lespoutinesdijonnaises.blogspot.com Open in urlscan Pro
2a00:1450:4001:827::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Submission: On October 10 via manual (October 10th 2022, 7:22:41 am UTC) from IN — Scanned from DE

Summary HTTP 95 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 36 domains to perform 95 HTTP transactions. The main IP is 2a00:1450:4001:827::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is lespoutinesdijonnaises.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on September 12th 2022. Valid for: 3 months.

This is the only time lespoutinesdijonnaises.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
6	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	103.243.148.117 103.243.148.117	133122 (HERITAGEB...) (HERITAGEBANKLTD-AS-AP Heritage Bank Ltd.)
3	2606:4700:303... 2606:4700:3034::ac43:a982	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:1435	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::393	54113 (FASTLY) (FASTLY)
2	23.203.70.81 23.203.70.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.227.20.134 64.227.20.134	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	172.64.152.181 172.64.152.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	170.135.104.176 170.135.104.176	3147 (US-BANCORP) (US-BANCORP)
1	151.139.242.8 151.139.242.8	33438 (STACKPATH) (STACKPATH)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
1 2	34.86.75.53 34.86.75.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:205... 2600:9000:2057:6800:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
3	216.104.233.144 216.104.233.144	396167 (BHN-BGP) (BHN-BGP)
1	23.35.236.144 23.35.236.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:206... 2600:9000:206f:4400:14:1d4:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	12.154.216.136 12.154.216.136	7018 (ATT-INTER...) (ATT-INTERNET4)
1	70.32.23.81 70.32.23.81	55293 (A2HOSTING) (A2HOSTING)
1	2606:4700::68... 2606:4700::6812:b34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:40::60 2620:1ec:40::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.55.91.210 162.55.91.210	24940 (HETZNER-AS) (HETZNER-AS)
1	199.96.219.162 199.96.219.162	16501 (I2C-ASN) (I2C-ASN)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	151.101.192.138 151.101.192.138	54113 (FASTLY) (FASTLY)
1	198.187.29.14 198.187.29.14	22612 (NAMECHEAP...) (NAMECHEAP-NET)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
95	39

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lespoutinesdijonnaises.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

resentproduces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.243.148.117 (Australia)

ASN133122 (HERITAGEBANKLTD-AS-AP Heritage Bank Ltd., AU)

www.heritage.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:a982 (United States)

ASN13335 (CLOUDFLARENET, US)

www.jeffersonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1435 (United States)

ASN13335 (CLOUDFLARENET, US)

marketingcdn.giftcardgranny.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.70.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-70-81.deploy.static.akamaitechnologies.com

www.usbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.20.134 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

heritages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.152.181 (United States)

ASN13335 (CLOUDFLARENET, US)

usa.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.135.104.176 (United States)

ASN3147 (US-BANCORP, US)

www.h-dvisa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.8 (United States)

ASN33438 (STACKPATH, US)

390109.smushcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

www.wikihow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.86.75.53 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: www.bindb.com

bindb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bindb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6800:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.104.233.144 (United States)

ASN396167 (BHN-BGP, US)

mygift.giftcardmall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-144.deploy.static.akamaitechnologies.com

173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4400:14:1d4:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.foxdealer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

www.investopedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 12.154.216.136 (Austin, United States)

ASN7018 (ATT-INTERNET4, US)

www.uhcu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.32.23.81 (United States)

ASN55293 (A2HOSTING, US)
PTR: mi3-ss58.a2hosting.com

www.heritageibt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b34 (United States)

ASN13335 (CLOUDFLARENET, US)

www.oneunited.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.heritagebankna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:40::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.capfed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.91.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ects

i.colnect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.96.219.162 (United States)

ASN16501 (I2C-ASN, US)

www.vanillabalance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.doctorofcredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.138 (United States)

ASN54113 (FASTLY, US)

gccdn.giftcards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.187.29.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium71-5.web-hosting.com

www.milenomics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	blogger.com www.blogger.com — Cisco Umbrella Rank: 7360	746 KB
9	google.com apis.google.com — Cisco Umbrella Rank: 232 www.google.com — Cisco Umbrella Rank: 19	174 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	414 KB
8	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 352 lh3.googleusercontent.com — Cisco Umbrella Rank: 168	61 KB
7	blogspot.com lespoutinesdijonnaises.blogspot.com	185 KB
6	resentproduces.com resentproduces.com
3	giftcardmall.com mygift.giftcardmall.com — Cisco Umbrella Rank: 445031	118 KB
3	visa.com usa.visa.com — Cisco Umbrella Rank: 89154	160 KB
3	jeffersonbank.com www.jeffersonbank.com	536 KB
3	heritage.com.au www.heritage.com.au	183 KB
2	heritagebankna.com www.heritagebankna.com	54 KB
2	website-files.com assets.website-files.com — Cisco Umbrella Rank: 20206	10 KB
2	bindb.com 1 redirects bindb.com www.bindb.com	120 KB
2	usbank.com www.usbank.com — Cisco Umbrella Rank: 61615	653 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	574 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	28 KB
1	milenomics.com www.milenomics.com	187 KB
1	giftcards.com gccdn.giftcards.com — Cisco Umbrella Rank: 359023	180 B
1	doctorofcredit.com www.doctorofcredit.com — Cisco Umbrella Rank: 266824	6 KB
1	wp.com i2.wp.com — Cisco Umbrella Rank: 9962	45 KB
1	vanillabalance.com www.vanillabalance.com	109 KB
1	colnect.net i.colnect.net — Cisco Umbrella Rank: 665163	16 KB
1	capfed.com www.capfed.com — Cisco Umbrella Rank: 504425	104 KB
1	oneunited.com www.oneunited.com	179 KB
1	heritageibt.com www.heritageibt.com	113 KB
1	uhcu.org www.uhcu.org	33 KB
1	investopedia.com www.investopedia.com — Cisco Umbrella Rank: 40367	178 KB
1	foxdealer.com static.foxdealer.com — Cisco Umbrella Rank: 270242	15 KB
1	rackcdn.com 173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 687735	101 KB
1	wikihow.com www.wikihow.com — Cisco Umbrella Rank: 26879	29 KB
1	smushcdn.com 390109.smushcdn.com — Cisco Umbrella Rank: 378114	45 KB
1	h-dvisa.com www.h-dvisa.com	27 KB
1	heritages.com heritages.com	394 KB
1	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3871	4 KB
1	giftcardgranny.com marketingcdn.giftcardgranny.com	34 KB
0	Failed function sub() { [native code] }. Failed
95	36

	Domain	Requested by
15	www.blogger.com	lespoutinesdijonnaises.blogspot.com apis.google.com www.blogger.com
7	lh3.googleusercontent.com	lespoutinesdijonnaises.blogspot.com
7	lespoutinesdijonnaises.blogspot.com	lespoutinesdijonnaises.blogspot.com
6	resentproduces.com	lespoutinesdijonnaises.blogspot.com
5	www.gstatic.com	www.google.com apis.google.com www.gstatic.com
5	apis.google.com	lespoutinesdijonnaises.blogspot.com apis.google.com www.blogger.com
4	www.google.com	www.blogger.com www.gstatic.com www.google.com
3	fonts.gstatic.com	lespoutinesdijonnaises.blogspot.com www.google.com
3	mygift.giftcardmall.com	lespoutinesdijonnaises.blogspot.com
3	usa.visa.com	lespoutinesdijonnaises.blogspot.com
3	www.jeffersonbank.com	lespoutinesdijonnaises.blogspot.com
3	www.heritage.com.au	lespoutinesdijonnaises.blogspot.com
2	www.heritagebankna.com	lespoutinesdijonnaises.blogspot.com
2	assets.website-files.com	lespoutinesdijonnaises.blogspot.com
2	www.usbank.com	lespoutinesdijonnaises.blogspot.com
1	pagead2.googlesyndication.com	lespoutinesdijonnaises.blogspot.com
1	cdnjs.cloudflare.com	lespoutinesdijonnaises.blogspot.com
1	www.milenomics.com	lespoutinesdijonnaises.blogspot.com
1	gccdn.giftcards.com	lespoutinesdijonnaises.blogspot.com
1	www.doctorofcredit.com	lespoutinesdijonnaises.blogspot.com
1	i2.wp.com	lespoutinesdijonnaises.blogspot.com
1	www.vanillabalance.com	lespoutinesdijonnaises.blogspot.com
1	i.colnect.net	lespoutinesdijonnaises.blogspot.com
1	www.capfed.com	lespoutinesdijonnaises.blogspot.com
1	www.oneunited.com	lespoutinesdijonnaises.blogspot.com
1	www.heritageibt.com	lespoutinesdijonnaises.blogspot.com
1	www.uhcu.org	lespoutinesdijonnaises.blogspot.com
1	www.investopedia.com	lespoutinesdijonnaises.blogspot.com
1	static.foxdealer.com	lespoutinesdijonnaises.blogspot.com
1	173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com	lespoutinesdijonnaises.blogspot.com
1	www.bindb.com	lespoutinesdijonnaises.blogspot.com
1	bindb.com	1 redirects
1	play-lh.googleusercontent.com	lespoutinesdijonnaises.blogspot.com
1	www.wikihow.com	lespoutinesdijonnaises.blogspot.com
1	390109.smushcdn.com	lespoutinesdijonnaises.blogspot.com
1	www.h-dvisa.com	lespoutinesdijonnaises.blogspot.com
1	heritages.com	lespoutinesdijonnaises.blogspot.com
1	res.cloudinary.com	lespoutinesdijonnaises.blogspot.com
1	marketingcdn.giftcardgranny.com	lespoutinesdijonnaises.blogspot.com
0	Failed	lespoutinesdijonnaises.blogspot.com
95	40

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.heritage.com.au
www.jeffersonbank.com
marketingcdn.giftcardgranny.com
res.cloudinary.com
www.usbank.com
heritages.com
usa.visa.com
www.h-dvisa.com
390109.smushcdn.com
www.wikihow.com
play-lh.googleusercontent.com
bindb.com
assets.website-files.com
mygift.giftcardmall.com
173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com
static.foxdealer.com
www.investopedia.com
www.uhcu.org
www.heritageibt.com
www.oneunited.com
www.heritagebankna.com
www.capfed.com
i.colnect.net
www.vanillabalance.com
i2.wp.com
www.doctorofcredit.com
www.milenomics.com
www.facebook.com
twitter.com
pinterest.com
api.whatsapp.com
www.instagram.com
linkedin.com
youtube.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
resentproduces.com R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
www.heritage.com.au Thawte EV RSA CA G2	`2021-10-13` - `2022-11-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
www.usbank.com Entrust Certification Authority - L1M	`2022-02-28` - `2023-03-27`	a year	crt.sh
heritages.com R3	`2022-08-27` - `2022-11-25`	3 months	crt.sh
usa.visa.com Cloudflare Inc ECC CA-3	`2022-07-02` - `2023-07-02`	a year	crt.sh
www.h-dvisa.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-20` - `2023-08-20`	a year	crt.sh
*.smushcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-08` - `2023-03-08`	a year	crt.sh
*.wikihow.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-11` - `2023-08-12`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
mygift.giftcardmall.com DigiCert SHA2 Extended Validation Server CA	`2022-08-15` - `2023-09-15`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA	`2022-01-30` - `2023-01-31`	a year	crt.sh
static.foxdealer.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.investopedia.com R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
uhcu.org Go Daddy Secure Certificate Authority - G2	`2022-07-26` - `2023-07-26`	a year	crt.sh
heritageibt.com cPanel, Inc. Certification Authority	`2022-09-05` - `2022-12-04`	3 months	crt.sh
oneunited.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
www.heritagebankna.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-07`	a year	crt.sh
*.capfed.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-29` - `2023-04-29`	a year	crt.sh
i.colnect.net R3	`2022-08-19` - `2022-11-17`	3 months	crt.sh
www.vanillabalance.com Entrust Certification Authority - L1M	`2022-09-27` - `2023-10-27`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
www.doctorofcredit.com Cloudflare Inc ECC CA-3	`2022-08-17` - `2023-08-17`	a year	crt.sh
*.cashstar.com GlobalSign Atlas R3 OV TLS CA 2022 Q3	`2022-09-21` - `2023-10-23`	a year	crt.sh
milenomics.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-11` - `2023-02-11`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Frame ID: 33117275EDB22BD2ED516FDA4B2501AF
Requests: 74 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1073130669881468221&blogName=Trendy+Gift+Card&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://lespoutinesdijonnaises.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://lespoutinesdijonnaises.blogspot.com/&targetPostID=3208715195219386844&blogPostOrPageUrl=https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html&vt=-5367029938694679549&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 40CC4CEE4C97969080AB546CD6D0ABD7
Requests: 3 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/1073130669881468221?po=3208715195219386844&hl=en&skin=contempo&blogspotRpcToken=5800619
Frame ID: 074D22F8C9847B3F30F326BB5D3DB7F0
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4qwh9wayh6b6
Frame ID: E7CF82CAAC41CB955B5F731996F79BF6
Requests: 7 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: 7950F472C931D020AC9FD9F7E6207DA8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

