track.tkbo.com Open in urlscan Pro
94.130.186.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://security.wmp.i-yoblog.com/
Effective URL:
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
Submission: On November 14 via automatic, source certstream-suspicious (November 14th 2019, 7:47:28 am UTC)

Summary HTTP 155 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 155 HTTP transactions. The main IP is 94.130.186.231, located in Germany and belongs to HETZNER-AS, DE. The main domain is track.tkbo.com.

This is the only time track.tkbo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	159.69.186.9 159.69.186.9	24940 (HETZNER-AS) (HETZNER-AS)
30 91	94.130.186.231 94.130.186.231	24940 (HETZNER-AS) (HETZNER-AS)
30 30	209.15.13.134 209.15.13.134	13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1)
60	2a01:4f8:c2c:... 2a01:4f8:c2c:bc6c::1	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
155	5

2 159.69.186.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.186.69.159.clients.your-server.de

security.wmp.i-yoblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 94.130.186.231 (Germany) 30 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.231.186.130.94.clients.your-server.de

track.tkbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 209.15.13.134 (Toronto, Canada) 30 redirects

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)

fw.dnslink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a01:4f8:c2c:bc6c::1 (Germany)

ASN24940 (HETZNER-AS, DE)

ww20.i-yoblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	tkbo.com 30 redirects track.tkbo.com	48 KB
62	i-yoblog.com security.wmp.i-yoblog.com ww20.i-yoblog.com	57 KB
30	dnslink.com 30 redirects fw.dnslink.com	10 KB
6	google-analytics.com www.google-analytics.com Failed	52 KB
155	4

	Domain	Requested by
91	track.tkbo.com	30 redirects security.wmp.i-yoblog.com track.tkbo.com ww20.i-yoblog.com
60	ww20.i-yoblog.com	track.tkbo.com ww20.i-yoblog.com
30	fw.dnslink.com	30 redirects
6	www.google-analytics.com	security.wmp.i-yoblog.com
2	security.wmp.i-yoblog.com	security.wmp.i-yoblog.com
155	5

This site contains no links.

Subject Issuer	Validity	Valid
security.wmp.i-yoblog.com Let's Encrypt Authority X3	`2019-11-14` - `2020-02-12`	3 months	crt.sh
track.tkbo.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-27` - `2020-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Frame: https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
Frame ID: AD7F96574748E21AAD061AB4B55EDB67
Requests: 155 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://security.wmp.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref= HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNv... Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

155
Requests

25 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

147 kB
Transfer

324 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://security.wmp.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref= HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL
https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb Page URL
http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/ Page URL
http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref= HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 5

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 8

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 9

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 10

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 13

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 14

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 15

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 18

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 19

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 20

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 23

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 24

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 25

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 28

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 29

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 30

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 33

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 34

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 35

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 38

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 39

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 40

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 43

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 44

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 45

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 48

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 49

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 50

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 53

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 54

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 55

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 58

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 59

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 60

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 63

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 64

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 65

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 68

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 69

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 70

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 73

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 74

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 75

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 78

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 79

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 80

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 83

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 84

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 85

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 88

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 89

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 90

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 93

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 94

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 95

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 98

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 99

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 100

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 103

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 104

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 105

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 108

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 109

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 110

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 113

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 114

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 115

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 118

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 119

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 120

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 123

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 124

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 125

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 128

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 129

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 130

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 133

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 134

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 135

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 138

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 139

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 140

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 143

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 144

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 145

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 148

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 149

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/ HTTP 302
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Request Chain 150

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A HTTP 302
http://ww20.i-yoblog.com/

Request Chain 152

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

155 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
security.wmp.i-yoblog.com/ 2 KB
1 KB 71ms
20ms Document
text/html 159.69.186.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://security.wmp.i-yoblog.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

159.69.186.9 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.9.186.69.159.clients.your-server.de

