e77b4ab60651d200718920312c51b68b052a22ed649d3de
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
07c3597fab0ce649ba89abe43afe195539c1f2f5bbe75f6477df94f4caf65637
07ff7c034a97281f2e501071dc897b69a298183abebdf66d5cde504873a9e2d9
1149ad55325ee7139b6eb92b45bede148c91609ce3648cd61fe6e09d73455864
13c51a9665398c53d30698f0463faed99302cc747653bba30a9f528677d979bd
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2b272565e658c9f8bf8f747c1c3d61456be8919230e1630301281242ed0d98a5
317b86fbce85a1f080df7edd82a24244573878d4b0e0d1e587cb859514a1bb43
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
49b1edfc53cf369c72cc598cc15fd5a10db55f1928c45996004d34e293930b1f
4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a
51c97b5869068dd129a067e2e373285c87b23d3553cd042286860cd393d0e08c
698ec23f7000b2c4c686a811a4099683d96d3c12b942d0a49cad2c6417a26dd7
69bbef00f16d3c95a1aadf497326cd66630aa0ed70e1a3b32f460b78afd1dfe1
6dac9e6b55d5def77cadc3ca923fcc242616b7b73f62a389cf3c13b80616355e
707c6a208bb67a4dca20a1778e0238d8c3eef8d795a77fb47a18d9eb9f06afa2
71efa416be5b80a02bbedac255ed1e047fffaeecf68ea9c0e2945c8fc6221f60
81586efac265ee5a03cb0b6ef2b77feffe6918c56dca96d25651866f062b7f29
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e
8bfc3b8d67834d682489e21abc3c12dbafa575af1637d3769095b2df9df5ec1c
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
9754838f8b597bda799ff6a75743fbc1b7ba671e79ed618b7b7e14017d3345ca
aceab2a83a86b7ddd5dd7d4720a346dfc02ef4a5075d095e99c524c7f7647b6e
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd1f838ca386266e78de280b671b6e7f2f2bb2a5befe5fb92b4aaaca506c096b
ce1c31b4af63da2d04a2561c675a7ca7ecb123de158a4c585c8e4c58c1e41b44
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4a706eaacb50ae85434d1893b348eee75a1bf27db8347dc0f8238b0ac605a
e45d920d38195822f10950cbc3b92c81e89795d518dcff7dcf2447a3005ef5ca
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
fb8c7a73b00b68e5b2547715c54ec90d75bd48c1e1016de1178f38be47547a3a
fd53ea1313c492d935558e68099b7322152fa3578434b2d2302bade4adae4077

candycrushsagafreerewards.blogspot.com Open in urlscan Pro 2a00:1450:400d:807::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

61 %HTTPS

60 %IPv6

18 Domains

26 Subdomains

21 IPs

6 Countries

1163 kBTransfer

1864 kBSize

5 Cookies

13 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

candycrushsagafreerewards.blogspot.com Open in urlscan Pro
2a00:1450:400d:807::2001 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

61 %
HTTPS

60 %
IPv6

18
Domains

26
Subdomains

21
IPs

6
Countries

1163 kB
Transfer

1864 kB
Size

5
Cookies

67 HTTP transactions
1 data transactions