41 heritage bank visa gift card balance - Trendy Gift Card

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

95
Requests

97 %
HTTPS

47 %
IPv6

36
Domains

40
Subdomains

39
IPs

3
Countries

5059 kB
Transfer

7061 kB
Size

1
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/12109001342363654082
Title: Mr. Adam White

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=1073130669881468221&postID=3208715195219386844&from=pencil
Title: Edit

Search URL Search Domain Scan URL

URL: https://www.heritage.com.au/-/media/m/tools/user-guides/heritage-bank-prepaid-visa-gift-card.png?la=en&hash=30217504DE56FC9CC4DEE598D3971D89548D33EF

Search URL Search Domain Scan URL

URL: https://www.jeffersonbank.com/sites/default/files/styles/intro_background/public/2020-11/jb-app-logo.png?itok=yt3XK__L

Search URL Search Domain Scan URL

URL: https://marketingcdn.giftcardgranny.com/2019/mastercard/plastics-example.png

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/gift-card-granny/image/upload/f_auto/ar_32:21,c_scale,w_210/v1629743626/GCG/assets/virtual-example_y1brtu.png

Search URL Search Domain Scan URL

URL: https://www.usbank.com/content/usbank/bank-accounts/checking-accounts/debit-cards/jcr:content/largePar/containercomp_copy_1/containercomp_copy_1/containercomp_copy_c/containercomp_copy_c/showhidepanel_copy_1104514179/row3/textimagev2_copy/image.img.jpg

Search URL Search Domain Scan URL

URL: https://www.usbank.com/content/dam/usbank/images/bank-accounts/checking-accounts/debit-cards/banner-hispanic-heritage.png

Search URL Search Domain Scan URL

URL: https://www.jeffersonbank.com/sites/default/files/2021-04/gift-card-circles-updated.png

Search URL Search Domain Scan URL

URL: https://heritages.com/wp-content/uploads/2020/01/giftcard.png

Search URL Search Domain Scan URL

URL: https://usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/cafe-dinner-drinks-payment-gift-card-800x450.jpg

Search URL Search Domain Scan URL

URL: https://www.h-dvisa.com/credit/harley_davidson/images/card-HDV-Sig-heritage_315x201.png

Search URL Search Domain Scan URL

URL: https://390109.smushcdn.com/432534/wp-content/uploads/2019/02/summit-federal-cu.png?lossy=1&strip=1&webp=1

Search URL Search Domain Scan URL

URL: https://www.heritage.com.au/-/media/m/tools/user-guides/prezee-egift-card-landing-screenshot.png?la=en&hash=83F41A974D69D3A7562BEF4BE56093BBDEC293AE

Search URL Search Domain Scan URL

URL: https://www.wikihow.com/images/thumb/3/31/Check-Your-Visa-Gift-Card-Balance-Step-5.jpg/v4-460px-Check-Your-Visa-Gift-Card-Balance-Step-5.jpg

Search URL Search Domain Scan URL

URL: https://play-lh.googleusercontent.com/tRH1pNnHk7KaYD-bnEwL3OMcE0qYaP1DJptxKqLDBJJGSsBMzl2ZhlS6diSJFwW1b8za=w526-h296-rw

Search URL Search Domain Scan URL

URL: https://bindb.com/img/prepaid/435167-sunrise-banks.jpg

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/57ffbd7a6422e951589f5f5d/581b97b3a4b2992736f5672c_FDIC_Member%202.svg

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/content/images/main-card-visa-sparkle.png

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/content/images/Movies-Everywhere.png

Search URL Search Domain Scan URL

URL: https://173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com/content/giftcards/sites/9/2016/04/beautiful-mother-visa-1.jpg

Search URL Search Domain Scan URL

URL: https://www.jeffersonbank.com/sites/default/files/2021-05/personal_check_card.png

Search URL Search Domain Scan URL

URL: https://static.foxdealer.com/global/2022/02/card-art-hdv-combo-stacked.png

Search URL Search Domain Scan URL

URL: https://www.heritage.com.au/-/media/m/images/about/logos/heritage-bank_nsw_logo_pf_colour.jpg

Search URL Search Domain Scan URL

URL: https://www.investopedia.com/thmb/_9I57vNONnBLovjcX_xEWgGWLN4=/2121x1414/filters:fill(auto,1)/credit-cards-in-leather-wallet-on-wooden-background-952866958-f3e6331237164219a93e4fd598038b35.jpg

Search URL Search Domain Scan URL

URL: https://usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/person-holding-visa-card-800x450.jpg

Search URL Search Domain Scan URL

URL: https://www.uhcu.org/UHCU.Web/media/UHCU/Images/Photos/photo-uhcu-debit-card.jpg?ext=.jpg

Search URL Search Domain Scan URL

URL: https://www.heritageibt.com/wp-content/uploads/2015/11/debit-card-300x189.png

Search URL Search Domain Scan URL

URL: https://www.oneunited.com/core/content/uploads/2017/03/UnsecuredVSsecured_small.png

Search URL Search Domain Scan URL

URL: https://www.heritagebankna.com/wp-content/uploads/2022/03/credit-card.jpg

Search URL Search Domain Scan URL

URL: https://www.capfed.com/-/media/images/capfedweb/hero-images/giftcard_hero4.ashx

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/content/images/main-card-visa-fiveback.png

Search URL Search Domain Scan URL

URL: https://i.colnect.net/f/4160/705/Gift-Card.jpg

Search URL Search Domain Scan URL

URL: https://www.vanillabalance.com/cholder/brands/incomm/1_login_media_01.jpg?random=438.0

Search URL Search Domain Scan URL

URL: https://www.heritagebankna.com/wp-content/uploads/2022/03/debit-cards-300x205.jpg

Search URL Search Domain Scan URL

URL: https://assets.website-files.com/57ffbd7a6422e951589f5f5d/58a1d6bf8ca8d7f86f97bf38_app-icon.jpg

Search URL Search Domain Scan URL

URL: https://usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/person-using-laptop-and-holding-visa-card-800x450.jpg

Search URL Search Domain Scan URL

URL: https://i2.wp.com/milesperday.com/wp-content/uploads/2020/10/IMG_2320-scaled.jpg?fit=640%2C853&ssl=1

Search URL Search Domain Scan URL

URL: https://www.doctorofcredit.com/wp-content/uploads/2018/04/heritage-bank.png

Search URL Search Domain Scan URL

URL: https://www.milenomics.com/wp-content/uploads/2014/06/Frauded.png

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=41%20heritage%20bank%20visa%20gift%20card%20balance&url=https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html&media=https://www.heritage.com.au/-/media/m/tools/user-guides/heritage-bank-prepaid-visa-gift-card.png?la=en&hash=30217504DE56FC9CC4DEE598D3971D89548D33EF&description=41%20heritage%20bank%20visa%20gift%20card%20balance

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=&text=41%20heritage%20bank%20visa%20gift%20card%20balance%20%2D%20https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/1073130669881468221?po=3208715195219386844&hl=en&skin=contempo&blogspotRpcToken=5800619

Search URL Search Domain Scan URL

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://linkedin.com/

Search URL Search Domain Scan URL

URL: https://youtube.com/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://bindb.com/img/prepaid/435167-sunrise-banks.jpg HTTP 301
https://www.bindb.com/img/prepaid/435167-sunrise-banks.jpg

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 41-heritage-bank-visa-gift-card-balance.html Show response
lespoutinesdijonnaises.blogspot.com/2022/10/ 232 KB
71 KB 600ms
466ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14052c090ec2b7b88b023045fec1df1f511ba5d9436cc8cb85cd6c73bbce3250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 71829
content-type: text/html; charset=UTF-8
date: Mon, 10 Oct 2022 07:22:24 GMT
etag: W/"2cb6d5432591c3cd9e64afc6581aa898e79774fb0a55114ee8600c53861c2fb9"
expires: Mon, 10 Oct 2022 07:22:24 GMT
last-modified: Mon, 10 Oct 2022 06:52:35 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 243ms
136ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1073130669881468221&zx=c72447fc-97e1-4244-a5fa-abe6f61b4535

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Mon, 10 Oct 2022 07:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 07:22:24 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 139ms
50ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 07:22:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "95a07626e083cec6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 07:22:24 GMT

GET
H/1.1 403
Forbidden invoke.js
resentproduces.com/a5800523af366955663150612e17dd41/ 0
0 1473ms
97ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resentproduces.com/a5800523af366955663150612e17dd41/invoke.js
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 07:22:25 GMT
Server: nginx/1.22.0
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 heritage%20bank%20visa%20gift%20card%20balance Show response
lespoutinesdijonnaises.blogspot.com/feeds/posts/default/-/ 137 KB
26 KB 374ms
364ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lespoutinesdijonnaises.blogspot.com/feeds/posts/default/-/heritage%20bank%20visa%20gift%20card%20balance?alt=json-in-script&callback=bacajuga&max-results=5

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

4fe4a859e115ae3b60fa8dfcb8979fb79fb8a5ed0abb4b4261dde3756362823f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 06:52:35 GMT
server: blogger-renderd
etag: W/"cc87760a210350e67b73d29850105acd1c8341b8758843a5547d89b5436d9997"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26130
x-xss-protection: 0
expires: Mon, 10 Oct 2022 07:22:25 GMT

GET
H2 200 how%20can%20i%20find%20the%20balance%20on%20a%20visa%20gift%20card Show response
lespoutinesdijonnaises.blogspot.com/feeds/posts/default/-/ 137 KB
26 KB 836ms
827ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lespoutinesdijonnaises.blogspot.com/feeds/posts/default/-/how%20can%20i%20find%20the%20balance%20on%20a%20visa%20gift%20card?alt=json-in-script&callback=bacajuga&max-results=5

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

f75921f4ec3320ed5cf751eac61fa335b896b5ab71ee311bbdcc171fbf0b6083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 06:52:35 GMT
server: blogger-renderd
etag: W/"a6ad740bfb97c5b1b49974b5a7fbac740da9950da87563befc3251f8e6031f8d"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26161
x-xss-protection: 0
expires: Mon, 10 Oct 2022 07:22:26 GMT

GET
H2 200 how%20do%20i%20find%20the%20balance%20of%20my%20visa%20gift%20card Show response
lespoutinesdijonnaises.blogspot.com/feeds/posts/default/-/ 137 KB
26 KB 828ms
818ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lespoutinesdijonnaises.blogspot.com/feeds/posts/default/-/how%20do%20i%20find%20the%20balance%20of%20my%20visa%20gift%20card?alt=json-in-script&callback=bacajuga&max-results=5

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3cf0d91e06747f48d5bdcd6ed1629c92689aad39d0b54c3e6323796782bd6cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 06:52:35 GMT
server: blogger-renderd
etag: W/"312e719daa2d59f4fab2d2e4189319267d64dcad04ba3137d9211506e07b7a79"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26163
x-xss-protection: 0
expires: Mon, 10 Oct 2022 07:22:26 GMT

GET
H/1.1 200
OK heritage-bank-prepaid-visa-gift-card.png
www.heritage.com.au/-/media/m/tools/user-guides/ 24 KB
28 KB 3811ms
614ms Image
image/png 103.243.148.117
HERITAGEBANKLTD-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heritage.com.au/-/media/m/tools/user-guides/heritage-bank-prepaid-visa-gift-card.png?la=en&hash=30217504DE56FC9CC4DEE598D3971D89548D33EF

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.243.148.117 , Australia, ASN133122 (HERITAGEBANKLTD-AS-AP Heritage Bank Ltd., AU),

