byturl.blogspot.com Open in urlscan Pro
2a00:1450:4001:80f::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://byturl.blogspot.com/
Submission: On November 23 via api (November 23rd 2022, 7:05:30 am UTC) from DE — Scanned from DE

Summary HTTP 111 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 27 domains to perform 111 HTTP transactions. The main IP is 2a00:1450:4001:80f::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is byturl.blogspot.com.

This is the only time byturl.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:9391	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:1ccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	54.37.161.241 54.37.161.241	16276 (OVH) (OVH)
1 2	51.159.67.109 51.159.67.109	12876 (Online SAS) (Online SAS)
2	148.251.152.47 148.251.152.47	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3034::6815:2ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4 4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::89	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4013:c04::89	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
1	185.66.200.221 185.66.200.221	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.25.184.216 185.25.184.216	24971 (MASTER-AS...) (MASTER-AS Czech Republic www.master.cz)
3	143.204.215.123 143.204.215.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
111	28

9 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

byturl.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t9anihtam.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
islami-wdbloog.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9391 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.fontstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:1ccc (United States)

ASN13335 (CLOUDFLARENET, US)

www.fontstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.37.161.241 (France)

ASN16276 (OVH, FR)
PTR: bestchange.com

www.bestchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.159.67.109 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-159-67-109.rev.poneytelecom.eu

e.top4top.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.152.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.152.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::6815:2ca (United States)

ASN13335 (CLOUDFLARENET, US)

exchangeff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

sites.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::89 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

1d3050b4-a-62cb3a1a-s-sites.googlegroups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c04::89 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

904daaa5-a-62cb3a1a-s-sites.googlegroups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

rf.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.221 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu

ylx-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.25.184.216 (Czech Republic)

ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ)
PTR: vm1795.cust.netio.cz

dstats.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-123.fra53.r.cloudfront.net

mir-s3-cdn-cf.behance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	blogspot.com byturl.blogspot.com t9anihtam.blogspot.com islami-wdbloog.blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 12985 1.bp.blogspot.com — Cisco Umbrella Rank: 10122 2.bp.blogspot.com — Cisco Umbrella Rank: 13008	417 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	252 KB
8	revolvermaps.com rf.revolvermaps.com — Cisco Umbrella Rank: 131164	23 KB
8	blogger.com www.blogger.com — Cisco Umbrella Rank: 8797	349 KB
7	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 74 Failed blogger.googleusercontent.com — Cisco Umbrella Rank: 14288	363 KB
7	exchangeff.com exchangeff.com	21 KB
6	google.com 4 redirects sites.google.com — Cisco Umbrella Rank: 2824 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 43	223 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 867	88 KB
3	behance.net mir-s3-cdn-cf.behance.net — Cisco Umbrella Rank: 23462	343 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	59 KB
3	fontstatic.com 1 redirects www.fontstatic.com — Cisco Umbrella Rank: 316603	34 KB
2	googlegroups.com 1d3050b4-a-62cb3a1a-s-sites.googlegroups.com 904daaa5-a-62cb3a1a-s-sites.googlegroups.com	3 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
2	gstatic.com fonts.gstatic.com	79 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 712	83 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 42633 static.a-ads.com — Cisco Umbrella Rank: 53360	614 KB
2	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 16283 img1.blogblog.com — Cisco Umbrella Rank: 77640	562 B
2	bestchange.com www.bestchange.com — Cisco Umbrella Rank: 833982	30 KB
1	dstats.net dstats.net	235 B
1	ylx-1.com ylx-1.com	696 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 106 Failed	3 KB
1	top4top.io e.top4top.io	102 KB
1	top4top.net 1 redirects e.top4top.net	87 B
0	cbsistatic.com Failed gamespot1.cbsistatic.com Failed
0	theme20.com Failed d.theme20.com Failed
111	27

	Domain	Requested by
9	4.bp.blogspot.com	t9anihtam.blogspot.com
8	rf.revolvermaps.com	exchangeff.com rf.revolvermaps.com
8	pagead2.googlesyndication.com	t9anihtam.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	www.blogger.com	byturl.blogspot.com t9anihtam.blogspot.com
7	exchangeff.com	t9anihtam.blogspot.com exchangeff.com
6	t9anihtam.blogspot.com	byturl.blogspot.com t9anihtam.blogspot.com ajax.googleapis.com
5	ajax.googleapis.com	byturl.blogspot.com t9anihtam.blogspot.com
4	sites.google.com	4 redirects
4	1.bp.blogspot.com	t9anihtam.blogspot.com
4	lh3.googleusercontent.com	t9anihtam.blogspot.com
4	use.fontawesome.com	byturl.blogspot.com use.fontawesome.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	mir-s3-cdn-cf.behance.net	t9anihtam.blogspot.com
3	www.google-analytics.com	t9anihtam.blogspot.com exchangeff.com
3	blogger.googleusercontent.com	t9anihtam.blogspot.com
3	www.fontstatic.com	1 redirects byturl.blogspot.com www.fontstatic.com
2	2.bp.blogspot.com	t9anihtam.blogspot.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	maxcdn.bootstrapcdn.com	t9anihtam.blogspot.com maxcdn.bootstrapcdn.com
2	www.bestchange.com	byturl.blogspot.com t9anihtam.blogspot.com
2	byturl.blogspot.com	byturl.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	dstats.net	ajax.googleapis.com
1	ylx-1.com	ajax.googleapis.com
1	img1.blogblog.com	t9anihtam.blogspot.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	904daaa5-a-62cb3a1a-s-sites.googlegroups.com	t9anihtam.blogspot.com
1	1d3050b4-a-62cb3a1a-s-sites.googlegroups.com	t9anihtam.blogspot.com
1	fonts.googleapis.com	t9anihtam.blogspot.com
1	islami-wdbloog.blogspot.com	byturl.blogspot.com
1	static.a-ads.com	ad.a-ads.com
1	www.facebook.com	byturl.blogspot.com
1	ad.a-ads.com	byturl.blogspot.com
1	resources.blogblog.com	byturl.blogspot.com
1	e.top4top.io	byturl.blogspot.com
1	e.top4top.net	1 redirects
0	gamespot1.cbsistatic.com Failed	t9anihtam.blogspot.com
0	d.theme20.com Failed	byturl.blogspot.com
111	40

This site contains links to these domains. Also see Links.

Domain
t9anihtam.blogspot.com
bit.ly
www.blogger.com
www.ghostino.tech

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
bestchange.com R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.revolvermaps.com R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
ylx-1.com R3	`2022-11-15` - `2023-02-13`	3 months	crt.sh
dstats.net R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
*.behance.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://byturl.blogspot.com/
Frame ID: B3706185BF4DCF02732E25B4E80EC9D5
Requests: 18 HTTP requests in this frame

Frame: https://t9anihtam.blogspot.com/2017/09/blog-post.html
Frame ID: F688398360C6D1F685C371ACC536AD6C
Requests: 69 HTTP requests in this frame

Frame: http://ad.a-ads.com/791419?size=300x250
Frame ID: C8DE67C907D92C376335C5DFAE6B721F
Requests: 3 HTTP requests in this frame

Frame: http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
Frame ID: 60DDB7AA657D377FCAB7BDD62ADED05C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
Frame ID: CD93D8195774C655B4CAD18F250640F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 52BBCBC2E537EE986D15901D01059273
Requests: 1 HTTP requests in this frame

Frame: https://exchangeff.com/?s=1&qc=1975
Frame ID: 4434B4E1B87EF8EAF6AE9A26DD0D3C70
Requests: 7 HTTP requests in this frame

Frame: https://exchangeff.com/?s=1&qc=1975
Frame ID: 7BEACFD2606C19BFC33991B442E9E054
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3779359074725155&output=html&adk=1812271804&adf=3279755397&plat=1%3A66048%2C2%3A66048%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fbyturl.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1669187126387&bpp=4&bdt=267&idt=306&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=8004672677100&frm=24&ife=1&pv=2&ga_vid=1728445751.1669187127&ga_sid=1669187127&ga_hid=560315009&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=2&ish=2&ifk=2533983972&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44770880&oid=2&pvsid=1105358199535504&tmod=300612722&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2%2C2&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.wxnnupfnlfha&fsb=1&dtd=343
Frame ID: 31239FE4E4FE847DD0BF1B0FD50DB644
Requests: 1 HTTP requests in this frame

Frame: https://rf.revolvermaps.com/w/8/a/a2.php?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Frame ID: 9353A50DA0C0F575137DE9996D053676
Requests: 1 HTTP requests in this frame