Software

openresty /

Resource Hash

b64d5a95f4db0da4582c59924e92c7d0bdc12743c6a4b3ca5f71c0881d78002e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: security.wmp.i-yoblog.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: openresty
date: Thu, 14 Nov 2019 07:43:05 GMT
content-type: text/html; charset=utf8
set-cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiI4M2U5MjEwNjIwZjY2MmU1NzBmYmYwNThmZDJlZDBhNSIsInRpbWVfaW5pdCI6MTU3MzcxNzM4NX0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=55014; path=/
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 banner_ads.js
security.wmp.i-yoblog.com/ 111 B
327 B 1ms
1ms Script
application/javascript 159.69.186.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://security.wmp.i-yoblog.com/banner_ads.js
Requested by: Host: security.wmp.i-yoblog.com
URL: https://security.wmp.i-yoblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.186.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.186.69.159.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://security.wmp.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Thu, 14 Nov 2019 07:43:05 GMT
last-modified: Thu, 26 Sep 2019 08:13:05 GMT
server: openresty
etag: "5d8c7311-6f"
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 111
expires: Sat, 14 Dec 2019 07:43:05 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 7ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: security.wmp.i-yoblog.com
URL: https://security.wmp.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=q52i0u7o5kpb8f6s0r5oufkhu1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:51 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=q52i0u7o5kpb8f6s0r5oufkhu1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set /
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

55ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Host: track.tkbo.com
URL: https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:52 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxMn0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54787; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=b9dfa28c-371b-4375-b12d-a12aba4a4768; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:46:50 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:52 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:52 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=q52i0u7o5kpb8f6s0r5oufkhu1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=q52i0u7o5kpb8f6s0r5oufkhu1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:52 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxMn0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:53 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:46:52 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:53 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:53 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=q52i0u7o5kpb8f6s0r5oufkhu1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=q52i0u7o5kpb8f6s0r5oufkhu1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:53 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:54 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxNH0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54785; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:46:53 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:54 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:54 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
3ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=la5fv2mod9g7dip7eemi6ks2gh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:55 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=la5fv2mod9g7dip7eemi6ks2gh; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

39ms
39ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxNH0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:55 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=ab3ae7b6-4c16-405c-92e4-55a701444a96; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:46:54 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 11ms
9ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:55 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:55 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=la5fv2mod9g7dip7eemi6ks2gh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=la5fv2mod9g7dip7eemi6ks2gh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:56 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

26ms
26ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxNH0%3D; _ga=GA1.2.1108724337.1573717615; _gid=GA1.2.564827258.1573717615; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:56 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:46:55 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:56 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:56 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 11ms
11ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=la5fv2mod9g7dip7eemi6ks2gh
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

14ms
13ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4399
date: Thu, 14 Nov 2019 06:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 08:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:56 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:57 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxN30%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54782; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=2cca61ea-7785-407d-946a-85bfc65893ea; path=/
X-Server: web02
Date: Thu, 14 Nov 2019 07:46:56 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:57 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:57 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:57 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=2unep2l0m4sls357ou1jrs6054; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxN30%3D; _ga=GA1.2.1106278330.1573717617; _gid=GA1.2.322045946.1573717617; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:58 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:46:57 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:58 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:58 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:46:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:46:58 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

24ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxN30%3D; _ga=GA1.2.1106278330.1573717617; _gid=GA1.2.322045946.1573717617; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:59 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:46:58 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:46:59 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:46:59 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 5ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:46:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

5ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:00 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxN30%3D; _ga=GA1.2.1106278330.1573717617; _gid=GA1.2.322045946.1573717617; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:00 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:46:59 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:00 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:00 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 5ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:01 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYxN30%3D; _ga=GA1.2.1106278330.1573717617; _gid=GA1.2.322045946.1573717617; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:01 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:00 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:01 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:01 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 7ms
7ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=2unep2l0m4sls357ou1jrs6054
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4404
date: Thu, 14 Nov 2019 06:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 08:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:02 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:02 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyMn0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54777; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=edfc2bd8-7707-48b8-b87c-a0153e158855; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:01 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 11ms
10ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:02 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:02 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
3ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=t6tnuuopd7b06k2rp9srctn44c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:03 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=t6tnuuopd7b06k2rp9srctn44c; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set /
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

22ms
21ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:03 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyM30%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54776; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=b149a276-596e-4507-bfa9-a1803f95897a; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:02 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:03 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:03 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=t6tnuuopd7b06k2rp9srctn44c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=t6tnuuopd7b06k2rp9srctn44c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:04 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

25ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyM30%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:04 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:03 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:04 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:04 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=t6tnuuopd7b06k2rp9srctn44c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

6ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=12rs3bkll23gji1vo9f2g865an
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:05 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=12rs3bkll23gji1vo9f2g865an; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:05 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyNX0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54774; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=e32c1c04-7e7b-4f6d-b0e8-4b009686054f; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:04 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:05 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:05 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 5ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=pc1nc9n9muaag1jo51ei4a8irn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:06 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=pc1nc9n9muaag1jo51ei4a8irn; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyNX0%3D; _ga=GA1.2.618215749.1573717626; _gid=GA1.2.2084912877.1573717626; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:06 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:05 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:06 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:06 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=pc1nc9n9muaag1jo51ei4a8irn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

14ms
14ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4409
date: Thu, 14 Nov 2019 06:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 08:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

5ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:07 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:07 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyN30%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54772; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=e81c4121-18c5-4de3-bec8-939f9ae1786b; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:06 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:07 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:07 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=jd3bi2lo3htv3jadt36qqhujgn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:08 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=jd3bi2lo3htv3jadt36qqhujgn; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyN30%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:09 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:07 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:09 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:09 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=jd3bi2lo3htv3jadt36qqhujgn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=jd3bi2lo3htv3jadt36qqhujgn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:09 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

32ms
32ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYyN30%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:10 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:08 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:10 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:10 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=jd3bi2lo3htv3jadt36qqhujgn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:10 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:11 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzMX0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54768; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=fdefe8d6-9c12-4d77-a933-b5a917da759c; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:09 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:11 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:11 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=7s5tc98qbg42f300uqjo5ocmsv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:11 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=7s5tc98qbg42f300uqjo5ocmsv; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

26ms
26ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzMX0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:12 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:10 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:12 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:12 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=7s5tc98qbg42f300uqjo5ocmsv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=7s5tc98qbg42f300uqjo5ocmsv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:12 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzMX0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:13 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:12 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 4ms
4ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:13 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:13 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=7s5tc98qbg42f300uqjo5ocmsv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=7s5tc98qbg42f300uqjo5ocmsv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:14 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzMX0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:14 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:13 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:14 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:14 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 5ms
5ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=7s5tc98qbg42f300uqjo5ocmsv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:15 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:15 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzNX0%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54764; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=82e3a32d-1d4d-422d-85cf-a272d0f19e2e; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:14 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:15 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:15 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
3ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=4mgd23533rhssa902v744r06om
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:16 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=4mgd23533rhssa902v744r06om; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

30ms
30ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzNX0%3D; _ga=GA1.2.2059593536.1573717636; _gid=GA1.2.1263815448.1573717636; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:16 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:15 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:16 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:16 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=4mgd23533rhssa902v744r06om
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=4mgd23533rhssa902v744r06om
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:17 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:17 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzN30%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54762; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:16 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:17 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:17 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php Show response
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

6ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:18 GMT
content-type: text/html; charset=utf-8
set-cookie: XID=d9bau5f4lecsal124f8jd6d3o3; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

23ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzN30%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:19 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=527562cd-f78f-4edd-b730-4bcab1fa4d04; path=/
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:17 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:19 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:19 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 8ms
5ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
0

7ms
2ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4422
date: Thu, 14 Nov 2019 06:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 08:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
516 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:19 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

25ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzN30%3D; _ga=GA1.2.566708583.1573717639; _gid=GA1.2.723152076.1573717639; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:20 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:18 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 5ms
5ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:20 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:20 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 4ms
3ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:20 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

24ms
23ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzN30%3D; _ga=GA1.2.566708583.1573717639; _gid=GA1.2.723152076.1573717639; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:21 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:20 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:21 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:21 GMT

GET
H/1.1 200
OK /
track.tkbo.com/ 737 B
749 B 17ms
17ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4424
date: Thu, 14 Nov 2019 06:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 08:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:21 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
1 KB

24ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzYzN30%3D; _ga=GA1.2.566708583.1573717639; _gid=GA1.2.723152076.1573717639; _gat_mainCounter=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:22 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Thu, 14 Nov 2019 07:47:21 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 3ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:22 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:22 GMT

GET
H/1.1 200
OK / Show response
track.tkbo.com/ 737 B
749 B 4ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Cookie: XID=d9bau5f4lecsal124f8jd6d3o3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

0
0

GET
H2

200

beam.php
track.tkbo.com/
Redirect Chain

https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/
https://track.tkbo.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962...