Reverse DNS

Software

Resource Hash

c07d4dea6f1d84a29547dff5d96eaa8882607df8d1d9fc49ae23326b1553ea16

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' https://*.heritage.com.au; script-src 'self' http://10.110.25.158 http://10.120.25.132 http://10.110.25.132:15871 https://*.heritage.com.au https://connect.facebook.net https://siteintercept.qualtrics.com https://www.images-home.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://s.ytimg.com https://*.siteintercept.qualtrics.com https://snap.licdn.com https://s.yimg.com https://bat.bing.com https://js.adsrvr.org https://connect.facebook.net https://vxml4.plavxml.com https://bs.serving-sys.com https://www.google-analytics.com https://vxml4.plavxml.com https://www.googletagmanager.com https://maps.googleapis.com https://*.widgetworks.com.au https://*.cloudfront.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://code.jquery.com; base-uri 'self'; connect-src 'self' https://s.yimg.com https://siteintercept.qualtrics.com https://*.doubleclick.net https://www.google-analytics.com https://bat.bing.com https://maps.googleapis.com https://apps.heritage.com.au https://apps.heritage.com.au https://*.heritage.com.au https://forms.heritage.com.au https://lib-ap-1.brilliantcollector.com; font-src 'self' https://fonts.gstatic.com https://*.heritage.com.au https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src 'self' https://match.adsrvr.org https://insight.adsrvr.org https://*.doubleclick.net https://servedby.flashtalking.com https://www.qzzr.com/ https://www.googletagmanager.com/ https://*.widgetworks.com.au https://player.vimeo.com/ https://gpm.westernunion.com/ https://xjobs.brassring.com/ https://flickrembed.com https://heritagebank.au1.qualtrics.com https://www.youtube.com/ https://forms.heritage.com.au/ https://*.heritage.com.au https://player.vimeo.com; img-src 'self' https://103.243.148.117 https://10.120.25.152 https://www.google.com/pagead/1p-user-list/957642343/ https://www.google.com.au/pagead/1p-user-list/957642343/ https://www.google.com.au/* https://sp.analytics.yahoo.com https://vxml4.plavxml.com https://www.googletagmanager.com https://p.adsymptotic.com https://www.google.com/ads/* https://www.google.com.au/ads/* https://www.google.com.au/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.heritage.com.au https://sc-cm.hbs.net.au https://*.doubleclick.net https://bat.bing.com https://*.linkedin.com https://www.facebook.com https://www.google-analytics.com https://www.images-home.com https://*.heritage.com.au https://*.googleapis.com https://maps.gstatic.com data:; manifest-src 'self'; media-src 'self';

Strict-Transport-Security

max-age=16070400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src 'self' https://*.heritage.com.au; script-src 'self' http://10.110.25.158 http://10.120.25.132 http://10.110.25.132:15871 https://*.heritage.com.au https://connect.facebook.net https://siteintercept.qualtrics.com https://www.images-home.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://s.ytimg.com https://*.siteintercept.qualtrics.com https://snap.licdn.com https://s.yimg.com https://bat.bing.com https://js.adsrvr.org https://connect.facebook.net https://vxml4.plavxml.com https://bs.serving-sys.com https://www.google-analytics.com https://vxml4.plavxml.com https://www.googletagmanager.com https://maps.googleapis.com https://*.widgetworks.com.au https://*.cloudfront.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://code.jquery.com; base-uri 'self'; connect-src 'self' https://s.yimg.com https://siteintercept.qualtrics.com https://*.doubleclick.net https://www.google-analytics.com https://bat.bing.com https://maps.googleapis.com https://apps.heritage.com.au https://apps.heritage.com.au https://*.heritage.com.au https://forms.heritage.com.au https://lib-ap-1.brilliantcollector.com; font-src 'self' https://fonts.gstatic.com https://*.heritage.com.au https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src 'self' https://match.adsrvr.org https://insight.adsrvr.org https://*.doubleclick.net https://servedby.flashtalking.com https://www.qzzr.com/ https://www.googletagmanager.com/ https://*.widgetworks.com.au https://player.vimeo.com/ https://gpm.westernunion.com/ https://xjobs.brassring.com/ https://flickrembed.com https://heritagebank.au1.qualtrics.com https://www.youtube.com/ https://forms.heritage.com.au/ https://*.heritage.com.au https://player.vimeo.com; img-src 'self' https://103.243.148.117 https://10.120.25.152 https://www.google.com/pagead/1p-user-list/957642343/ https://www.google.com.au/pagead/1p-user-list/957642343/ https://www.google.com.au/* https://sp.analytics.yahoo.com https://vxml4.plavxml.com https://www.googletagmanager.com https://p.adsymptotic.com https://www.google.com/ads/* https://www.google.com.au/ads/* https://www.google.com.au/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.heritage.com.au https://sc-cm.hbs.net.au https://*.doubleclick.net https://bat.bing.com https://*.linkedin.com https://www.facebook.com https://www.google-analytics.com https://www.images-home.com https://*.heritage.com.au https://*.googleapis.com https://maps.gstatic.com data:; manifest-src 'self'; media-src 'self';
Referrer-Policy: same-origin
Date: Mon, 10 Oct 2022 07:22:27 GMT
Last-Modified: Mon, 28 Jun 2021 06:09:02 GMT
Content-Type: image/png
Cache-Control: private, max-age=604800,max-age=0, must-revalidate, proxy-revalidate
Content-Disposition: inline; filename="Heritage Bank Prepaid Visa Gift Card.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24960
Expires: Mon, 17 Oct 2022 07:22:27 GMT

GET
H2 200 jb-app-logo.png
www.jeffersonbank.com/sites/default/files/styles/intro_background/public/2020-11/ 242 KB
243 KB 808ms
564ms Image
image/png 2606:4700:3034::ac43:a982
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jeffersonbank.com/sites/default/files/styles/intro_background/public/2020-11/jb-app-logo.png?itok=yt3XK__L

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a982 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e4ee4dc814a2a8b95306d0a5ee5298b83aa2a2b29eaac1abd262645b62424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-171ca43d37638bc57c2f5b522d1142e6-f5967f8ce570233c-00
x-platform-processor: 7awfe4fr5pp3rxfjuro2kb4o3q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 247454
x-platform-cache: MISS
last-modified: Mon, 18 Jan 2021 19:39:33 GMT
server: cloudflare
etag: "6005e3f5-3c69e"
vary: Accept-Encoding
x-platform-cluster: fv52rpr6447ka-master-7rqtwti
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GGl2XkFPtBeNTsF7TcjeGFkDHqCxqkS1ZRK7JH3UJCOYS76TcdSMn3RnnSd%2BEKiYGBPqa8mzHXjFvhI1h7B5w7X9E%2B5iqBg0ua%2BGs4EnI9Qj4pxatnCKjp7bcOkaPOURQiMrFJKETpgbze8AXfm6kCW8G4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 757d9ad0bae1695d-FRA
x-platform-router: 2wog7wcpaircw73qwtwjbpjlgi
expires: Mon, 10 Oct 2022 07:27:25 GMT

GET
H2 200 plastics-example.png
marketingcdn.giftcardgranny.com/2019/mastercard/ 33 KB
34 KB 176ms
123ms Image
image/png 2606:4700:10::ac43:1435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketingcdn.giftcardgranny.com/2019/mastercard/plastics-example.png
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc71f7b82ecdc4ce24894490baf8dda06462883829e5ca68cfd6527b88784fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:24 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: YBgZz9TKhGlNdFcloY71VAj7DF9dYaJB
x-amz-cf-pop: AMS1-C1
x-cache: Hit from cloudfront
content-length: 33954
last-modified: Wed, 12 Aug 2020 14:58:17 GMT
server: cloudflare
etag: "80990a7b3e0caebdba23eb19b8160dc8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 757d9acf8d105b62-FRA
x-amz-cf-id: ThQz4OSzHMLOjAOBRMP1xeTNq3vL7MjXaCams4K9WQ9_548S2lgRUA==
expires: Sun, 01 Jan 2034 00:00:00 GMT

GET
H2 200 virtual-example_y1brtu.png
res.cloudinary.com/gift-card-granny/image/upload/f_auto/ar_32:21,c_scale,w_210/v1629743626/GCG/assets/ 4 KB
4 KB 53ms
9ms Image
image/webp 2a04:4e42:200::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/gift-card-granny/image/upload/f_auto/ar_32:21,c_scale,w_210/v1629743626/GCG/assets/virtual-example_y1brtu.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6638b7f70e134e681f8a8fa6ece6341001dcf4f16b68d7461589e217c23838c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:24 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="virtual-example_y1brtu.webp"
server-timing: fastly;dur=3;cpu=2;start=2022-10-10T07:22:24.553Z;desc=hit,rtt;dur=5
content-length: 3636
last-modified: Wed, 06 Oct 2021 14:03:42 GMT
server: Cloudinary
etag: "4b2083d7149209ebdd17c3f7699e3d9b"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image.img.jpg
www.usbank.com/content/usbank/bank-accounts/checking-accounts/debit-cards/jcr:content/largePar/containercomp_copy_1/containercomp_copy_1/containercomp_copy_c/containercomp_copy_c/showhidepanel_copy... 102 KB
103 KB 210ms
40ms Image
image/jpeg 23.203.70.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usbank.com/content/usbank/bank-accounts/checking-accounts/debit-cards/jcr:content/largePar/containercomp_copy_1/containercomp_copy_1/containercomp_copy_c/containercomp_copy_c/showhidepanel_copy_1104514179/row3/textimagev2_copy/image.img.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.203.70.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-70-81.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 /

Resource Hash

ee6591337bdeed93a96ea88949be5240317285a0ff5be7d1340aedf549a8a548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Oct 2022 07:22:24 GMT
x-content-type-options: nosniff, nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 20:50:45 GMT
server: Microsoft-IIS/8.5
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 104944
x-xss-protection: 1; mode=block

GET
H2 200 banner-hispanic-heritage.png
www.usbank.com/content/dam/usbank/images/bank-accounts/checking-accounts/debit-cards/ 549 KB
550 KB 202ms
32ms Image
image/png 23.203.70.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usbank.com/content/dam/usbank/images/bank-accounts/checking-accounts/debit-cards/banner-hispanic-heritage.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.203.70.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-70-81.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 /

Resource Hash

8085c44a84a05e82b45b3cb9eb2ee4ab39c3ef4ced43775bd8dd6776a3a9d7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Oct 2022 07:22:24 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Oct 2022 01:35:57 GMT
server: Microsoft-IIS/8.5
etag: "a6b5b5fb23d9d81:0"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=295886
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 561843
x-xss-protection: 1; mode=block

GET
H2 200 gift-card-circles-updated.png
www.jeffersonbank.com/sites/default/files/2021-04/ 166 KB
167 KB 814ms
571ms Image
image/png 2606:4700:3034::ac43:a982
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jeffersonbank.com/sites/default/files/2021-04/gift-card-circles-updated.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:a982 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00b26200604c754da3b622ea56b8b881370f5404de6b8bccff35c645e474a3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-171ca43d380d7c00a82d2a36ffd95662-7be8b71a047b9f84-00
x-platform-processor: 7awfe4fr5pp3rxfjuro2kb4o3q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 170366
x-platform-cache: MISS
last-modified: Fri, 09 Apr 2021 20:40:42 GMT
server: cloudflare
etag: "6070bbca-2997e"
vary: Accept-Encoding
x-platform-cluster: fv52rpr6447ka-master-7rqtwti
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IweRgZdqphMU94EJMmEXFjEkXFHAaHkuLfneD%2BjRfxattf3NPcfybbQHdoOkHh6iwFMlPANBa4TRD2lzQtmrbfZ7ygk5CGt6iFQ7ylWMK6kHutHnzHJn4gnvKJ%2Bqf5HQ8x0QkTUkTfceWr1Yn5RkeDqa%2Fng%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 757d9ad0bae7695d-FRA
x-platform-router: 2wog7wcpaircw73qwtwjbpjlgi
expires: Mon, 10 Oct 2022 07:27:25 GMT

GET
H2 200 giftcard.png
heritages.com/wp-content/uploads/2020/01/ 394 KB
394 KB 1166ms
96ms Image
image/png 64.227.20.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heritages.com/wp-content/uploads/2020/01/giftcard.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

64.227.20.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.17.3 /

Resource Hash

3496aff7203a26b49d8257f10df3eebc58146373249d3af4f531cd31e51805ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Feb 2020 16:28:53 GMT
server: nginx/1.17.3
etag: "5e3aed45-626dc"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 403164
x-xss-protection: 1; mode=block