Frame: https://rf.revolvermaps.com/w/8/a/a2.php?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Frame ID: 3C12D80CD9E6FA0E1DBB227EE78F3E1B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB4EFC181C534E031A3F5E73AA018098
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29A66E631D07A6A0FDCE55ACE4893547
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

موقع اعادة التوجيه

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

RevolverMaps (Maps) Expand

Overall confidence: 100%
Detected patterns

\.revolvermaps\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

85 %
HTTPS

79 %
IPv6

27
Domains

40
Subdomains

28
IPs

7
Countries

3094 kB
Transfer

4367 kB
Size

2
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Search URL Search Domain Scan URL

URL: http://bit.ly/2ws7NyP

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/04014159563117983407
Title: هيثم تك

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=6368974174328557375&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6368974174328557375&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6368974174328557375&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6368974174328557375&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6368974174328557375&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6368974174328557375&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=6320622101302234782&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6320622101302234782&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6320622101302234782&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6320622101302234782&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6320622101302234782&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=6320622101302234782&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=1107169091086693738&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=1107169091086693738&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=1107169091086693738&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=1107169091086693738&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=1107169091086693738&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=1107169091086693738&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=3291373638843353786&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3291373638843353786&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3291373638843353786&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3291373638843353786&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3291373638843353786&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3291373638843353786&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=5727878596706630446&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=5727878596706630446&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=5727878596706630446&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=5727878596706630446&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=5727878596706630446&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=5727878596706630446&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=2116093991970639706&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=2116093991970639706&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=2116093991970639706&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=2116093991970639706&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=2116093991970639706&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=2116093991970639706&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4111635595824672891&postID=3785444325093164327&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3785444325093164327&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3785444325093164327&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3785444325093164327&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3785444325093164327&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4111635595824672891&postID=3785444325093164327&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: http://www.ghostino.tech/
Title: تصميم و تكويد:غــوستينو

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.fontstatic.com/f=rawy-bold HTTP 301
https://www.fontstatic.com/f=rawy-bold

Request Chain 6

https://e.top4top.net/p_601ytosi0.jpg HTTP 301
https://e.top4top.io/p_601ytosi0.jpg

Request Chain 17

http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30 HTTP 307
https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30

Request Chain 46

https://sites.google.com/site/simoxooorg/Home/jquery.lazyload.mini.js?ver=1.5.0 HTTP 302
https://sites.google.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attredirects=0&ver=1.5.0 HTTP 302
https://1d3050b4-a-62cb3a1a-s-sites.googlegroups.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attachauth=ANoY7crFDvv3ETSLTL43lMD6AT6MA2jHT2a_DljOBTfHz3quKOCdWzhU2R4DeyMjcNt-zNUQgGzbT5Lnrf7quVhlPCl-jiP9KEtwQhA7YrJ1fPq4FxA-xaqGwurCbVBk_m3OBDPGXJxby55EKN7mmmPJP4j679nqKbP0qHkbVB1i-w7yi-oCUCTedU1zBfZvrnmN_lJ9TAAlmHgy7TMdONKeLe0FqA0cvhtvNlfHQJfn7-mRicpS6-s%3D&attredirects=0&ver=1.5.0

Request Chain 48

https://sites.google.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js HTTP 302
https://sites.google.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attredirects=0 HTTP 302
https://904daaa5-a-62cb3a1a-s-sites.googlegroups.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attachauth=ANoY7cpCnSvY-ncDSfnkDB8zW8ahMtSMUQvV80MR_A9U2zpZ5tP8BQAixdECJM_4vj8lRSS8QYSPiu1ribCE6QMKnovlu2aJ1u-NvLuPCUnJ8S-Glpmx3ZboQpj5lcY9Oe66p711p9Yg1PJrCeLrq1CugcBIMHSiU-fzBHfkuOv_88ZOfJNQuAeR4Zr8ZpDEw30VLaXnnLIJycEaThcvX1m47QDgnAuY-JkEvP3hjU2rjEgQWhSl4yxBR1WTISw7ihHCSMSMM53w&attredirects=0

Request Chain 95

https://static.gamespot.com/uploads/screen_kubrick/mig/7/1/0/0/2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg HTTP 301
https://gamespot1.cbsistatic.com/uploads/screen_kubrick/mig/7/1/0/0/2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg

Request Chain 98

https://static.gamespot.com/uploads/original/gamespot/images/2005/311/reviews/698332-920387_20051109_002.jpg HTTP 301
https://gamespot1.cbsistatic.com/uploads/original/gamespot/images/2005/311/reviews/698332-920387_20051109_002.jpg

111 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
byturl.blogspot.com/ 58 KB
12 KB 300ms
243ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://byturl.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

056d3682e6aa1d7d44e470f29dba8b86cf95dc09bfab9a14421df793dc01fd5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 11468
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Nov 2022 07:05:25 GMT
ETag: W/"f09bd5294cf3701a67f9bc9681369131809184beb540da5b37bd64926cb496c3"
Expires: Wed, 23 Nov 2022 07:05:25 GMT
Last-Modified: Wed, 01 Dec 2021 15:27:18 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 466517130-widget_css_bundle_rtl.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 124ms
38ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/466517130-widget_css_bundle_rtl.css

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7128c3dd35bd13376ad01db6d1c538815e90aa93bbe9887edb129e1c31a8cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 17:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6636
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 11:50:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 20 Nov 2023 17:34:08 GMT

GET
H2 200 bc288502b9.js Show response
use.fontawesome.com/ 9 KB
4 KB 64ms
22ms Script
text/javascript 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/bc288502b9.js
Requested by: Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3773d654bcc8a27cb4d3ae689e13978cac23b0c20649496acf4a2de375011696

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H34B2V2BNGBNH7XK
age: 4692
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: IRszZUZZI/yLIkB4dEGPKa1JQrj3E5faCrnc22BtSB3na8L2hMfYZVOXRGxi3O03RDaG3D3RAhk=
last-modified: Thu, 01 Jul 2021 14:28:34 GMT
server: cloudflare
etag: W/"7984855da6b39aa70236f0dd0bc772d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI3RUpY%2FENeZtWuFASBpxdsmb4kXGq0L%2BTSZMtRg7EhCQVie%2FvjyDWlOt2QvFqJ%2B8gTFb0cT58i%2F88wP%2Bp%2BjkGPGWxt040IFnU%2FShk7lKSu37zkB4UnyjCN9JcsBDRH5R2LPZarjZPB0mGoFuXqVDMTo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 76e80e6e799f8fe9-FRA

GET
H2

200

f=rawy-bold
www.fontstatic.com/
Redirect Chain

http://www.fontstatic.com/f=rawy-bold
https://www.fontstatic.com/f=rawy-bold

244 B
663 B

97ms
76ms

Stylesheet
text/css

2606:4700:3035::6815:1ccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/f=rawy-bold
Requested by: Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/
Protocol: H2
Server: 2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6af41fcab39958bcb2fc249505be0c35139d1727abcc0e3dad8a7a6cf82d703

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 07:05:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmgcjuVQq7SA5tQ9KaV9Ux7WeqTMOVMzwv62McIgevOToZDtcdmuXk%2FIyQKPhuwq%2BsdEHffiOZCIZ0kbgSJ6S4oMRnHDS8q%2Fq7CByW8iUZQwoesLkfaEanpZGrr3paWpnN04%2F%2FQJxHgj5Ftd7LIvSDw%3D"}],"group":"cf-nel","max_age":604800}
x-cache: MISS
content-type: text/css; charset=UTF-8
cf-ray: 76e80e6ea90d6922-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: MISS

Redirect headers

Date: Wed, 23 Nov 2022 07:05:25 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcUWzEtp8WyCgYOmGgfj1RBRrT%2FRW6cQzazO6OM5t%2F5lwMQJpRtvW%2F3ebK4XjqggiwMgFGk6gxcA2sTclFeTW8xhB63dcfctB4p5D1F5tizz7OG5uMcrpsX5dDt0N2XHkXwFmBhHAizU2vmpat788Wo%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.fontstatic.com/f=rawy-bold
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 76e80e6e6e1f9296-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Wed, 23 Nov 2022 08:05:25 GMT

GET icons.css
d.theme20.com/ipress/styles/ 0
0

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
30 KB 80ms
40ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 19 Nov 2022 22:28:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 290210
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 29478
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 19 Nov 2023 22:28:35 GMT

GET
H/1.1 200
OK 468x60-16.gif
www.bestchange.com/images/banners/ 26 KB
27 KB 63ms
18ms Image
image/gif 54.37.161.241
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bestchange.com/images/banners/468x60-16.gif
Requested by: Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/
Protocol: HTTP/1.1
Server: 54.37.161.241 , France, ASN16276 (OVH, FR),
Reverse DNS: bestchange.com
Software: nginx /
Resource Hash: 38b004b86a1bd646c642db0d0c3daeee43cd6e5ab770e6d3093503be9d0cfa10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:25 GMT
Last-Modified: Sat, 12 Nov 2022 19:25:26 GMT
Server: nginx
ETag: "636ff326-694c"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26956
Expires: Fri, 23 Dec 2022 07:05:25 GMT