931 B
515 B

4ms
4ms

Document
text/html

94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: track.tkbo.com
URL: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.tkbo.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Response headers

status: 200
server: nginx
date: Thu, 14 Nov 2019 07:47:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Thu, 14 Nov 2019 07:47:22 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWkteW9ibG9nLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=09b41eb5b60a9fbe703e2b386962bdeb
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set / Show response
ww20.i-yoblog.com/
Redirect Chain

http://fw.dnslink.com/?domainname=i-yoblog.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
http://ww20.i-yoblog.com/

2 KB
2 KB

24ms
24ms

Document
text/html

2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ww20.i-yoblog.com/

Requested by

Protocol

HTTP/1.1

Server

2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ww20.i-yoblog.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:23 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiaS15b2Jsb2cuY29tIiwibWVtYmVyIjoiOCIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvNzQuMC4zNzI5LjE2OSBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjNGE3ZDI4MmU3NDM0YjVlYWUxMThlZDQ0NGFhMDJjNyIsInRpbWVfaW5pdCI6MTU3MzcxNzY0M30%3D; expires=Thu, 14-Nov-2019 22:59:59 GMT; Max-Age=54756; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://ww20.i-yoblog.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: _dhc.480470180=9b9af96d-6cb6-4dc7-a774-47d051cd2789; path=/
X-Server: web01
Date: Thu, 14 Nov 2019 07:47:21 GMT
Connection: close
Content-Length: 141

GET
H/1.1 200
OK banner_ads.js Show response
ww20.i-yoblog.com/ 111 B
465 B 4ms
3ms Script
application/javascript 2a01:4f8:c2c:bc6c::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ww20.i-yoblog.com/banner_ads.js
Requested by: Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/
Protocol: HTTP/1.1
Server: 2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Nov 2019 07:47:23 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: nginx
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Sat, 14 Dec 2019 07:47:23 GMT

GET
H/1.1 200
OK Primary Request / Show response
track.tkbo.com/ 737 B
749 B 5ms
4ms Document
text/html 94.130.186.231
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://track.tkbo.com/?mid=140&f=KS&domain=i-yoblog.com

Requested by

Host: ww20.i-yoblog.com
URL: http://ww20.i-yoblog.com/

Protocol

HTTP/1.1

Server

94.130.186.231 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.231.186.130.94.clients.your-server.de

Software

nginx /

Resource Hash

da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: track.tkbo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ww20.i-yoblog.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ww20.i-yoblog.com/

Response headers

Server: nginx
Date: Thu, 14 Nov 2019 07:47:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
0

6ms
6ms

Script
text/javascript

2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ww20.i-yoblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4426
date: Thu, 14 Nov 2019 06:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 14 Nov 2019 08:33:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET go.php
track.tkbo.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: track.tkbo.com
URL: https://track.tkbo.com/go.php?mid=140&f=KS&domain=i-yoblog.com&ref=http://ww20.i-yoblog.com/

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fw.dnslink.com
security.wmp.i-yoblog.com
track.tkbo.com
ww20.i-yoblog.com
www.google-analytics.com
track.tkbo.com
www.google-analytics.com
159.69.186.9
209.15.13.134
2a00:1450:4001:81b::200e
2a01:4f8:c2c:bc6c::1
94.130.186.231
4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90
96bc5a2258d18be430a2a6235f97513ae9eb44316b4c733770ae9210e55f4a67
b64d5a95f4db0da4582c59924e92c7d0bdc12743c6a4b3ca5f71c0881d78002e
da328cb3844f4ed1f76e536b56faf4f0ae170a669eb9d36e3285eaf1b952160a
fe3630b097d93d22150a0487f94494682559d9666d2c83d69e1ca79c8d83c9cb

track.tkbo.com Open in urlscan Pro 94.130.186.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

25 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

147 kBTransfer

324 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

track.tkbo.com Open in urlscan Pro
94.130.186.231 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

25 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

147 kB
Transfer

324 kB
Size

0
Cookies

155 HTTP transactions
0 data transactions