GET
H2 200 cafe-dinner-drinks-payment-gift-card-800x450.jpg
usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/ 54 KB
55 KB 277ms
222ms Image
image/jpeg 172.64.152.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/cafe-dinner-drinks-payment-gift-card-800x450.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.64.152.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2e42446f773dc231643225cd7b55720ee56e429456274c2740c8eac3a95fee

Security Headers

Name	Value
Content-Security-Policy	self
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:24 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Mon, 10 Oct 2022 03:14:35 GMT
server: cloudflare
content-security-policy: self
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cf-ray: 757d9ad0ddc4994a-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK card-HDV-Sig-heritage_315x201.png
www.h-dvisa.com/credit/harley_davidson/images/ 27 KB
27 KB 702ms
165ms Image
image/png 170.135.104.176
US-BANCORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-dvisa.com/credit/harley_davidson/images/card-HDV-Sig-heritage_315x201.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

170.135.104.176 , United States, ASN3147 (US-BANCORP, US),

Reverse DNS

Software

Resource Hash

97c9a5a5ae4f7927156bfe769f1819d7dc73bb99eb576aa21ccabe69c9483f44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 29 Jan 2021 23:49:38 GMT
Server
Date: Mon, 10 Oct 2022 07:22:19 GMT
X-Powered-By
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Content-Language: en-US
Content-Length: 27277
X-XSS-Protection: 1;mode=block

GET
H2 200 summit-federal-cu.png
390109.smushcdn.com/432534/wp-content/uploads/2019/02/ 44 KB
45 KB 583ms
518ms Image
image/webp 151.139.242.8
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://390109.smushcdn.com/432534/wp-content/uploads/2019/02/summit-federal-cu.png?lossy=1&strip=1&webp=1
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.8 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: bb558a32eb8feb20a436f844c7613ac09e70f158df3bfae918e1e5cca67974cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
x-amz-expiration: expiry-date="Mon, 10 Oct 2022 15:14:57 GMT", rule-id="expire"
last-modified: Sat, 10 Sep 2022 15:14:57 GMT
server: nginx
etag: "e84a3a7f60c53820c827d339c2fd1d9a"
x-cache: MISS
smushed: origFmt=png, origSize=49435, smushRatio=8.04, skipped=0, originCache=HIT
content-type: image/webp
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 45462
expires: Thu, 05 Oct 2023 07:22:25 GMT

GET
H/1.1 200
OK prezee-egift-card-landing-screenshot.png
www.heritage.com.au/-/media/m/tools/user-guides/ 144 KB
147 KB 3585ms
624ms Image
image/png 103.243.148.117
HERITAGEBANKLTD-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heritage.com.au/-/media/m/tools/user-guides/prezee-egift-card-landing-screenshot.png?la=en&hash=83F41A974D69D3A7562BEF4BE56093BBDEC293AE

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.243.148.117 , Australia, ASN133122 (HERITAGEBANKLTD-AS-AP Heritage Bank Ltd., AU),

Reverse DNS

Software

Resource Hash

c4f6fd43d4721c7937d57fd2f206dbdcf89e08ca780a556b81584f49de73674f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=16070400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src 'self' https://*.heritage.com.au; script-src 'self' http://10.110.25.158 http://10.120.25.132 http://10.110.25.132:15871 https://*.heritage.com.au https://connect.facebook.net https://siteintercept.qualtrics.com https://www.images-home.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://s.ytimg.com https://*.siteintercept.qualtrics.com https://snap.licdn.com https://s.yimg.com https://bat.bing.com https://js.adsrvr.org https://connect.facebook.net https://vxml4.plavxml.com https://bs.serving-sys.com https://www.google-analytics.com https://vxml4.plavxml.com https://www.googletagmanager.com https://maps.googleapis.com https://*.widgetworks.com.au https://*.cloudfront.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://code.jquery.com; base-uri 'self'; connect-src 'self' https://s.yimg.com https://siteintercept.qualtrics.com https://*.doubleclick.net https://www.google-analytics.com https://bat.bing.com https://maps.googleapis.com https://apps.heritage.com.au https://apps.heritage.com.au https://*.heritage.com.au https://forms.heritage.com.au https://lib-ap-1.brilliantcollector.com; font-src 'self' https://fonts.gstatic.com https://*.heritage.com.au https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src 'self' https://match.adsrvr.org https://insight.adsrvr.org https://*.doubleclick.net https://servedby.flashtalking.com https://www.qzzr.com/ https://www.googletagmanager.com/ https://*.widgetworks.com.au https://player.vimeo.com/ https://gpm.westernunion.com/ https://xjobs.brassring.com/ https://flickrembed.com https://heritagebank.au1.qualtrics.com https://www.youtube.com/ https://forms.heritage.com.au/ https://*.heritage.com.au https://player.vimeo.com; img-src 'self' https://103.243.148.117 https://10.120.25.152 https://www.google.com/pagead/1p-user-list/957642343/ https://www.google.com.au/pagead/1p-user-list/957642343/ https://www.google.com.au/* https://sp.analytics.yahoo.com https://vxml4.plavxml.com https://www.googletagmanager.com https://p.adsymptotic.com https://www.google.com/ads/* https://www.google.com.au/ads/* https://www.google.com.au/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.heritage.com.au https://sc-cm.hbs.net.au https://*.doubleclick.net https://bat.bing.com https://*.linkedin.com https://www.facebook.com https://www.google-analytics.com https://www.images-home.com https://*.heritage.com.au https://*.googleapis.com https://maps.gstatic.com data:; manifest-src 'self'; media-src 'self';
Referrer-Policy: same-origin
Date: Mon, 10 Oct 2022 07:22:27 GMT
Last-Modified: Thu, 07 Oct 2021 00:56:43 GMT
Content-Type: image/png
Cache-Control: private, max-age=604800,max-age=0, must-revalidate, proxy-revalidate
Content-Disposition: inline; filename="Prezee eGift Card Landing Screenshot.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147289
Expires: Mon, 17 Oct 2022 07:22:27 GMT

GET
H2 200 v4-460px-Check-Your-Visa-Gift-Card-Balance-Step-5.jpg
www.wikihow.com/images/thumb/3/31/Check-Your-Visa-Gift-Card-Balance-Step-5.jpg/ 28 KB
29 KB 392ms
361ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wikihow.com/images/thumb/3/31/Check-Your-Visa-Gift-Card-Balance-Step-5.jpg/v4-460px-Check-Your-Visa-Gift-Card-Balance-Step-5.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb431fa332fedab8b470741507d474f551b97ec71d18acacccdcc7daca22a173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 24 May 2017 07:17:23 GMT
x-amz-cf-pop: FRA50-C1
age: 0
etag: "0f88f2b25808bf67c3883bf5f8d8d7d6"
x-c: cache-hhn4041-HHN,M
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28897
x-xss-protection: 1; mode=block
expires: Tue, 10 Oct 2023 07:22:25 GMT

GET
H2 200 tRH1pNnHk7KaYD-bnEwL3OMcE0qYaP1DJptxKqLDBJJGSsBMzl2ZhlS6diSJFwW1b8za=w526-h296-rw
play-lh.googleusercontent.com/ 43 KB
44 KB 592ms
481ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/tRH1pNnHk7KaYD-bnEwL3OMcE0qYaP1DJptxKqLDBJJGSsBMzl2ZhlS6diSJFwW1b8za=w526-h296-rw

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cfc6a576af1876d3707917e7cce1931e46043877632980cccf60b5e6bcca342d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44380
x-xss-protection: 0
expires: Tue, 11 Oct 2022 07:22:25 GMT

GET
H2

200

435167-sunrise-banks.jpg
www.bindb.com/img/prepaid/
Redirect Chain

https://bindb.com/img/prepaid/435167-sunrise-banks.jpg
https://www.bindb.com/img/prepaid/435167-sunrise-banks.jpg

119 KB
119 KB

264ms
97ms

Image
image/jpeg

34.86.75.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bindb.com/img/prepaid/435167-sunrise-banks.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Server

34.86.75.53 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

www.bindb.com

Software

Secure BinDB /

Resource Hash

2d8453f590e73c852cd7c4c58963f0aa6b76fdc60cc2cd12367785cc41e39ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 24 Nov 2020 10:01:28 GMT
server: Secure BinDB
etag: "1da25-5b4d764f06e00"
x-frame-options: sameorigin
content-type: image/jpeg
content-language: en
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 121381
x-xss-protection: 1; mode=block
expires: Tue, 10 Oct 2023 07:22:25 GMT

Redirect headers

date: Mon, 10 Oct 2022 07:22:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: Secure BinDB
x-frame-options: sameorigin
content-type: text/html; charset=iso-8859-1
location: https://www.bindb.com/img/prepaid/435167-sunrise-banks.jpg
cache-control: max-age=0
content-length: 332
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 07:22:25 GMT

GET
H2 200 581b97b3a4b2992736f5672c_FDIC_Member%202.svg
assets.website-files.com/57ffbd7a6422e951589f5f5d/ 4 KB
2 KB 226ms
166ms Image
image/svg+xml 2600:9000:2057:6800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/57ffbd7a6422e951589f5f5d/581b97b3a4b2992736f5672c_FDIC_Member%202.svg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7698cc6f96d747ba69d0944108a446e24f684f03e8ca517224d66fc4a549a1a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
content-encoding: br
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-version-id: _v73dHXDA8kHWOCCRzlWZ1x5_tXhxxDK
last-modified: Thu, 03 Nov 2016 20:01:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"f4206ab58f84020678e2d7236f6c92f5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Fr4k7mwdeD1uRPVVkzFq2OZpfkq62slF6HUCP83KNc1jKDplyQWEvQ==

GET
H/1.1 200
OK main-card-visa-sparkle.png
mygift.giftcardmall.com/content/images/ 67 KB
68 KB 714ms
181ms Image
image/png 216.104.233.144
BHN-BGP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/main-card-visa-sparkle.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN396167 (BHN-BGP, US),

Reverse DNS

Software

Resource Hash

1a1cf6512abc9d8f1e59907c9e9449061bcdd2b9897da041fe0f8f0ef13107b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Mon, 10 Oct 2022 07:22:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Oct 2022 07:22:26 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: Mzc3NjdhMGQtOTFkZi00ODM3LWJhMDMtMjgzNDE3ZmYzZTFi
Content-Length: 68690
X-XSS-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 07:22:26 GMT

GET
H/1.1 200
OK Movies-Everywhere.png
mygift.giftcardmall.com/content/images/ 38 KB
39 KB 853ms
349ms Image
image/png 216.104.233.144
BHN-BGP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Movies-Everywhere.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN396167 (BHN-BGP, US),

Reverse DNS

Software

Resource Hash

b75900f5f6485c09d0192766ed53a6bd3dc99309409d93bd9c2adeb36d84c973

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Mon, 10 Oct 2022 07:22:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Oct 2022 07:22:26 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NjNkZmFlZTMtMjc5ZS00MjJjLWExYjAtOGJlNGY3ZDQ3ZTI3
Content-Length: 38714
X-XSS-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 07:22:26 GMT

GET
H/1.1 200
OK beautiful-mother-visa-1.jpg
173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com/content/giftcards/sites/9/2016/04/ 100 KB
101 KB 493ms
373ms Image
image/jpeg 23.35.236.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com/content/giftcards/sites/9/2016/04/beautiful-mother-visa-1.jpg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 592c95a3eee58e8c64028d5655cf5aafb4ec0f4a4c2e72adadcda595b3695d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 07:22:25 GMT
Last-Modified: Fri, 17 Feb 2017 17:23:58 GMT
ETag: f90f00d3044e1ad29ab50d42eed42bb3
Content-Type: image/jpeg
X-Timestamp: 1487352237.60623
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102796
X-Trans-Id: txc750c108cac34843a0b7f-006343c831ord1
Expires: Thu, 13 Oct 2022 07:22:25 GMT