GET
H2

200

p_601ytosi0.jpg
e.top4top.io/
Redirect Chain

https://e.top4top.net/p_601ytosi0.jpg
https://e.top4top.io/p_601ytosi0.jpg

102 KB
102 KB

49ms
48ms

Image
image/jpeg

51.159.67.109
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.top4top.io/p_601ytosi0.jpg
Requested by: Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/
Protocol: H2
Server: 51.159.67.109 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-159-67-109.rev.poneytelecom.eu
Software: nginx /
Resource Hash: a2b88ecc56f70a23aeb4b213df8f9b407ace05018a418696eab88cbc130e86a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-file-id: x19223524x
date: Wed, 23 Nov 2022 07:05:25 GMT
last-modified: Thu, 24 Aug 2017 20:29:55 GMT
server: nginx
etag: "599f3743-19638"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="%D9%A2%D9%A0%D9%A1%D9%A7%D9%A0%D9%A8%D9%A2%D9%A3_%D9%A1%D9%A6%D9%A2%D9%A1%D9%A2%D9%A7.jpg"
accept-ranges: bytes
content-length: 103992
expires: Wed, 23 Nov 2022 09:05:25 GMT

Redirect headers

location: https://e.top4top.io/p_601ytosi0.jpg
date: Wed, 23 Nov 2022 07:05:25 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
300 B 39ms
37ms Image
image/gif 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 01:35:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Nov 2022 08:51:10 GMT
server: sffe
age: 451819
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 25 Nov 2022 01:35:06 GMT

GET
H/1.1 200
OK cookienotice.js Show response
byturl.blogspot.com/js/ 6 KB
3 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://byturl.blogspot.com/js/cookienotice.js

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 23 Nov 2022 06:49:48 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Wed, 30 Nov 2022 07:05:25 GMT

GET
H3 200 2342155703-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
153 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2342155703-widgets.js

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:57:08 GMT
x-content-type-options: nosniff
age: 18497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156915
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:52:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 23 Nov 2023 01:57:08 GMT

GET
H2 200 bc288502b9.css
use.fontawesome.com/ 1 KB
759 B 46ms
46ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/bc288502b9.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/bc288502b9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be5a483025a27538365b42dfc8c18a89722aed7461f9b24c89fc6dc9fc7868c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WHMPNS8QB2V081CZ
age: 4692
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xlMZ/4jG21DwniqcxVXvIRxIE/r9vlMmU1vK/GUj6/qZkrupKE58IxauH6MsGD4+mCL/+eujJVo=
last-modified: Thu, 01 Jul 2021 14:28:34 GMT
server: cloudflare
etag: W/"da864a50c0b849764b6b6ec3cce5fe9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud4xYcC1329FwhUrpkX8iFCxFfO4NYOYatdoYdRIxzsm7D37ATzLWvBRUsCyBYT96KwF5y83bWogwWSWcuQaj94TIqyn70DJ4ElnLj4OU2h4TQ1N9TV7FRQOH1TsJFoDtWpNrZ6bt7SlnPkOfiZmaNF4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 76e80e6f0a878fe9-FRA

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 26ms
26ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/bc288502b9.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/bc288502b9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XQSM6NJC4BP28Y26
age: 26082926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jRknYdZoTGREUxlVlTIvfpDZ7BoC/YWh9a7hfZwZzBpiGOElVAd++DMr/52JDe9PMDRNtePgtfk=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYQ7b948atnSdh0IUHstoS71bGuMT3Q4uynn2hY4iZdBnRBW738RLmE6JmKG9haSZAdhxCDvPSTJ62DF4i9WLqE7zudirI5KLhPsRh37uBri2qBNw8m4M4pBiUvSfvjxan7ttTcVriFWFSZ9yNBv2kpG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 76e80e6f5d6391dd-FRA

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 235ms
218ms Font
application/font-woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/bc288502b9.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/bc288502b9.css
Origin: http://byturl.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QHABZ6X83R6XG6X0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-amz-id-2: 4LlJOnemfUXFYpX0ovGOAQ92WmrCk2PJZZcPpJxaRMR64hvt6nADjIJTg4z5wzrmhlF5f4c/i0w=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze5GP3xcMbBGu0MxeDgDl5g6zQLBw7bRljVSGFQNyIvjgkvKrVXL6Dv3xA4CdM4L%2BOLHLr6QmD1%2FtubzrJJufEFYx4JzstzDvx%2FZInkfGOWAE%2B2N2ftkbT%2B2C9F2om1pVAKBIX0uSXG8NA3ktXcLDbcL"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 76e80e6fcd1392ad-FRA

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 153ms
152ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4111635595824672891&zx=46ac9a3b-adc4-4b90-80e9-5b24a43964a0

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 23 Nov 2022 07:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Nov 2022 07:05:25 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 404 blog-post.html Show response
t9anihtam.blogspot.com/2017/09/ Frame F688 237 KB
52 KB 365ms
229ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t9anihtam.blogspot.com/2017/09/blog-post.html

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6673ba3b39064adc8eb0d26b0bac45fb6b92d1a794f7bcebb62a323dd094d500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://byturl.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 52344
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 07:05:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 791419 Show response
ad.a-ads.com/ Frame C8DE 12 KB
5 KB 57ms
24ms Document
text/html 148.251.152.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/791419?size=300x250

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

HTTP/1.1

Server

148.251.152.47 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.47.152.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

043ce40ee812668193673662d2302ca02eb558bb415abc73da6f9b20b7b0fcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://byturl.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 23 Nov 2022 07:05:25 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://byturl.blogspot.com/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET like.php
www.facebook.com/widgets/ Frame 60DD 0
0

GET
H2

200

like.php Show response
www.facebook.com/widgets/ Frame CD93
Redirect Chain

http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30

0
3 KB

80ms
38ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://byturl.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Nov 2022 07:05:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: fLMtktZG2nhSeFGyADKRlAOPznz3jLXdDwCTpBatj3w5qpWlXNK/+iPgrEl7f9Ayk9eiESawkT/Y2GLpgOoGqw==
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
Non-Authoritative-Reason: HSTS

GET
H3 200 rawy-bold.woff
www.fontstatic.com/fonts/rawy-bold/ 33 KB
33 KB 64ms
54ms Font
application/font-woff 2606:4700:3035::6815:1ccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/fonts/rawy-bold/rawy-bold.woff
Requested by: Host: www.fontstatic.com
URL: https://www.fontstatic.com/f=rawy-bold
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6db79bbaaa46e1cff1f4c0333fff49bec0c71ad8b671db49dc832098e79c37

Request headers

Referer: https://www.fontstatic.com/f=rawy-bold
Origin: http://byturl.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2019 17:50:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d30b148-8214"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWeyn3nW20miyekGVxQv4NEFGWz7JHOILDWl%2Fx5%2FM0r7vct%2BTfznwAMS%2Bah1cfJIu61BEcaKLVy18nkCy7ri4YPF6Lc0z0K4FSjRDQEkm5%2BZlE%2FSBoEhv5TfUaB0P6hGsY%2FWRqxR%2FtW2kvrbcl6HACg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 76e80e703ae75c56-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: MISS

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/393746/ Frame C8DE 609 KB
609 KB 38ms
11ms Image
image/gif 148.251.152.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/393746/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/791419?size=300x250
Protocol: HTTP/1.1
Server: 148.251.152.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.152.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:25 GMT
x-amz-version-id: FOGynYQlla8njUZxgta1uuTSww4lT2p7
Last-Modified: Tue, 31 May 2022 13:28:30 GMT
Server: nginx
x-amz-request-id: VKJKS1MMF0E4WV2G
ETag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 623504
x-amz-id-2: ij3pG4yDoSloNTCXROAms6wo+KZti40XzQEVpb5KWOzxZXPjvFOXhUWI5rr9fjwLfFZHg7ZjPr4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame C8DE 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 summary
islami-wdbloog.blogspot.com/feeds/posts/ 0
0 235ms
206ms Script
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://islami-wdbloog.blogspot.com/feeds/posts/summary?alt=json&callback=arlinadesignTicker
Requested by: Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 533ms
533ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4111635595824672891&zx=46ac9a3b-adc4-4b90-80e9-5b24a43964a0

Requested by

Host: byturl.blogspot.com
URL: http://byturl.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://byturl.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Nov 2022 07:05:26 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2504215749-css_bundle_v2_rtl.css
www.blogger.com/static/v1/widgets/ Frame F688 35 KB
35 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2504215749-css_bundle_v2_rtl.css

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16225e419c311862b7c7deabb1f85dfc4eb828f189b1aba394c73f2ada5e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 06:45:04 GMT
x-content-type-options: nosniff
age: 260422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35995
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 05:52:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 20 Nov 2023 06:45:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F688 143 KB
49 KB 167ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3779359074725155

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e65c71005678ba9546f9a4a92d60133983c7715664991e62a0d0ea6ddd336d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t9anihtam.blogspot.com/
Origin: https://t9anihtam.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49151
x-xss-protection: 0
server: cafe
etag: 13928280945602828104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:05:26 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ Frame F688 91 KB
34 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 06:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:11:02 GMT

GET
H3 404 adsbygoo%20%20gle.js
pagead2.googlesyndication.com/pagead/js/ Frame F688 0
0 133ms
50ms Script
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoo%20%20gle.js
Requested by: Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 droidarabicnaskh.css
fonts.googleapis.com/earlyaccess/ Frame F688 1 KB
717 B 145ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 23 Nov 2022 07:05:26 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F688 30 KB
7 KB 37ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 26412799
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76e80e726e325b38-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ Frame F688 94 KB
33 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 06:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 06:59:49 GMT

GET
H2 200 original-logos_2018_Mar_60a9db2c0ba225wm.png
4.bp.blogspot.com/--rq67CIFjig/WtHf1yKFwWI/AAAAAAAABCM/rtXlFmKmrU8o_Jim9GVjAvtxZe7-yqG1wCK4BGAYYCw/s1600/ Frame F688 21 KB
21 KB 527ms
404ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--rq67CIFjig/WtHf1yKFwWI/AAAAAAAABCM/rtXlFmKmrU8o_Jim9GVjAvtxZe7-yqG1wCK4BGAYYCw/s1600/original-logos_2018_Mar_60a9db2c0ba225wm.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c306577bcabba140ab7f2842a6fdc870ac5ff83a2e4a57c0e03034acc0c2a31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="original-logos_2018_Mar_60a9db2c0ba225wm.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20996
x-xss-protection: 0
server: fife
etag: "v424"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Nov 2022 23:14:17 GMT

GET
H2 200 ad.js Show response
exchangeff.com/ Frame F688 3 KB
1 KB 235ms
18ms Script
application/javascript 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangeff.com/ad.js
Requested by: Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4ddee04af7a45f3f8fe4fdd696033910deabfce858bd690ad220ac1a3fa9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 595426
cf-polished: origSize=3616
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Apr 2020 20:22:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S327uz9U5I2Jk5po1WDHZixqW%2F%2BD91RofY3dttS%2FhWoH68oEOtDF0HVN2LqNiDIAq1h0EZG9KKVimK8oQDOF5W%2FQrFIkCtBEl6iV72%2B8fz9nPaLFc8Tm0LPgBNiO7r%2BrtICwXYT511P2xPIkxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 76e80e74fade920d-FRA
expires: Wed, 23 Nov 2022 09:41:40 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F688 143 KB
48 KB 168ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caf4221c555153caa0e2a18638f93dc726510dc2c67a2952886724d213ad86bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49137
x-xss-protection: 0
server: cafe
etag: 13911313873787148191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:05:26 GMT

GET %25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A6%25D9%25A0%25D9%25A8_%25D9%25A1%25D9%25A8%25D9%25A3%25D9%25A6%25D9%25A2%25D9%25A1.jpg
lh3.googleusercontent.com/-Qdftg61tDJU/WTmPJZ-XTeI/AAAAAAAAAnI/fCR7KDC77d8Pf7Mxqehsa9_WQOaMqg7GQCHM/s72-c/ Frame F688 0
0

GET
H2 200 AVvXsEgLlCGP74WOAEnTrL8CmR3pc11Krn7FYHNEFbwiHjQkqKyS1MYpifbfrqWEcvX-tPlNVkVxpj-UEv4FHUNHB-8k1DOi2-TOJQSFS4Gn9RiMKn117oKlCo5V6nQ5cKtAkAhLFQK-uO_5TDkvMtr0vIDEMtvOx7Np9JjWcWlkyIWcP9CtRb_vkY-L9et-Sg=s7...
blogger.googleusercontent.com/img/a/ Frame F688 4 KB
4 KB 704ms
608ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgLlCGP74WOAEnTrL8CmR3pc11Krn7FYHNEFbwiHjQkqKyS1MYpifbfrqWEcvX-tPlNVkVxpj-UEv4FHUNHB-8k1DOi2-TOJQSFS4Gn9RiMKn117oKlCo5V6nQ5cKtAkAhLFQK-uO_5TDkvMtr0vIDEMtvOx7Np9JjWcWlkyIWcP9CtRb_vkY-L9et-Sg=s72-w400-c-h225

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66e9eed1320aa339b4e08b1018d6e302da6b83056f1bdf1f49ce4078f9b0a1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="maxresdefault.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4071
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:27 GMT

GET grand-theft-auto-4.png
4.bp.blogspot.com/-KBkDczissH8/WCc638xyRFI/AAAAAAAAFIw/fGH4z2AJgiEDvvgTx0dCieeUK1dbr2qyACLcB/s72-c/ Frame F688 0
0

GET %25D9%2582%25D8%25A7%25D9%2584%25D8%25A8%2BN%2BLight%2B%25D9%2585%25D8%25B9%25D8%25B1%25D8%25A8.png
4.bp.blogspot.com/-mTYB6tzip30/VykAd5DRv0I/AAAAAAAABGQ/PGhjZJC3TQU-bP3OKotfUOdLpiNwJ89yQCLcB/s72-c/ Frame F688 0
0

GET
H2 200 banner.php Show response
www.bestchange.com/js/ Frame F688 23 KB
3 KB 70ms
21ms Script
application/x-javascript 54.37.161.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bestchange.com/js/banner.php?p=696399

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.37.161.241 , France, ASN16276 (OVH, FR),

Reverse DNS

bestchange.com

Software

nginx /

Resource Hash

22c77bf92671d988032fdb6effc5369e7c1a8cd16511f8287c9db7ffd7c9793c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
cache-control: public, max-age=86400
content-encoding: gzip
strict-transport-security: max-age=31536000;
server: nginx
content-type: application/x-javascript; charset=windows-1251

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F688 49 KB
20 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6572
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 07:15:54 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ Frame F688 1 B
43 B 229ms
225ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2775667761583791250&zx=f2b1afdc-23f0-457e-9228-e416231525fa

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Nov 2022 07:05:26 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 background-4.jpg
1.bp.blogspot.com/-eaKdOOTPFg4/Wa6BGUOr5jI/AAAAAAAAD0U/SvDwHkUHrlYoRDGXuUEoM8YjXM7uo4DaACK4BGAYYCw/s1600/ Frame F688 21 KB
21 KB 138ms
40ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-eaKdOOTPFg4/Wa6BGUOr5jI/AAAAAAAAD0U/SvDwHkUHrlYoRDGXuUEoM8YjXM7uo4DaACK4BGAYYCw/s1600/background-4.jpg

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5ad3e0105b8d04570efdd065e47840bec11fb9c507ffab530b3483f667e9d921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 03:07:54 GMT
x-content-type-options: nosniff
age: 14252
content-disposition: inline;filename="background-4.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21513
x-xss-protection: 0
server: fife
etag: "vf46"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Nov 2022 19:00:55 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame F688 75 KB
76 KB 44ms
24ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://t9anihtam.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 272455
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 98019f912e1cc490d70b568e17ee2a26
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76e80e73e90b9bee-FRA
cdn-requestpullsuccess: True

GET
H2 200 DroidNaskh-Regular.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ Frame F688 38 KB
39 KB 134ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t9anihtam.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:21 GMT
x-content-type-options: nosniff
age: 500645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39220
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 12:01:21 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame F688 355 KB
117 KB 144ms
93ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3779359074725155&plah=t9anihtam.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3779359074725155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9ecfdea408321a7f5dcad4dfd4df6affcd077826566568cdd78a8a673cde15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 7743882904405439809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 07:05:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 52BB 10 KB
5 KB 129ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3779359074725155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t9anihtam.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 10:43:54 GMT
etag: 10353107486223812946
expires: Tue, 06 Dec 2022 10:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ Frame F688 70 KB
71 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 22:15:42 GMT
x-content-type-options: nosniff
age: 377384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 22:15:42 GMT

GET
H2

200

jquery.lazyload.mini.js Show response
1d3050b4-a-62cb3a1a-s-sites.googlegroups.com/site/simoxooorg/Home/ Frame F688
Redirect Chain

https://sites.google.com/site/simoxooorg/Home/jquery.lazyload.mini.js?ver=1.5.0
https://sites.google.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attredirects=0&ver=1.5.0
https://1d3050b4-a-62cb3a1a-s-sites.googlegroups.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attachauth=ANoY7crFDvv3ETSLTL43lMD6AT6MA2jHT2a_DljOBTfHz3quKOCdWzhU2R4DeyMjcNt-zNUQgGzbT5Lnrf7quVhl...