GET 1e02a5c38043f7bbee37070f893f1f2b854055be797e2d3ce63f70d75767ea6e
/ 0
0

GET
H3 200 personal_check_card.png
www.jeffersonbank.com/sites/default/files/2021-05/ 126 KB
127 KB 588ms
567ms Image
image/png 2606:4700:3034::ac43:a982
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jeffersonbank.com/sites/default/files/2021-05/personal_check_card.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:a982 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9134360de522da2d96d4426fd678a89b001bc4b281958c6c7f8c6882311a80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-171ca43d653adf6771909249b616a907-04facc472be43a35-00
x-platform-processor: 7awfe4fr5pp3rxfjuro2kb4o3q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128927
x-platform-cache: MISS
last-modified: Tue, 11 May 2021 18:34:25 GMT
server: cloudflare
etag: "609ace31-1f79f"
vary: Accept-Encoding
x-platform-cluster: fv52rpr6447ka-master-7rqtwti
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIyQnX9ZziOhl2fJ%2FJY9Y%2F8yn%2F0rItT7RBXs8PVb0zBXCz4ziEV%2BBNv9A3IVTJVJdNogz2LKWZvQ533Y4eBzoSarpK2%2BxqvFjRGRFzk3o1zxC2wk7cQqCuVwmLh4w8Kq6obB3U4gn%2FaxMkUf2NQybh%2Fgl0Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 757d9ad58ceb90da-FRA
x-platform-router: 2wog7wcpaircw73qwtwjbpjlgi
expires: Mon, 10 Oct 2022 07:27:25 GMT

GET
H2 200 card-art-hdv-combo-stacked.png
static.foxdealer.com/global/2022/02/ 14 KB
15 KB 789ms
698ms Image
image/webp 2600:9000:206f:4400:14:1d4:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.foxdealer.com/global/2022/02/card-art-hdv-combo-stacked.png
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4400:14:1d4:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0b344a87c156711e4a9a6fb0e1cfdd41ee65a47bb5b954440c2865228cf5893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 13:16:36 GMT
server: AmazonS3
x-amz-request-id: YF9FRNSY6PPZ46H3
x-amz-cf-pop: FRA56-C1
etag: "096c42fcd62961409da9ec1a19216514"
vary: Origin
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 14570
x-amz-id-2: Yb3qgc7rA8XqU+T85NXpNSAMMiN6k35pKFaFXMgiw8ABrlN9QpHR0QyU6nWjxqsz8ev4pnvzl/Q=
x-amz-cf-id: _jyHeZpTNiyJwzb1HKU73482NklU5410Gm-psV9Dy4EKf37rvdIboQ==

GET
H/1.1 200
OK heritage-bank_nsw_logo_pf_colour.jpg
www.heritage.com.au/-/media/m/images/about/logos/ 5 KB
8 KB 2354ms
616ms Image
image/png 103.243.148.117
HERITAGEBANKLTD-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heritage.com.au/-/media/m/images/about/logos/heritage-bank_nsw_logo_pf_colour.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.243.148.117 , Australia, ASN133122 (HERITAGEBANKLTD-AS-AP Heritage Bank Ltd., AU),

Reverse DNS

Software

Resource Hash

d52c352d83034e052e15042d56ea94c3687322d34e6738f7ac699afc7827a6a3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=16070400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Security-Policy: default-src 'self' https://*.heritage.com.au; script-src 'self' http://10.110.25.158 http://10.120.25.132 http://10.110.25.132:15871 https://*.heritage.com.au https://connect.facebook.net https://siteintercept.qualtrics.com https://www.images-home.com https://googleads.g.doubleclick.net https://www.googleadservices.com https://s.ytimg.com https://*.siteintercept.qualtrics.com https://snap.licdn.com https://s.yimg.com https://bat.bing.com https://js.adsrvr.org https://connect.facebook.net https://vxml4.plavxml.com https://bs.serving-sys.com https://www.google-analytics.com https://vxml4.plavxml.com https://www.googletagmanager.com https://maps.googleapis.com https://*.widgetworks.com.au https://*.cloudfront.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://code.jquery.com; base-uri 'self'; connect-src 'self' https://s.yimg.com https://siteintercept.qualtrics.com https://*.doubleclick.net https://www.google-analytics.com https://bat.bing.com https://maps.googleapis.com https://apps.heritage.com.au https://apps.heritage.com.au https://*.heritage.com.au https://forms.heritage.com.au https://lib-ap-1.brilliantcollector.com; font-src 'self' https://fonts.gstatic.com https://*.heritage.com.au https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com; frame-src 'self' https://match.adsrvr.org https://insight.adsrvr.org https://*.doubleclick.net https://servedby.flashtalking.com https://www.qzzr.com/ https://www.googletagmanager.com/ https://*.widgetworks.com.au https://player.vimeo.com/ https://gpm.westernunion.com/ https://xjobs.brassring.com/ https://flickrembed.com https://heritagebank.au1.qualtrics.com https://www.youtube.com/ https://forms.heritage.com.au/ https://*.heritage.com.au https://player.vimeo.com; img-src 'self' https://103.243.148.117 https://10.120.25.152 https://www.google.com/pagead/1p-user-list/957642343/ https://www.google.com.au/pagead/1p-user-list/957642343/ https://www.google.com.au/* https://sp.analytics.yahoo.com https://vxml4.plavxml.com https://www.googletagmanager.com https://p.adsymptotic.com https://www.google.com/ads/* https://www.google.com.au/ads/* https://www.google.com.au/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.heritage.com.au https://sc-cm.hbs.net.au https://*.doubleclick.net https://bat.bing.com https://*.linkedin.com https://www.facebook.com https://www.google-analytics.com https://www.images-home.com https://*.heritage.com.au https://*.googleapis.com https://maps.gstatic.com data:; manifest-src 'self'; media-src 'self';
Referrer-Policy: same-origin
Date: Mon, 10 Oct 2022 07:22:27 GMT
Last-Modified: Thu, 05 May 2022 03:21:10 GMT
Content-Type: image/png
Cache-Control: private, max-age=604800,max-age=0, must-revalidate, proxy-revalidate
Content-Disposition: inline; filename="Heritage Bank_NSW_Logo_PF_Colour.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5353
Expires: Mon, 17 Oct 2022 07:22:27 GMT

GET
H2 200 credit-cards-in-leather-wallet-on-wooden-background-952866958-f3e6331237164219a93e4fd598038b35.jpg
www.investopedia.com/thmb/_9I57vNONnBLovjcX_xEWgGWLN4=/2121x1414/filters:fill(auto,1)/ 177 KB
178 KB 33ms
9ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investopedia.com/thmb/_9I57vNONnBLovjcX_xEWgGWLN4=/2121x1414/filters:fill(auto,1)/credit-cards-in-leather-wallet-on-wooden-background-952866958-f3e6331237164219a93e4fd598038b35.jpg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d30a64404b2359dd1f78071a349b7b483a37a6c36144e5001f4602f0c27dc414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-request-id: NK2PRKCDXEAR62B0
age: 463708
x-cache: MISS, HIT, HIT
content-length: 181340
x-amz-id-2: 9BB5HBFy1IkBzVqUsLZ2jxb57SJhYcL7wvxdODBupENMm+ij/ZYbSw9xFHN1eB6xpENNq4n2Kn8=
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kiad7000145-IAD, cache-hhn4083-HHN
last-modified: Mon, 22 Jul 2019 14:29:17 GMT
server: AmazonS3
x-timer: S1664922839.610671,VS0,VE118
etag: "d17be59646f302e3fc09e262da148cb4"
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/555/re.p"}]}
content-type: image/jpeg
cache-control: max-age=31536000,public,no-transform
accept-ranges: bytes
x-cache-hits: 0, 9, 1

GET 74f34bb5b8fde623db9c983747c4b085a76fe29f29299211084566f0bceaecf6
/ 0
0

GET
H2 200 person-holding-visa-card-800x450.jpg
usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/ 32 KB
32 KB 159ms
159ms Image
image/jpeg 172.64.152.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/person-holding-visa-card-800x450.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.64.152.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3a6924a7084b27cb0ba221f51507d6aae1df0ca9a503ccc570cd857b66dac9

Security Headers

Name	Value
Content-Security-Policy	self
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Mon, 10 Oct 2022 03:20:35 GMT
server: cloudflare
content-security-policy: self
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cf-ray: 757d9ad85d10994a-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK photo-uhcu-debit-card.jpg
www.uhcu.org/UHCU.Web/media/UHCU/Images/Photos/ 33 KB
33 KB 814ms
141ms Image
image/jpeg 12.154.216.136
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uhcu.org/UHCU.Web/media/UHCU/Images/Photos/photo-uhcu-debit-card.jpg?ext=.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

12.154.216.136 Austin, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3b0948b09cbde42ecc615fd4aeb51fd00ebe76bf82561dd8102c1430d58198b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000
Date: Mon, 10 Oct 2022 07:22:26 GMT
Last-Modified: Wed, 21 Sep 2022 13:20:33 GMT
Server: Microsoft-IIS/10.0
ETag: "1d8cdbced8624fb"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 33403

GET
H/1.1 200
OK debit-card-300x189.png
www.heritageibt.com/wp-content/uploads/2015/11/ 113 KB
113 KB 369ms
119ms Image
image/png 70.32.23.81
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.heritageibt.com/wp-content/uploads/2015/11/debit-card-300x189.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.32.23.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

mi3-ss58.a2hosting.com

Software

Apache /

Resource Hash

7458df9bb928335f317c16eb54b43471a9550f71c1d497df19cfb7e286ebe4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 07:22:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Nov 2015 20:24:31 GMT
Server: Apache
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500

GET
H2 200 UnsecuredVSsecured_small.png
www.oneunited.com/core/content/uploads/2017/03/ 178 KB
179 KB 362ms
187ms Image
image/png 2606:4700::6812:b34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oneunited.com/core/content/uploads/2017/03/UnsecuredVSsecured_small.png
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0731a03efb3c1f8b919ef44d7430dbd47be06995ba3b0d234af6df70ebc6f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 02 May 2017 15:02:43 GMT
server: cloudflare
cf-polished: origSize=211658, status=vary_header_present
etag: "33aca-54e8bd4e8cac0"
vary: User-Agent, Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 757d9ad9ffe3912b-FRA
content-length: 182750
expires: Fri, 14 Apr 2023 07:22:26 GMT

GET
H2 200 credit-card.jpg
www.heritagebankna.com/wp-content/uploads/2022/03/ 41 KB
41 KB 765ms
724ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heritagebankna.com/wp-content/uploads/2022/03/credit-card.jpg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720a58e829fd2e9e4dd63593cb91cc47de54f354273c22ca94a26198057f20d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Sep 2022 16:56:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "631235b1-a29d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyR2i1Nz1AtVThnN1FVWA6v1mr0glVX9UmtV3CX0LFmcPM8E5Lc0paQUGuZgo8kirDd3hX6oIS0bXHKEtjnzMHm823wMZ5%2FIz0pxbckVfDVRvGFwZACosYubUETyzwbmLNetZ62SLUUdjx3pl4WEQv05Fd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 757d9ada999068fe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41629

GET
H2 200 giftcard_hero4.ashx
www.capfed.com/-/media/images/capfedweb/hero-images/ 104 KB
104 KB 1374ms
742ms Image
image/jpeg 2620:1ec:40::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.capfed.com/-/media/images/capfedweb/hero-images/giftcard_hero4.ashx

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

560855a93b64cc4bea420da8e91624122d676c3a42c3127bd28ee9e5876d6bc9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none';
date: Mon, 10 Oct 2022 07:22:27 GMT
last-modified: Fri, 10 May 2019 21:19:38 GMT
server: Microsoft-IIS/10.0
x-azure-ref: 0MshDYwAAAABqjguNQxvcQpuW/1vnqBVZRlJBMjMxMDUwNDE3MDIxADE0ZGZlODFkLWVlYjgtNDY4MC1iZmZjLTU4ZTYzOTAxNWZhMw==
x-cache: PRIVATE_NOSTORE
content-type: image/jpeg
cache-control: private, max-age=604800
content-disposition: inline; filename="Giftcard_Hero4.jpg"
accept-ranges: bytes
content-length: 106105
request-context: appId=cid-v1:27254eb5-8f34-473e-b777-20d99e1df2a2

GET
H/1.1 200
OK main-card-visa-fiveback.png
mygift.giftcardmall.com/content/images/ 9 KB
11 KB 179ms
179ms Image
image/png 216.104.233.144
BHN-BGP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/main-card-visa-fiveback.png

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN396167 (BHN-BGP, US),

Reverse DNS

Software

Resource Hash

620dc71a1fafadff8d414b200555cf01cff9558bc7eb0f93106057bb188c65e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Mon, 10 Oct 2022 07:22:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Oct 2022 07:22:26 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ODFjOWRiYTYtMjE0ZC00MjkyLWEzOTgtYmU4MGQ5MmRmZGNj
Content-Length: 9416
X-XSS-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 07:22:26 GMT