3 KB
1 KB

280ms
147ms

Script
text/x-c

2a00:1450:400c:c1b::89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d3050b4-a-62cb3a1a-s-sites.googlegroups.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attachauth=ANoY7crFDvv3ETSLTL43lMD6AT6MA2jHT2a_DljOBTfHz3quKOCdWzhU2R4DeyMjcNt-zNUQgGzbT5Lnrf7quVhlPCl-jiP9KEtwQhA7YrJ1fPq4FxA-xaqGwurCbVBk_m3OBDPGXJxby55EKN7mmmPJP4j679nqKbP0qHkbVB1i-w7yi-oCUCTedU1zBfZvrnmN_lJ9TAAlmHgy7TMdONKeLe0FqA0cvhtvNlfHQJfn7-mRicpS6-s%3D&attredirects=0&ver=1.5.0

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Server

2a00:1450:400c:c1b::89 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ccacd7eb2776fe58094f314feae727e825f42137fbb173f1bd308e1ff9a8d289

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-disposition: attachment; filename="jquery.lazyload.mini.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 822
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Jul 2010 20:07:16 GMT
server: GSE
etag: "1279742836812"
x-frame-options: SAMEORIGIN
content-type: text/x-c; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://1d3050b4-a-62cb3a1a-s-sites.googlegroups.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attachauth=ANoY7crFDvv3ETSLTL43lMD6AT6MA2jHT2a_DljOBTfHz3quKOCdWzhU2R4DeyMjcNt-zNUQgGzbT5Lnrf7quVhlPCl-jiP9KEtwQhA7YrJ1fPq4FxA-xaqGwurCbVBk_m3OBDPGXJxby55EKN7mmmPJP4j679nqKbP0qHkbVB1i-w7yi-oCUCTedU1zBfZvrnmN_lJ9TAAlmHgy7TMdONKeLe0FqA0cvhtvNlfHQJfn7-mRicpS6-s%3D&attredirects=0&ver=1.5.0
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 468
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 07:05:26 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ Frame F688 56 KB
56 KB 119ms
42ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 22:24:13 GMT
x-content-type-options: nosniff
age: 117673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57254
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:24:13 GMT

GET
H2

200

lazyload-min.js Show response
904daaa5-a-62cb3a1a-s-sites.googlegroups.com/site/addinblogger/how-to-add-in-blogger/ Frame F688
Redirect Chain

https://sites.google.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js
https://sites.google.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attredirects=0
https://904daaa5-a-62cb3a1a-s-sites.googlegroups.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attachauth=ANoY7cpCnSvY-ncDSfnkDB8zW8ahMtSMUQvV80MR_A9U2zpZ5tP8BQAixdECJM_4vj8lRSS8QYSPi...

2 KB
1 KB

768ms
632ms

Script
text/x-c

2a00:1450:4013:c04::89
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://904daaa5-a-62cb3a1a-s-sites.googlegroups.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attachauth=ANoY7cpCnSvY-ncDSfnkDB8zW8ahMtSMUQvV80MR_A9U2zpZ5tP8BQAixdECJM_4vj8lRSS8QYSPiu1ribCE6QMKnovlu2aJ1u-NvLuPCUnJ8S-Glpmx3ZboQpj5lcY9Oe66p711p9Yg1PJrCeLrq1CugcBIMHSiU-fzBHfkuOv_88ZOfJNQuAeR4Zr8ZpDEw30VLaXnnLIJycEaThcvX1m47QDgnAuY-JkEvP3hjU2rjEgQWhSl4yxBR1WTISw7ihHCSMSMM53w&attredirects=0

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Server

2a00:1450:4013:c04::89 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8a06b0c6aa30b326763d312cb07fdff3761ebabbf2909ef359b6a4d6247dfa4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
content-disposition: attachment; filename="lazyload-min.js"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 899
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 10 Dec 2010 01:50:11 GMT
server: GSE
etag: "1291945811338"
x-frame-options: SAMEORIGIN
content-type: text/x-c; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://904daaa5-a-62cb3a1a-s-sites.googlegroups.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attachauth=ANoY7cpCnSvY-ncDSfnkDB8zW8ahMtSMUQvV80MR_A9U2zpZ5tP8BQAixdECJM_4vj8lRSS8QYSPiu1ribCE6QMKnovlu2aJ1u-NvLuPCUnJ8S-Glpmx3ZboQpj5lcY9Oe66p711p9Yg1PJrCeLrq1CugcBIMHSiU-fzBHfkuOv_88ZOfJNQuAeR4Zr8ZpDEw30VLaXnnLIJycEaThcvX1m47QDgnAuY-JkEvP3hjU2rjEgQWhSl4yxBR1WTISw7ihHCSMSMM53w&attredirects=0
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 479
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 07:05:26 GMT

GET
H3 200 cookienotice.js Show response
t9anihtam.blogspot.com/js/ Frame F688 6 KB
2 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t9anihtam.blogspot.com/js/cookienotice.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/2017/09/blog-post.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 23:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 21:49:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 27 Nov 2022 23:14:16 GMT

GET
H3 200 2342155703-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame F688 153 KB
153 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2342155703-widgets.js

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:57:08 GMT
x-content-type-options: nosniff
age: 18498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156915
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:52:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 23 Nov 2023 01:57:08 GMT

GET
H3 200 / Show response
exchangeff.com/ Frame 4434 5 KB
2 KB 670ms
652ms Document
text/html 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangeff.com/?s=1&qc=1975
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: e6ae36ab9209a864fd26a28d206099ce62d007df81a5d38459b472049fc491ee

Request headers

Referer: https://t9anihtam.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76e80e7548a79290-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 07:05:27 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fv2OqRU7%2BbIRgILBr4fcvgM9K4IfHmd8bZv5zLSGmoRT214tcvIX3uW0AwdtJX0JwIrQbRb1NcqHmI%2Bz4mzInY7R5OzooZwjuZb7s3a%2BtZuBi8MY6%2BS3nyGTFbXxtjnC3r3d2EVFsHwZlnOppA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H3 200 DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ Frame F688 40 KB
40 KB 124ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://t9anihtam.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 23:26:03 GMT
x-content-type-options: nosniff
age: 459563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41252
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:26:03 GMT

GET
H3 200 / Show response
exchangeff.com/ Frame 7BEA 5 KB
2 KB 678ms
666ms Document
text/html 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangeff.com/?s=1&qc=1975
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 46361ca4c11e9b0d40374a72e3c4645c9ff04aa1835281510126fda2703a297a

Request headers

Referer: https://t9anihtam.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76e80e7548aa9290-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 07:05:27 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVX7PSOx74eSLDv3e8%2FJkxPZX3vBmX1bLzSHKn2bJAiezeg2Ct4RdN5pcpR%2FCYnACFGPLrIBi9%2F3bxibuwnLUEt1aeAOTr4LDBlhPcaWsHPLO2qik%2Fs8vGYruCTIVPeYUexrX062gnLwSK2mLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ Frame F688 1 B
43 B 445ms
445ms Stylesheet
text/css 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2775667761583791250&zx=f2b1afdc-23f0-457e-9228-e416231525fa

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Nov 2022 07:05:26 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 repeat-bg.png
4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/ Frame F688 229 B
416 B 40ms
40ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-R2WTW6O9E1o/VX7dqIGT1eI/AAAAAAAACc4/pyvQDMMLX3E/s1600/repeat-bg.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 03:22:44 GMT
x-content-type-options: nosniff
age: 13362
content-disposition: inline;filename="repeat-bg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
server: fife
etag: "v9cf"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 12 Nov 2022 14:54:06 GMT

GET
H3 200 %D9%85%D9%88%D8%A7%D9%82%D8%B9 Show response
t9anihtam.blogspot.com/feeds/posts/default/-/ Frame F688 42 KB
6 KB 213ms
212ms XHR
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t9anihtam.blogspot.com/feeds/posts/default/-/%D9%85%D9%88%D8%A7%D9%82%D8%B9?alt=json-in-script&max-results=5&callback=jQuery111004166626767547954_1669187126352&_=1669187126353