GET
H2 200 Gift-Card.jpg
i.colnect.net/f/4160/705/ 16 KB
16 KB 136ms
22ms Image
image/jpeg 162.55.91.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.colnect.net/f/4160/705/Gift-Card.jpg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.91.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ects
Software: nginx /
Resource Hash: 5713e327dd330afd04b47c24c6d10e6a455a24a0361c135c490d9cb106fdd03a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 07:22:26 GMT
last-modified: Fri, 30 Jun 2017 05:08:11 GMT
server: nginx
etag: "5955dcbb-3f92"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 16274
expires: Tue, 10 Oct 2023 07:22:26 GMT

GET
H/1.1 200 1_login_media_01.jpg
www.vanillabalance.com/cholder/brands/incomm/ 108 KB
109 KB 1966ms
161ms Image
image/jpeg 199.96.219.162
I2C-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vanillabalance.com/cholder/brands/incomm/1_login_media_01.jpg?random=438.0

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

199.96.219.162 , United States, ASN16501 (I2C-ASN, US),

Reverse DNS

Software

Resource Hash

e43c5e8de2cfeecaf95a13822d656db99527784875591c8773a061966c086ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 07:22:27 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Last-Modified: Sun, 11 Sep 2022 06:28:11 GMT
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 110731
X-XSS-Protection: 1; mode=block

GET
H2 200 debit-cards-300x205.jpg
www.heritagebankna.com/wp-content/uploads/2022/03/ 12 KB
13 KB 610ms
609ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heritagebankna.com/wp-content/uploads/2022/03/debit-cards-300x205.jpg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cba6e56f3045f1c032829c9e6798196fe4e9b6b9bcca66278297862dde6c246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Sep 2022 16:56:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "631235b1-3189"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t36nk%2FVDBAC0PfZ5ZmT26VjaKHke%2FL6kgEXJpVvOqG1KzWwLMOu2N66Tg3I3EXyBUn%2FwTYi6q9sI7yGYuCIyD%2FQbby62BuIEqMt9BSiNMf3lCkMWY4vZ8BBlyMCpkRq1oCy4%2BCEetDcIfJGYSi%2Be5oC1w38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 757d9adb7b0368fe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12681

GET
H2 200 58a1d6bf8ca8d7f86f97bf38_app-icon.jpg
assets.website-files.com/57ffbd7a6422e951589f5f5d/ 7 KB
8 KB 473ms
473ms Image
image/jpeg 2600:9000:2057:6800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/57ffbd7a6422e951589f5f5d/58a1d6bf8ca8d7f86f97bf38_app-icon.jpg
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a403f2dc58dbc0b0ac536ad4b0bd5bc1d8fe50af3c448bd00ddc280bc8e7cdd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
x-amz-version-id: ZVv8udz6EjHOJcrcrtndtvtozs8lWuHG
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2017 15:54:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "c26e5d699354748c5fef8000ed93f107"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 7462
x-amz-cf-id: StnmpOTDNEvSP2b9IW1OTxj_ucDvrWfdWcZ4sslDCsbrL-unxo47dg==

GET
H2 200 person-using-laptop-and-holding-visa-card-800x450.jpg
usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/ 72 KB
73 KB 155ms
155ms Image
image/jpeg 172.64.152.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usa.visa.com/dam/VCOM/regional/na/us/support-legal/images/person-using-laptop-and-holding-visa-card-800x450.jpg

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

172.64.152.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c35eb4f6b9cfe7a7e4a046d9a3935d34ee9fe5861ef5a6dace531e51196c3d

Security Headers

Name	Value
Content-Security-Policy	self
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
cf-cache-status: BYPASS
last-modified: Mon, 10 Oct 2022 03:22:09 GMT
server: cloudflare
content-security-policy: self
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cf-ray: 757d9adb7adb994a-FRA
x-xss-protection: 1; mode=block

GET
H2 200 IMG_2320-scaled.jpg
i2.wp.com/milesperday.com/wp-content/uploads/2020/10/ 45 KB
45 KB 36ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/milesperday.com/wp-content/uploads/2020/10/IMG_2320-scaled.jpg?fit=640%2C853&ssl=1

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b7b70cdbf932b0ded114b070da37edbd5c45e402eaa2228776941926b8ab1565

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 10 Oct 2022 07:22:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Oct 2022 23:24:27 GMT
server: nginx
etag: "34707a911679d3cd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://milesperday.com/wp-content/uploads/2020/10/IMG_2320-scaled.jpg>; rel="canonical"
content-length: 45942
expires: Sat, 05 Oct 2024 11:24:27 GMT

GET
H2 200 heritage-bank.png
www.doctorofcredit.com/wp-content/uploads/2018/04/ 6 KB
6 KB 507ms
464ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doctorofcredit.com/wp-content/uploads/2018/04/heritage-bank.png
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10035bd39af4f26f37da9d3b6c3dc43b3dcb22adf605585197a855af4b2f744e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Apr 2018 04:21:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ae0023b-16c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Z0xlCwLYCwJr%2B%2FLs2O3xLOMWcEjjrI6s5AMVoEGdFmMzEW8H2wKSffmEIGDpLhUfVfjmNI6yvpZRG9IA47R4DkS1b30vh%2BsfZTtNx3HqBmzJu%2Brxomc0Fo7Sk0I8E9e5jPDBARIHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 757d9adc1c22916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5826

GET
H2 403 check-balance-holiday.png
gccdn.giftcards.com/promo/ 0
180 B 82ms
6ms Image
text/plain 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gccdn.giftcards.com/promo/check-balance-holiday.png
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 10 Oct 2022 07:22:26 GMT
via: 1.1 varnish
server: Varnish
x-fastly-service: PROD - PIT
x-timer: S1665386547.618334,VS0,VE0
x-cache: MISS
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4043-HHN

GET
H2 200 Frauded.png
www.milenomics.com/wp-content/uploads/2014/06/ 187 KB
187 KB 695ms
164ms Image
image/png 198.187.29.14
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.milenomics.com/wp-content/uploads/2014/06/Frauded.png
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.187.29.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium71-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 7ea678edbf87bdd5026251d5e99e008545b90dcff2cf3f02e90a977e15c67ee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
last-modified: Sun, 11 Aug 2019 18:11:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 191245
expires: Mon, 17 Oct 2022 07:22:27 GMT

GET
H2 200 3469866930-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
7 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 08:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6573
x-xss-protection: 0
last-modified: Sat, 08 Oct 2022 11:51:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 09 Oct 2023 08:08:05 GMT

GET
H3 200 ANbyha04HQogDX-5eOnKiQeqVGt3yWhfzveGBEsruEj3D-o3u75XW2ZcGQ35ygxhU8_qXYUbDAhlGTIuc7iTN8OqZqm4lo4hrKP6wJ8uKIo2SruTEfx-EjtXZywxjq5lbIdOEhks_km7AmGr=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 941ms
857ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha04HQogDX-5eOnKiQeqVGt3yWhfzveGBEsruEj3D-o3u75XW2ZcGQ35ygxhU8_qXYUbDAhlGTIuc7iTN8OqZqm4lo4hrKP6wJ8uKIo2SruTEfx-EjtXZywxjq5lbIdOEhks_km7AmGr=w72-h72-p-k-no-nu

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b58cf3a2d5782fab6cd36722bb759b3fb9d5b86a34c719d00067fdf8fdc17e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3436
x-xss-protection: 0
expires: Tue, 11 Oct 2022 07:22:27 GMT

GET
H3 200 ANbyha3plgKij3NCiJB64pKJytI5lJ92InIl032X8YJa9228Il5OBuR_O9-tu-uWdSiM8x5JEnTxmHSxuu-wEHFSWzmrsuFv1IB_xjLRv-FmWV8XvgVUttGWn8WS0xfjJHiuTE4AY_b62fxwqJhnHXS1BpEl5iUI-VUtADgC-9MQjocdNBBRsi78P7FZIQ227nuHE...
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
2 KB 2797ms
2712ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3plgKij3NCiJB64pKJytI5lJ92InIl032X8YJa9228Il5OBuR_O9-tu-uWdSiM8x5JEnTxmHSxuu-wEHFSWzmrsuFv1IB_xjLRv-FmWV8XvgVUttGWn8WS0xfjJHiuTE4AY_b62fxwqJhnHXS1BpEl5iUI-VUtADgC-9MQjocdNBBRsi78P7FZIQ227nuHEovi5MpDh3EY7xU5u2Rqcxc3jpkDkCUF1v4HJtSdwJYdQxzHW9maRmAp=w72-h72-p-k-no-nu

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7969c334bf3e3f3055f97a1ec5685f97fb366ba1452ba0c3bedaa1d794a40614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 07:22:29 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1944
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ANbyha1juCATc_AtJCR-lzD_GbsrOe-5Ehy6RbME1Mtc_F0YYvLvByN-GL0jVLP27xid1AJ5KfK0dVNAtG0KKvNDVu7NArf52kAP4c-I0pQKb0gR-nKiHBQEC3liPB6zuzVRu0ofv8ItOPsng6npEPWC8WyA8VckO2yA_vmhd3AMnNs=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 1 KB
1 KB 620ms
536ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1juCATc_AtJCR-lzD_GbsrOe-5Ehy6RbME1Mtc_F0YYvLvByN-GL0jVLP27xid1AJ5KfK0dVNAtG0KKvNDVu7NArf52kAP4c-I0pQKb0gR-nKiHBQEC3liPB6zuzVRu0ofv8ItOPsng6npEPWC8WyA8VckO2yA_vmhd3AMnNs=w72-h72-p-k-no-nu

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e82ebb0a2c6c0025cc416bfea6406108f792e0fccbaa3ef934569410be2abb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 07:22:26 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1171
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ANbyha1di-scWv8nxIaf-AFTPoOHtHriuAMTA7E_I-7bBqv26Hf_wXwFN55YatUFUB5hTVfvE-ZUHfwl-Y4EEpEpgHPKySwFB0LOc_OextU0WunB56ldp_9Km-d1uku2YvWlZJ8us_gejS3w1t1yXhBlI_El98nJ01OHiLKvvhj0Xngagl_1=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 4 KB
4 KB 850ms
766ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1di-scWv8nxIaf-AFTPoOHtHriuAMTA7E_I-7bBqv26Hf_wXwFN55YatUFUB5hTVfvE-ZUHfwl-Y4EEpEpgHPKySwFB0LOc_OextU0WunB56ldp_9Km-d1uku2YvWlZJ8us_gejS3w1t1yXhBlI_El98nJ01OHiLKvvhj0Xngagl_1=w72-h72-p-k-no-nu

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5f66b3c6b0774955b234dd754f973de22780c5d94eb27b4384823ce6c65ff3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4250
x-xss-protection: 0
expires: Tue, 11 Oct 2022 07:22:27 GMT

GET
H3 404 ANbyha1wxSjSJiHO9wRQS-ps5_gjUpupNix8xgXL-npTYYZjs043QgEIm3IVDtrdhVKkmhZOyzkkaO8_sd6QEenydjWJGca3eMSKTN_9iMwm3z4AUn9i8TwgqLkEwMSMqExNUrcfcz-VSQm9CjLGmC9p-PAf7XG5PnDPmVs=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 186ms
102ms Image
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1wxSjSJiHO9wRQS-ps5_gjUpupNix8xgXL-npTYYZjs043QgEIm3IVDtrdhVKkmhZOyzkkaO8_sd6QEenydjWJGca3eMSKTN_9iMwm3z4AUn9i8TwgqLkEwMSMqExNUrcfcz-VSQm9CjLGmC9p-PAf7XG5PnDPmVs=w72-h72-p-k-no-nu
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 ANbyha3Z9aXEJQwZUDevixSwnYxJ8LltwGQV78cvVDR7DkOL0g3YJS67J0-loJs0oQDh8rApZbuqeYsjE1aaUbEBoy2PX4KTRgdDvUjnKEaE8PTdt-4QNCu_tR-S4bVhnDT-9T7i0L4TXuPTU92tvzosJZk9qvhkSGOVz2h5s0F23tbxoHyfwXiiNLkdwg=w72-h7...
lh3.googleusercontent.com/blogger_img_proxy/ 4 KB
4 KB 345ms
261ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Z9aXEJQwZUDevixSwnYxJ8LltwGQV78cvVDR7DkOL0g3YJS67J0-loJs0oQDh8rApZbuqeYsjE1aaUbEBoy2PX4KTRgdDvUjnKEaE8PTdt-4QNCu_tR-S4bVhnDT-9T7i0L4TXuPTU92tvzosJZk9qvhkSGOVz2h5s0F23tbxoHyfwXiiNLkdwg=w72-h72-p-k-no-nu