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

cd156339c565592de28aaf73cf89108f6c2d6053cdfb5f705b4ceed3486841d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://t9anihtam.blogspot.com/2017/09/blog-post.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 08:07:30 GMT
server: blogger-renderd
etag: W/"00078613643baf5fc1f5ac225388271c532a743075c00e853adace8f30d9d9ef"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6170
x-xss-protection: 0
expires: Wed, 23 Nov 2022 07:05:27 GMT

GET
H3 200 default Show response
t9anihtam.blogspot.com/feeds/comments/ Frame F688 10 KB
2 KB 681ms
680ms XHR
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t9anihtam.blogspot.com/feeds/comments/default?alt=json-in-script&max-results=5&callback=jQuery111004166626767547954_1669187126354&_=1669187126355

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

5f63d59683943b1d9a633099157044efa79a7070dc19d869eff389926d9dc1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://t9anihtam.blogspot.com/2017/09/blog-post.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Mar 2022 09:41:15 GMT
server: blogger-renderd
etag: W/"400ae8445ada974e7b19d5b4bd2b998c100b77d050f07870fc8440ae64098aca"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1827
x-xss-protection: 0
expires: Wed, 23 Nov 2022 07:05:28 GMT

GET
H3 200 default Show response
t9anihtam.blogspot.com/feeds/posts/ Frame F688 103 KB
36 KB 712ms
712ms XHR
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t9anihtam.blogspot.com/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery111004166626767547954_1669187126356&_=1669187126357

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

06ea0e0c403bfaf99f86e67d9a42fd98d1ab19e0ff9e36de16743445f4e4c587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://t9anihtam.blogspot.com/2017/09/blog-post.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 08:07:30 GMT
server: blogger-renderd
etag: W/"f2140059be144065e2ba97c77df236e6ff4a145c3be87371f3cffe1911b1a2e9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36681
x-xss-protection: 0
expires: Wed, 23 Nov 2022 07:05:28 GMT

GET
H3 200 %D8%A7%D9%84%D8%B1%D8%A8%D8%AD Show response
t9anihtam.blogspot.com/feeds/posts/default/-/ Frame F688 40 KB
6 KB 687ms
681ms XHR
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t9anihtam.blogspot.com/feeds/posts/default/-/%D8%A7%D9%84%D8%B1%D8%A8%D8%AD?alt=json-in-script&max-results=3&callback=jQuery111004166626767547954_1669187126358&_=1669187126359

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

f22474a6aaea5fc3ef94ecf73908a622feb73c9cbc948cc68c5b89ef68d77838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://t9anihtam.blogspot.com/2017/09/blog-post.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 08:07:30 GMT
server: blogger-renderd
etag: W/"73755091e0c7cb091e96d94f2f09655644326294c9a1ca71caebfa7e8bf03b9c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5870
x-xss-protection: 0
expires: Wed, 23 Nov 2022 07:05:28 GMT

GET
H2 200 %25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A6%25D9%25A0%25D9%25A8_%25D9%25A1%25D9%25A8%25D9%25A3%25D9%25A6%25D9%25A2%25D9%25A1.jpg
lh3.googleusercontent.com/-Qdftg61tDJU/WTmPJZ-XTeI/AAAAAAAAAnI/fCR7KDC77d8Pf7Mxqehsa9_WQOaMqg7GQCHM/s1600/ Frame F688 147 KB
147 KB 215ms
212ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-Qdftg61tDJU/WTmPJZ-XTeI/AAAAAAAAAnI/fCR7KDC77d8Pf7Mxqehsa9_WQOaMqg7GQCHM/s1600/%25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A6%25D9%25A0%25D9%25A8_%25D9%25A1%25D9%25A8%25D9%25A3%25D9%25A6%25D9%25A2%25D9%25A1.jpg

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

83b23510c2367c767c8db6fc249385da036b28d27e7f0deedfa1f33b85b9777f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="_______________.jpg";filename*=UTF-8''%D9%A2%D9%A0%D9%A1%D9%A7%D9%A0%D9%A6%D9%A0%D9%A8_%D9%A1%D9%A8%D9%A3%D9%A6%D9%A2%D9%A1.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150352
x-xss-protection: 0
server: fife
etag: "v273"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 20 Nov 2022 07:50:59 GMT

GET
H3 404 grand-theft-auto-4.png
4.bp.blogspot.com/-KBkDczissH8/WCc638xyRFI/AAAAAAAAFIw/fGH4z2AJgiEDvvgTx0dCieeUK1dbr2qyACLcB/s1600/ Frame F688 832 B
850 B 244ms
157ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-KBkDczissH8/WCc638xyRFI/AAAAAAAAFIw/fGH4z2AJgiEDvvgTx0dCieeUK1dbr2qyACLcB/s1600/grand-theft-auto-4.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
x-content-type-options: nosniff
server: fife
content-type: image/png
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 832
x-xss-protection: 0

GET
H3 200 %25D9%2582%25D8%25A7%25D9%2584%25D8%25A8%2BN%2BLight%2B%25D9%2585%25D8%25B9%25D8%25B1%25D8%25A8.png
4.bp.blogspot.com/-mTYB6tzip30/VykAd5DRv0I/AAAAAAAABGQ/PGhjZJC3TQU-bP3OKotfUOdLpiNwJ89yQCLcB/s1600/ Frame F688 34 KB
34 KB 424ms
336ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-mTYB6tzip30/VykAd5DRv0I/AAAAAAAABGQ/PGhjZJC3TQU-bP3OKotfUOdLpiNwJ89yQCLcB/s1600/%25D9%2582%25D8%25A7%25D9%2584%25D8%25A8%2BN%2BLight%2B%25D9%2585%25D8%25B9%25D8%25B1%25D8%25A8.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

866348eb86585561fdb50debfa7f7bfb3935ae9fd3e0251d7075786f8eb59b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="____ N Light ____.png";filename*=UTF-8''%D9%82%D8%A7%D9%84%D8%A8%20N%20Light%20%D9%85%D8%B9%D8%B1%D8%A8.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34660
x-xss-protection: 0
server: fife
etag: "v465"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 20 Nov 2022 07:50:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F688 107 B
792 B 161ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=t9anihtam.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3779359074725155&plah=t9anihtam.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F688 107 B
549 B 145ms
51ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=t9anihtam.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3123 603 B
68 B 144ms
61ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3779359074725155&output=html&adk=1812271804&adf=3279755397&plat=1%3A66048%2C2%3A66048%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fbyturl.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&dt=1669187126387&bpp=4&bdt=267&idt=306&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=8004672677100&frm=24&ife=1&pv=2&ga_vid=1728445751.1669187127&ga_sid=1669187127&ga_hid=560315009&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=2&ish=2&ifk=2533983972&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531705%2C44770880&oid=2&pvsid=1105358199535504&tmod=300612722&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2%2C2&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=1.wxnnupfnlfha&fsb=1&dtd=343

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t9anihtam.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 07:05:26 GMT
expires: Wed, 23 Nov 2022 07:05:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 %25D8%25A3%25D8%25AF%25D8%25A7%25D8%25A9%2B%25D8%25AE%25D8%25A7%25D8%25B1%25D9%2582%25D8%25A9%2B%25D9%2584%25D8%25B1%25D8%25A8%25D8%25AD%2B%2B%25D8%25A7%25D9%2584%25D9%2585%25D8%25A7%25D9%2584%2B%2...
4.bp.blogspot.com/-C6wJXyx80Ig/XLC9XcSHhpI/AAAAAAABaEE/b5lTu6ks50Ml-TlOT1IZ32fM238avBGYgCLcBGAs/s640/ Frame F688 55 KB
55 KB 61ms
57ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-C6wJXyx80Ig/XLC9XcSHhpI/AAAAAAABaEE/b5lTu6ks50Ml-TlOT1IZ32fM238avBGYgCLcBGAs/s640/%25D8%25A3%25D8%25AF%25D8%25A7%25D8%25A9%2B%25D8%25AE%25D8%25A7%25D8%25B1%25D9%2582%25D8%25A9%2B%25D9%2584%25D8%25B1%25D8%25A8%25D8%25AD%2B%2B%25D8%25A7%25D9%2584%25D9%2585%25D8%25A7%25D9%2584%2B%25D8%25A8%25D8%25AF%25D9%2588%25D9%2586%2B%25D8%25A3%25D9%258A%2B%25D8%25AA%25D8%25AF%25D8%25AE%25D9%2584%2B%25D9%2585%25D9%2586%25D9%2583%2B%25D8%258C%2B%2B%25D8%25B1%25D8%25A8%25D8%25AD%2B%25D9%258A%25D9%2588%25D9%2585%25D9%258A%2B%25D8%25A8%25D8%25AF%25D9%2588%25D9%2586%2B%25D8%25AA%25D9%2588%25D9%2582%25D9%2581%2B%25D9%2585%25D8%25B9%2B%25D8%25A5%25D8%25AB%25D8%25A8%25D8%25A7%25D8%25AA%2B%25D8%25A7%25D9%2584%25D8%25B3%25D8%25AD%25D8%25A8.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1875f0024192f076d0163a7cd8bdeb41c8c3cb011495ad0c1d7df2c8a1c2ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v16842"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____ _____ ____ _____ ____ __ ____ ___ _ ___ ____ ____ ____ __ _____ _____.png";filename*=UTF-8''%D8%A3%D8%AF%D8%A7%D8%A9%20%D8%AE%D8%A7%D8%B1%D9%82%D8%A9%20%D9%84%D8%B1%D8%A8%D8%AD%20%20%D8%A7%D9%84%D9%85%D8%A7%D9%84%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%A3%D9%8A%20%D8%AA%D8%AF%D8%AE%D9%84%20%D9%85%D9%86%D9%83%20%D8%8C%20%20%D8%B1%D8%A8%D8%AD%20%D9%8A%D9%88%D9%85%D9%8A%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%88%D9%82%D9%81%20%D9%85%D8%B9%20%D8%A5%D8%AB%D8%A8%D8%A7%D8%AA%20%D8%A7%D9%84%D8%B3%D8%AD%D8%A8.png
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55898
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:26 GMT