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ab729090006b48eb7bbb4bb7f16aa13c52c093eb016e0af4b74787f9480d055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4565
x-xss-protection: 0
expires: Tue, 11 Oct 2022 07:22:26 GMT

GET
H3 200 ANbyha0S_tUvT33Dx9Hf3rXSylefzwzRFmGE6TKJn2cYqsL37eFKducEyA2Cgn79WAd1ib7WBu4Y_1RgrrYDa02bLgP6T_wu8uXFaOzqjzktbmAlQva0SvunQIfiUv8uzBfz5VDr9wt5EeVcYJfJwWOYM0pqghh71nr0fq7ScdMvt-E-alZRslm_MXGWLgTKid_01...
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
2 KB 227ms
143ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0S_tUvT33Dx9Hf3rXSylefzwzRFmGE6TKJn2cYqsL37eFKducEyA2Cgn79WAd1ib7WBu4Y_1RgrrYDa02bLgP6T_wu8uXFaOzqjzktbmAlQva0SvunQIfiUv8uzBfz5VDr9wt5EeVcYJfJwWOYM0pqghh71nr0fq7ScdMvt-E-alZRslm_MXGWLgTKid_01AxUvQ6QfO0wsKj0-h_2rc-f1KvQaL4GFQ=w72-h72-p-k-no-nu

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d083492d1ad632fe1f48c92aa1b91aabce5cd0c1ca8cb5eaffee3f65ce01de56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2128
x-xss-protection: 0
expires: Tue, 11 Oct 2022 07:22:26 GMT

GET
H/1.1 403
Forbidden 753800b177cbe309a1ea105a9a211bea.js
resentproduces.com/75/38/00/ 0
0 1328ms
99ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resentproduces.com/75/38/00/753800b177cbe309a1ea105a9a211bea.js
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 07:22:25 GMT
Server: nginx/1.22.0
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 32ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
Origin: https://lespoutinesdijonnaises.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6429149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6JOqdd%2FaTzfqNlRU0ne5P1MPkYRUxfaMELBgwg7spvzWPnimIrrnOvYKSr%2BgO4z%2F5Ypb9H2X%2Fm2hsk%2Fa4cjohUotL%2FTauOAhlgWcQOl%2BJO2I5Sf%2FgI%2BO0sNMUPNfL40J5a2vNmRaTlXP1meCI4SZqbl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 757d9ad06dc4907c-FRA
expires: Sat, 30 Sep 2023 07:22:24 GMT

GET
H2 200 cookienotice.js Show response
lespoutinesdijonnaises.blogspot.com/js/ 6 KB
2 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lespoutinesdijonnaises.blogspot.com/js/cookienotice.js

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 07:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 05:50:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 16 Oct 2022 07:25:47 GMT

GET
H3 200 829820975-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/829820975-widgets.js

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94e65cc0ca8c2eba63ae6d128531fc243059b4dc418e7c7ced6d3762f4f0c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 00:03:07 GMT
x-content-type-options: nosniff
age: 26357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157463
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 02:19:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 10 Oct 2023 00:03:07 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 174 KB
57 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add234a8ee5c3c447c5dcacfdeaef551fe25d43e73c29f749b94c05982dc3626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 12:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58003
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 12:40:15 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
574 B 117ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 14:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Oct 2022 14:29:30 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 150ms
135ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1073130669881468221&zx=c72447fc-97e1-4244-a5fa-abe6f61b4535

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Mon, 10 Oct 2022 07:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 07:22:24 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 40CC 7 KB
3 KB 530ms
529ms Document
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=1073130669881468221&blogName=Trendy+Gift+Card&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://lespoutinesdijonnaises.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://lespoutinesdijonnaises.blogspot.com/&targetPostID=3208715195219386844&blogPostOrPageUrl=https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html&vt=-5367029938694679549&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b973d5161943632f95da64cfa022952ebaa98d9293caa27034a72f83f62acb35

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2692
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Mon, 10 Oct 2022 07:22:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1073130669881468221 Show response
www.blogger.com/comment/frame/ Frame 074D 72 KB
18 KB 112ms
111ms Document
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/1073130669881468221?po=3208715195219386844&hl=en&skin=contempo&blogspotRpcToken=5800619

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6103fa19cb897141059356e11161f88e5d7a667371a5b18a6df3102329a43e0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-286MEBXJWuVwcPf32VW-iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-286MEBXJWuVwcPf32VW-iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 10 Oct 2022 07:22:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H/1.1 403
Forbidden invoke.js
resentproduces.com/365d5ac5cd4e9ff093a5907e9ad650e2/ 0
0 500ms
100ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resentproduces.com/365d5ac5cd4e9ff093a5907e9ad650e2/invoke.js
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 10 Oct 2022 07:22:25 GMT
Server: nginx/1.22.0
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 40CC 52 KB
20 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1073130669881468221&blogName=Trendy+Gift+Card&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://lespoutinesdijonnaises.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://lespoutinesdijonnaises.blogspot.com/&targetPostID=3208715195219386844&blogPostOrPageUrl=https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html&vt=-5367029938694679549&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

028afb4a5d6a68c0d13eaf91ec9e9e5d103b8be40aedac868798d472d375aa96

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 07:22:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "31f52d39e8c831aa"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Oct 2022 07:22:25 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame 40CC 128 KB
42 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 00:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42575
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 00:16:50 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 074D 0
27 B 60ms
60ms Other
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JAI-ec0VGlccdxoVZiESyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment/frame/1073130669881468221?po=3208715195219386844&hl=en&skin=contempo&blogspotRpcToken=5800619
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-JAI-ec0VGlccdxoVZiESyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/am=ygEgEA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3a908SWb-YjgLhVKi9cqzv3J2epQ/ Frame 074D 176 KB
62 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/am=ygEgEA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3a908SWb-YjgLhVKi9cqzv3J2epQ/m=_b,_tp,_r

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/1073130669881468221?po=3208715195219386844&hl=en&skin=contempo&blogspotRpcToken=5800619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78dbb964bd11b67ba58f5199d9abc06b3303a7a6dc86bfbc3d8a01c53a3e8a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 08:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63423
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 06:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 08:11:14 GMT

GET
H3 200 m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformif... Frame 074D 279 KB
99 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP2KkSDUx5WqIOr8SIgxsfWCr0kNuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/am=ygEgEA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP3a908SWb-YjgLhVKi9cqzv3J2epQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0faf931fe4a7d3821e05eded72e4ab622693b6c3a5c67bc1bb392493be02a6f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 08:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101282
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:09:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 08:11:14 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRi... Frame 074D 6 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP2KkSDUx5WqIOr8SIgxsfWCr0kNuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cc9baf7f3a1e57c6a635c1fe2bfb6b698abd58fb7a1e81ccf170d8745ccaa80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 08:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2807
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:09:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 08:11:14 GMT

GET
H3 200 m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpb... Frame 074D 72 KB
25 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP2KkSDUx5WqIOr8SIgxsfWCr0kNuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6436d3d4d09643cf39feb6504c885ff1f20f3d4f0589e5a12d1447b802850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 08:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25402
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:09:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 08:11:21 GMT

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... Frame 074D 1 KB
701 B 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WhJNk,Wt6vjf,WzT7ae,XVMNvd,XvDhNc,YwHGTd,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,hhhU8,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP2KkSDUx5WqIOr8SIgxsfWCr0kNuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a2ff2da59e58795e8739d06365210003de688da4af55bb80557c34ffd7baca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 08:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 675
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:09:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 08:11:22 GMT

POST
H2 200 log Show response
www.google.com/ Frame 074D 131 B
441 B 135ms
49ms XHR
text/plain 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.blogger.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Oct 2022 07:22:25 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 074D 1 KB
1 KB 126ms
48ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.sDlzacJ2I2E.es5.O/ck=boq-blogger.BloggerCommentUi.gPPg61lnas8.L.B1.O/am=ygEgEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP2KkSDUx5WqIOr8SIgxsfWCr0kNuA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,I6YDgd,xQtZb,MdUzUe,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,zbML3c,yDVVkb,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,ZDqTJc,eD1YLc,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e408f2c36df6b688560d92dbfc263ff00561ca0d339cc9484ab35ebdabb768a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 07:22:25 GMT

GET
H/1.1 403
Forbidden invoke.js
resentproduces.com/edd748cb9b42467680df52aa8ab2d846/ 0
0 94ms
93ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resentproduces.com/edd748cb9b42467680df52aa8ab2d846/invoke.js
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 10 Oct 2022 07:22:26 GMT
Server: nginx/1.22.0
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 074D 396 KB
158 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 16:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 16:57:18 GMT

GET
H/1.1 403
Forbidden invoke.js
resentproduces.com/63a77c42756762736b0155173bf1a66d/ 0
0 93ms
93ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resentproduces.com/63a77c42756762736b0155173bf1a66d/invoke.js
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 10 Oct 2022 07:22:26 GMT
Server: nginx/1.22.0
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
resentproduces.com/b3cbedc3153259c38733a80008471667/ 0
0 93ms
93ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resentproduces.com/b3cbedc3153259c38733a80008471667/invoke.js
Requested by: Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 10 Oct 2022 07:22:26 GMT
Server: nginx/1.22.0
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E7CF 42 KB
22 KB 134ms
56ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4qwh9wayh6b6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d13ee0bb11480a564b44e1be80e56cf04c33dd7e91d93fd16122005ca6917c61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uLhl-VMkGEJI87_9cue1Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22156
content-security-policy: script-src 'report-sample' 'nonce-uLhl-VMkGEJI87_9cue1Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 07:22:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 how%20do%20i%20find%20the%20balance%20of%20my%20visa%20gift%20card Show response
lespoutinesdijonnaises.blogspot.com/feeds/posts/summary/-/ 96 KB
17 KB 831ms
831ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lespoutinesdijonnaises.blogspot.com/feeds/posts/summary/-/how%20do%20i%20find%20the%20balance%20of%20my%20visa%20gift%20card?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

4ed87b4006b28a72fcedaf3f6e67bbe36814feb6fefeaaf6cc3680f098c122ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 06:52:35 GMT
server: blogger-renderd
etag: W/"7e8ba03a38a2c4ec8201e56a2b965721cfb56f7d77809469a9eac794f4796189"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17308
x-xss-protection: 0
expires: Mon, 10 Oct 2022 07:22:27 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v6/ 8 KB
8 KB 128ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lespoutinesdijonnaises.blogspot.com/
Origin: https://lespoutinesdijonnaises.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:10:12 GMT
x-content-type-options: nosniff
age: 461534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
last-modified: Tue, 19 Feb 2019 22:26:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 23:10:12 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 33 KB
12 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78eb84a7140e40c0b5ae9f063788ba1d97c5f14b4217626ceeffa2c410281372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 09:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12091
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 09:16:06 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 93 KB
33 KB 224ms
145ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29dc4b2460b45c0b49264a7f2181b530fa5dc427ed8de3f23ec05a49b025712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 06:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33911
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 23:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Oct 2022 07:26:19 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame E7CF 52 KB
24 KB 80ms
39ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4qwh9wayh6b6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 06:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 06:32:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame E7CF 396 KB
158 KB 78ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 16:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Oct 2023 16:57:18 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E7CF 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 301337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 13 Oct 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7CF 15 KB
15 KB 123ms
44ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 504261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7CF 15 KB
15 KB 118ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 476558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E7CF 102 B
134 B 50ms
50ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=4qwh9wayh6b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 10 Oct 2022 07:22:26 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 7950 0
27 B 59ms
59ms Other
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-JWcNFQAeArzGAXOSF_EzOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 10 Oct 2022 07:22:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-JWcNFQAeArzGAXOSF_EzOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 how%20do%20i%20find%20the%20balance%20of%20my%20visa%20gift%20card Show response
lespoutinesdijonnaises.blogspot.com/feeds/posts/summary/-/ 98 KB
18 KB 342ms
341ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: lespoutinesdijonnaises.blogspot.com
URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

d7a816d7850e4659a3815fb22247eecdb1b5840b3c3c7d0e926f96401edb856b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Oct 2022 06:52:35 GMT
server: blogger-renderd
etag: W/"a881ff6751bb178e373f1e3399369c16eab68a780b73e29cff33a4a15123b7e7"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17977
x-xss-protection: 0
expires: Mon, 10 Oct 2022 07:22:28 GMT

GET
H3 200 3523451998-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3523451998-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/829820975-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6523
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 12:21:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 06 Oct 2023 23:21:09 GMT

GET
H3 200 3582835653-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 368 KB
368 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3582835653-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/829820975-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47ec9fab4919b059f880bf9365fb15c46f46654a8f2b3c685cd7bad71012fb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lespoutinesdijonnaises.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:41:36 GMT
x-content-type-options: nosniff
age: 247253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376561
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 00:52:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 07 Oct 2023 10:41:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: x-raw-image:///1e02a5c38043f7bbee37070f893f1f2b854055be797e2d3ce63f70d75767ea6e

Domain
URL: x-raw-image:///74f34bb5b8fde623db9c983747c4b085a76fe29f29299211084566f0bceaecf6

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.usa.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: 4f45568a00ae79cc042e8f92d1f6a9f5c23e5952-1665386544

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: x-raw-image:///1e02a5c38043f7bbee37070f893f1f2b854055be797e2d3ce63f70d75767ea6e Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: x-raw-image:///74f34bb5b8fde623db9c983747c4b085a76fe29f29299211084566f0bceaecf6 Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3056) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/365d5ac5cd4e9ff093a5907e9ad650e2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3056) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/365d5ac5cd4e9ff093a5907e9ad650e2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://resentproduces.com/365d5ac5cd4e9ff093a5907e9ad650e2/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3071) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/edd748cb9b42467680df52aa8ab2d846/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3071) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/edd748cb9b42467680df52aa8ab2d846/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://resentproduces.com/a5800523af366955663150612e17dd41/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://resentproduces.com/75/38/00/753800b177cbe309a1ea105a9a211bea.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://resentproduces.com/edd748cb9b42467680df52aa8ab2d846/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3091) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/63a77c42756762736b0155173bf1a66d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3091) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/63a77c42756762736b0155173bf1a66d/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://resentproduces.com/63a77c42756762736b0155173bf1a66d/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3114) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/b3cbedc3153259c38733a80008471667/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lespoutinesdijonnaises.blogspot.com/2022/10/41-heritage-bank-visa-gift-card-balance.html(Line 3114) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://resentproduces.com/b3cbedc3153259c38733a80008471667/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://resentproduces.com/b3cbedc3153259c38733a80008471667/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1wxSjSJiHO9wRQS-ps5_gjUpupNix8xgXL-npTYYZjs043QgEIm3IVDtrdhVKkmhZOyzkkaO8_sd6QEenydjWJGca3eMSKTN_9iMwm3z4AUn9i8TwgqLkEwMSMqExNUrcfcz-VSQm9CjLGmC9p-PAf7XG5PnDPmVs=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gccdn.giftcards.com/promo/check-balance-holiday.png Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


173c3904f92a94b2216e-89dfc7b5924a3944d10ad3f86609d850.ssl.cf2.rackcdn.com
390109.smushcdn.com
apis.google.com
assets.website-files.com
bindb.com
cdnjs.cloudflare.com
fonts.gstatic.com
gccdn.giftcards.com
heritages.com
i.colnect.net
i2.wp.com
lespoutinesdijonnaises.blogspot.com
lh3.googleusercontent.com
marketingcdn.giftcardgranny.com
mygift.giftcardmall.com
pagead2.googlesyndication.com
play-lh.googleusercontent.com
res.cloudinary.com
resentproduces.com
static.foxdealer.com
usa.visa.com
www.bindb.com
www.blogger.com
www.capfed.com
www.doctorofcredit.com
www.google.com
www.gstatic.com
www.h-dvisa.com
www.heritage.com.au
www.heritagebankna.com
www.heritageibt.com
www.investopedia.com
www.jeffersonbank.com
www.milenomics.com
www.oneunited.com
www.uhcu.org
www.usbank.com
www.vanillabalance.com
www.wikihow.com

103.243.148.117
12.154.216.136
141.193.213.11
151.101.192.138
151.101.2.137
151.101.66.137
151.139.242.8
162.55.91.210
170.135.104.176
172.64.152.181
192.0.77.2
192.243.61.227
198.187.29.14
199.96.219.162
216.104.233.144
23.203.70.81
23.35.236.144
2600:9000:2057:6800:11:3b84:d200:93a1
2600:9000:206f:4400:14:1d4:95c0:93a1
2606:4700:10::ac43:1435
2606:4700:3034::ac43:a982
2606:4700::6811:180e
2606:4700::6812:b34
2620:1ec:40::60
2a00:1450:4001:801::200e
2a00:1450:4001:802::2009
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2016
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2003
2a04:4e42:200::393
2a06:98c1:3120::3
34.86.75.53
64.227.20.134
70.32.23.81
00b26200604c754da3b622ea56b8b881370f5404de6b8bccff35c645e474a3a4
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
028afb4a5d6a68c0d13eaf91ec9e9e5d103b8be40aedac868798d472d375aa96
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0cc9baf7f3a1e57c6a635c1fe2bfb6b698abd58fb7a1e81ccf170d8745ccaa80
0faf931fe4a7d3821e05eded72e4ab622693b6c3a5c67bc1bb392493be02a6f6
10035bd39af4f26f37da9d3b6c3dc43b3dcb22adf605585197a855af4b2f744e
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
12c35eb4f6b9cfe7a7e4a046d9a3935d34ee9fe5861ef5a6dace531e51196c3d
14052c090ec2b7b88b023045fec1df1f511ba5d9436cc8cb85cd6c73bbce3250
1a1cf6512abc9d8f1e59907c9e9449061bcdd2b9897da041fe0f8f0ef13107b6
1a2e42446f773dc231643225cd7b55720ee56e429456274c2740c8eac3a95fee
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2517f2f4a19d61f890f6ceca117953dcb151b3d6b2d6ed388e0df235b857a3db
28a2ff2da59e58795e8739d06365210003de688da4af55bb80557c34ffd7baca
2a1b182575a97818903caf7858784858599743b800864af64599b36fe9011881
2ab729090006b48eb7bbb4bb7f16aa13c52c093eb016e0af4b74787f9480d055
2d8453f590e73c852cd7c4c58963f0aa6b76fdc60cc2cd12367785cc41e39ebc
3496aff7203a26b49d8257f10df3eebc58146373249d3af4f531cd31e51805ef
3b0948b09cbde42ecc615fd4aeb51fd00ebe76bf82561dd8102c1430d58198b1
3cf0d91e06747f48d5bdcd6ed1629c92689aad39d0b54c3e6323796782bd6cd4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e82ebb0a2c6c0025cc416bfea6406108f792e0fccbaa3ef934569410be2abb7
47ec9fab4919b059f880bf9365fb15c46f46654a8f2b3c685cd7bad71012fb07
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ed87b4006b28a72fcedaf3f6e67bbe36814feb6fefeaaf6cc3680f098c122ea
4fe4a859e115ae3b60fa8dfcb8979fb79fb8a5ed0abb4b4261dde3756362823f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51a6436d3d4d09643cf39feb6504c885ff1f20f3d4f0589e5a12d1447b802850
560855a93b64cc4bea420da8e91624122d676c3a42c3127bd28ee9e5876d6bc9
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5713e327dd330afd04b47c24c6d10e6a455a24a0361c135c490d9cb106fdd03a
592c95a3eee58e8c64028d5655cf5aafb4ec0f4a4c2e72adadcda595b3695d67
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f66b3c6b0774955b234dd754f973de22780c5d94eb27b4384823ce6c65ff3af
6103fa19cb897141059356e11161f88e5d7a667371a5b18a6df3102329a43e0a
620dc71a1fafadff8d414b200555cf01cff9558bc7eb0f93106057bb188c65e8
6638b7f70e134e681f8a8fa6ece6341001dcf4f16b68d7461589e217c23838c1
720a58e829fd2e9e4dd63593cb91cc47de54f354273c22ca94a26198057f20d9
7458df9bb928335f317c16eb54b43471a9550f71c1d497df19cfb7e286ebe4af
7698cc6f96d747ba69d0944108a446e24f684f03e8ca517224d66fc4a549a1a4
78dbb964bd11b67ba58f5199d9abc06b3303a7a6dc86bfbc3d8a01c53a3e8a27
78eb84a7140e40c0b5ae9f063788ba1d97c5f14b4217626ceeffa2c410281372
7969c334bf3e3f3055f97a1ec5685f97fb366ba1452ba0c3bedaa1d794a40614
7ea678edbf87bdd5026251d5e99e008545b90dcff2cf3f02e90a977e15c67ee1
807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad
8085c44a84a05e82b45b3cb9eb2ee4ab39c3ef4ced43775bd8dd6776a3a9d7fd
97c9a5a5ae4f7927156bfe769f1819d7dc73bb99eb576aa21ccabe69c9483f44
9cba6e56f3045f1c032829c9e6798196fe4e9b6b9bcca66278297862dde6c246
a403f2dc58dbc0b0ac536ad4b0bd5bc1d8fe50af3c448bd00ddc280bc8e7cdd2
add234a8ee5c3c447c5dcacfdeaef551fe25d43e73c29f749b94c05982dc3626
b58cf3a2d5782fab6cd36722bb759b3fb9d5b86a34c719d00067fdf8fdc17e9d
b75900f5f6485c09d0192766ed53a6bd3dc99309409d93bd9c2adeb36d84c973
b7b70cdbf932b0ded114b070da37edbd5c45e402eaa2228776941926b8ab1565
b9134360de522da2d96d4426fd678a89b001bc4b281958c6c7f8c6882311a80e
b973d5161943632f95da64cfa022952ebaa98d9293caa27034a72f83f62acb35
bb431fa332fedab8b470741507d474f551b97ec71d18acacccdcc7daca22a173
bb558a32eb8feb20a436f844c7613ac09e70f158df3bfae918e1e5cca67974cf
bc71f7b82ecdc4ce24894490baf8dda06462883829e5ca68cfd6527b88784fba
c07d4dea6f1d84a29547dff5d96eaa8882607df8d1d9fc49ae23326b1553ea16
c0b344a87c156711e4a9a6fb0e1cfdd41ee65a47bb5b954440c2865228cf5893
c29dc4b2460b45c0b49264a7f2181b530fa5dc427ed8de3f23ec05a49b025712
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c4f6fd43d4721c7937d57fd2f206dbdcf89e08ca780a556b81584f49de73674f
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce3a6924a7084b27cb0ba221f51507d6aae1df0ca9a503ccc570cd857b66dac9
cfc6a576af1876d3707917e7cce1931e46043877632980cccf60b5e6bcca342d
d083492d1ad632fe1f48c92aa1b91aabce5cd0c1ca8cb5eaffee3f65ce01de56
d13ee0bb11480a564b44e1be80e56cf04c33dd7e91d93fd16122005ca6917c61
d30a64404b2359dd1f78071a349b7b483a37a6c36144e5001f4602f0c27dc414
d52c352d83034e052e15042d56ea94c3687322d34e6738f7ac699afc7827a6a3
d7a816d7850e4659a3815fb22247eecdb1b5840b3c3c7d0e926f96401edb856b
db0731a03efb3c1f8b919ef44d7430dbd47be06995ba3b0d234af6df70ebc6f2
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e408f2c36df6b688560d92dbfc263ff00561ca0d339cc9484ab35ebdabb768a1
e43c5e8de2cfeecaf95a13822d656db99527784875591c8773a061966c086ded
e94e65cc0ca8c2eba63ae6d128531fc243059b4dc418e7c7ced6d3762f4f0c56
ee6591337bdeed93a96ea88949be5240317285a0ff5be7d1340aedf549a8a548
f75921f4ec3320ed5cf751eac61fa335b896b5ab71ee311bbdcc171fbf0b6083
f98e4ee4dc814a2a8b95306d0a5ee5298b83aa2a2b29eaac1abd262645b62424

lespoutinesdijonnaises.blogspot.com Open in urlscan Pro 2a00:1450:4001:827::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

97 %HTTPS

47 %IPv6

36 Domains

40 Subdomains

39 IPs

3 Countries

5059 kBTransfer

7061 kBSize

1 Cookies

51 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lespoutinesdijonnaises.blogspot.com Open in urlscan Pro
2a00:1450:4001:827::2001 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

97 %
HTTPS

47 %
IPv6

36
Domains

40
Subdomains

39
IPs

3
Countries

5059 kB
Transfer

7061 kB
Size

1
Cookies

95 HTTP transactions
0 data transactions