GET
H2 200 2.png
2.bp.blogspot.com/-BLD8dA2o-CQ/XLC85rOzd5I/AAAAAAABaDs/dopzgcqMYrIfI-BIOt4K8KpEBnQE5pBEwCLcBGAs/s640/ Frame F688 31 KB
31 KB 638ms
633ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-BLD8dA2o-CQ/XLC85rOzd5I/AAAAAAABaDs/dopzgcqMYrIfI-BIOt4K8KpEBnQE5pBEwCLcBGAs/s640/2.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c14e2c6151f3220fee561884131c353f4f7abe39b6536c7b75835bab2cc8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31828
x-xss-protection: 0
server: fife
etag: "v1683e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Nov 2022 08:45:14 GMT

GET
H2 200 3.png
2.bp.blogspot.com/-p-YJeQiJNXw/XLC897h-EPI/AAAAAAABaDw/6jrL2C2RWkM2WEaM2_bSAmM5H6Ky44rKwCLcBGAs/s320/ Frame F688 13 KB
13 KB 407ms
401ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-p-YJeQiJNXw/XLC897h-EPI/AAAAAAABaDw/6jrL2C2RWkM2WEaM2_bSAmM5H6Ky44rKwCLcBGAs/s320/3.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e93c90a22f3ef6c543b64f92f82f8226437f4c6729606757610f3703f0617a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1683f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="3.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13015
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:27 GMT

GET
H3 200 Capture.PNG
1.bp.blogspot.com/-4Xwx4N6K2tQ/XNmpBfM2wII/AAAAAAAABVQ/0IgepFhyEmM_nQDG7tSSIwDerLQXTfnRACLcBGAs/s400/ Frame F688 37 KB
37 KB 357ms
352ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4Xwx4N6K2tQ/XNmpBfM2wII/AAAAAAAABVQ/0IgepFhyEmM_nQDG7tSSIwDerLQXTfnRACLcBGAs/s400/Capture.PNG

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5ca32e1835aa9345c4afb6ca0ee54746b309b6601584e1848d4f0f3b76361b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Capture.PNG"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37918
x-xss-protection: 0
server: fife
etag: "v555"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Nov 2022 08:45:13 GMT

GET
H3 200 Capture.PNG
4.bp.blogspot.com/-bkFLR9kwha0/XNmsbzQ8teI/AAAAAAAABVo/pgPG3IkwiAceNcXf9Ah3xrfM8yBxykCsgCLcBGAs/s320/ Frame F688 18 KB
18 KB 322ms
318ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-bkFLR9kwha0/XNmsbzQ8teI/AAAAAAAABVo/pgPG3IkwiAceNcXf9Ah3xrfM8yBxykCsgCLcBGAs/s320/Capture.PNG

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d9689c3ac23361be972695e566a3ff03cc3c58eaa151dc392572e61b666be6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v55b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Capture.PNG"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18604
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:27 GMT

GET
H3 200 2019-04-12_18-28-21.png
1.bp.blogspot.com/-Ap8LVutjWHA/XLC9Bu6Rk1I/AAAAAAABaD0/C83AXuMYINwd_u4Rl16MrMqqFQF0qXmpACLcBGAs/s640/ Frame F688 4 KB
4 KB 377ms
373ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Ap8LVutjWHA/XLC9Bu6Rk1I/AAAAAAABaD0/C83AXuMYINwd_u4Rl16MrMqqFQF0qXmpACLcBGAs/s640/2019-04-12_18-28-21.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9991e11491ae16e25d29589ae03eb150edccb2ef5afed237e8ebff9908ed3e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2019-04-12_18-28-21.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3865
x-xss-protection: 0
server: fife
etag: "v16840"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 22 Nov 2022 08:45:13 GMT

GET
H3 200 %25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A6%25D9%25A0%25D9%25A8_%25D9%25A1%25D9%25A8%25D9%25A3%25D9%25A6%25D9%25A2%25D9%25A1.jpg
lh3.googleusercontent.com/-Qdftg61tDJU/WTmPJZ-XTeI/AAAAAAAAAnI/fCR7KDC77d8Pf7Mxqehsa9_WQOaMqg7GQCHM/s640/ Frame F688 42 KB
42 KB 265ms
181ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-Qdftg61tDJU/WTmPJZ-XTeI/AAAAAAAAAnI/fCR7KDC77d8Pf7Mxqehsa9_WQOaMqg7GQCHM/s640/%25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A6%25D9%25A0%25D9%25A8_%25D9%25A1%25D9%25A8%25D9%25A3%25D9%25A6%25D9%25A2%25D9%25A1.jpg

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8f586cb8c22a53de61140a9387e91e9fa2f41271d513ac09896f15633faa2e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="_______________.jpg";filename*=UTF-8''%D9%A2%D9%A0%D9%A1%D9%A7%D9%A0%D9%A6%D9%A0%D9%A8_%D9%A1%D9%A8%D9%A3%D9%A6%D9%A2%D9%A1.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43019
x-xss-protection: 0
server: fife
etag: "v273"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 20 Nov 2022 07:50:59 GMT

GET
H3 200 7271652122194.gif
exchangeff.com/eff/uploads/ADS/ Frame 4434 12 KB
12 KB 18ms
18ms Image
image/gif 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangeff.com/eff/uploads/ADS/7271652122194.gif
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a78c58eff068f33367460b3d6d3467392e5b3668383d1ca5dc7adb778d20a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/?s=1&qc=1975
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258422
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11811
last-modified: Mon, 09 May 2022 18:49:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJXf%2FbQHO71qEHOpmNm3OQ7geI%2BHJU6WLjW8XCE6hJ0GnuCY2izam2HfiHNCUmM61NO244r6eC%2B2x4T1NjUwaGVVeV69I6%2BzfXS0XwT6iOvknNSDg8m7aaHcWGpvvf6ng%2B1s0YnYs%2B1ROXbLng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 76e80e797fc99290-FRA
expires: Sun, 27 Nov 2022 07:18:25 GMT

GET
H3 200 favicon-16x16.png
exchangeff.com/images/ Frame 4434 562 B
1 KB 24ms
24ms Image
image/png 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangeff.com/images/favicon-16x16.png
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9be5e38ac825a1a60fed997c20949df25b912edb253f4cdb9a62504a1a3c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/?s=1&qc=1975
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 562
last-modified: Sun, 30 Aug 2015 21:00:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhJzJeXbMg19Z%2FHHdSENiNl95rmTFTu%2BF0%2F5AIZaEIfceL9gspb0EyoMHoTZMoasUFPw7WkqH%2BOtGM4Bf8lHu2TCba0%2BfIPBycrzOGLYSYe9UHWmUfijWID1LQGc56RqpN5dvbnUFlVfS0%2BwGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 76e80e797fcb9290-FRA
expires: Mon, 28 Nov 2022 10:14:59 GMT

GET
H/1.1 200
OK 8.js Show response
rf.revolvermaps.com/0/0/ Frame 4434 2 KB
1 KB 26ms
7ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/0/0/8.js?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 52f3c7b61f178c5e0537cfa9131a54b2a12bf3fb612bc9f649bedb830527bd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jun 2017 10:53:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 948

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4434 49 KB
20 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6573
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 07:15:54 GMT

GET
H3 200 tad1.css
exchangeff.com/css/ Frame 7BEA 1 KB
956 B 20ms
19ms Stylesheet
text/css 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangeff.com/css/tad1.css
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 954b7602e830b153ad7df2ab118a763911bd56bec76b4c52cc388179ce606765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/?s=1&qc=1975
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577805
cf-polished: origSize=1308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 27 May 2018 01:00:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UOiMG%2BAunQKbtK7iC2OEhE%2BanBijU%2FvpW3fcaXIOpj5KNub2W8ElwcdWnbI799i5o%2FYo00aADT8kqjkaR2fxFG%2FsQmhauztw4IoigWgjlz9D%2BfhQOUa4yLEerrGZGNbkOCwUxUrK3GcgIIbrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 76e80e798ff09290-FRA
expires: Wed, 23 Nov 2022 14:35:22 GMT

GET
H3 200 favicon-16x16.png
exchangeff.com/images/ Frame 7BEA 562 B
1 KB 16ms
15ms Image
image/png 2606:4700:3034::6815:2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangeff.com/images/favicon-16x16.png
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9be5e38ac825a1a60fed997c20949df25b912edb253f4cdb9a62504a1a3c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/?s=1&qc=1975
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 562
last-modified: Sun, 30 Aug 2015 21:00:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAm6G7pwftOctzWVyhJQxVteLQMqAkKxulvv9GQGD82%2Bt8rWPZ7j%2BJwgrTYOCejV2I2yzs%2BB8zmZKejdNz7eJuNturcHW78LB6Kovs9AWhox4ZAZzoiFC6AMJ1tH5ZpTShjvV3mbuy6fa3toZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 76e80e798ff29290-FRA
expires: Mon, 28 Nov 2022 10:14:59 GMT

GET
H/1.1 200
OK 8.js Show response
rf.revolvermaps.com/0/0/ Frame 7BEA 2 KB
1 KB 23ms
7ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/0/0/8.js?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 52f3c7b61f178c5e0537cfa9131a54b2a12bf3fb612bc9f649bedb830527bd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jun 2017 10:53:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=99
Content-Length: 948

GET
H/1.1 200
OK c.php
rf.revolvermaps.com/js/ Frame 4434 43 B
290 B 11ms
9ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rf.revolvermaps.com/js/c.php?i=5umhn3sw3z5
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:27 GMT
Last-Modified: Wed, 23 Nov 2022 07:05:27 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=100
Content-Length: 43

GET
H/1.1 200
OK r.php
rf.revolvermaps.com/js/ Frame 4434 43 B
215 B 16ms
7ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rf.revolvermaps.com/js/r.php?i=5umhn3sw3z5&l=https%3A%2F%2Fexchangeff.com%2F%3Fs%3D1%26qc%3D1975&r=1669187127302
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=98
Content-Length: 43
Content-Type: image/gif

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7BEA 49 KB
20 KB 91ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6573
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 07:15:54 GMT

GET
H/1.1 200
OK c.php
rf.revolvermaps.com/js/ Frame 7BEA 43 B
289 B 9ms
7ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rf.revolvermaps.com/js/c.php?i=5umhn3sw3z5
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/8.js?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:27 GMT
Last-Modified: Wed, 23 Nov 2022 07:05:27 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 43

GET
H/1.1 200
OK r.php
rf.revolvermaps.com/js/ Frame 7BEA 43 B
215 B 15ms
8ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rf.revolvermaps.com/js/r.php?i=5umhn3sw3z5&l=https%3A%2F%2Fexchangeff.com%2F%3Fs%3D1%26qc%3D1975&r=1669187127314
Requested by: Host: exchangeff.com
URL: https://exchangeff.com/?s=1&qc=1975
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchangeff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 07:05:27 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=97
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK a2.php Show response
rf.revolvermaps.com/w/8/a/ Frame 9353 24 KB
10 KB 12ms
10ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/w/8/a/a2.php?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/8.js?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3468311467bc447a9c3a867b57c69911eae474b822af1d36a3b3a21d88b14332

Request headers

Referer: https://exchangeff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Nov 2022 07:05:27 GMT
Keep-Alive: timeout=4, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK a2.php Show response
rf.revolvermaps.com/w/8/a/ Frame 3C12 24 KB
10 KB 8ms
8ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://rf.revolvermaps.com/w/8/a/a2.php?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Requested by: Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/8.js?i=5umhn3sw3z5&m=0c&c=ff0000&cr1=ffffff&f=calibri&l=0&bv=20&cw=ffffff&cb=000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3468311467bc447a9c3a867b57c69911eae474b822af1d36a3b3a21d88b14332

Request headers

Referer: https://exchangeff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Nov 2022 07:05:27 GMT
Keep-Alive: timeout=4, max=98
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 b16-rounded.gif
img1.blogblog.com/img/ Frame F688 148 B
262 B 87ms
38ms Image
image/gif 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/b16-rounded.gif

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a18a4d2cfad8006b61b07535b28af563cb1da85adbeda9c63477aefa4ef513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:22:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Nov 2022 14:52:38 GMT
server: sffe
age: 358956
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 26 Nov 2022 03:22:51 GMT

GET
H3 200 Facebook_f_logo_2013.png
1.bp.blogspot.com/-5oKLRs6aJJc/X0bdqy5pOFI/AAAAAAAAClc/VNFlugknhEAWKFZryTzhdKxAEnO6ZovdACK4BGAYYCw/s220/ Frame F688 2 KB
2 KB 480ms
477ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5oKLRs6aJJc/X0bdqy5pOFI/AAAAAAAAClc/VNFlugknhEAWKFZryTzhdKxAEnO6ZovdACK4BGAYYCw/s220/Facebook_f_logo_2013.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bc3261265a590b68caa5b2333503ee133cbf1ab62b15a67b5eae62b57c98684d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
server: fife
etag: "va60"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Facebook_f_logo_2013.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2507
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:27 GMT

GET
H3 200 %25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A7%25D9%25A0%25D9%25A4_%25D9%25A1%25D9%25A7%25D9%25A5%25D9%25A7%25D9%25A0%25D9%25A4.jpg
lh3.googleusercontent.com/-sEs9GgPwLp8/WVvUfsHIaFI/AAAAAAAAApI/6jlK_fr6buwWim3asR7-LRAAgc_PTWJJgCHMYCw/s640/ Frame F688 53 KB
53 KB 227ms
226ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-sEs9GgPwLp8/WVvUfsHIaFI/AAAAAAAAApI/6jlK_fr6buwWim3asR7-LRAAgc_PTWJJgCHMYCw/s640/%25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A7%25D9%25A0%25D9%25A4_%25D9%25A1%25D9%25A7%25D9%25A5%25D9%25A7%25D9%25A0%25D9%25A4.jpg

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95dd8637e7f30dd37a8dd32095296e410cb1757eae368b0f2fdc67e329fb6b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="_______________.jpg";filename*=UTF-8''%D9%A2%D9%A0%D9%A1%D9%A7%D9%A0%D9%A7%D9%A0%D9%A4_%D9%A1%D9%A7%D9%A5%D9%A7%D9%A0%D9%A4.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54581
x-xss-protection: 0
server: fife
etag: "v296"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Nov 2022 05:03:48 GMT

GET
H3 200 dfgfdsq.jpg
lh3.googleusercontent.com/-wURe2qTFn4Y/WVvUgHIStYI/AAAAAAAAApM/K5NIYRSbYv0nGRMjWmxc3SQucZ2t7OrvwCHMYCw/s640/ Frame F688 17 KB
17 KB 297ms
296ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-wURe2qTFn4Y/WVvUgHIStYI/AAAAAAAAApM/K5NIYRSbYv0nGRMjWmxc3SQucZ2t7OrvwCHMYCw/s640/dfgfdsq.jpg

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ef514ca065d7a46ae381c2df82c2345c15aa003fa8d1867c400499c006368a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="dfgfdsq.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17365
x-xss-protection: 0
server: fife
etag: "v298"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Nov 2022 05:03:48 GMT

GET
H2 200 bnr.php Show response
ylx-1.com/ Frame F688 442 B
696 B 188ms
26ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ylx-1.com/bnr.php?section=General&pub=283318&format=728x90&ga=g&_=1669187127463
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: a7b7182116381ab347c93509005c97fc55f551df0f0a9bff3171e9ba779ef9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 07:05:27 GMT
last-modified: Wed, 23 Nov 2022 07:05:27 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Wed, 23 Nov 2022 07:05:27 GMT

GET
H2 200 sitetracker.php Show response
dstats.net/ Frame F688 174 B
235 B 343ms
18ms Script
text/html 185.25.184.216
MASTER-AS Czech R...

General

Check archive.org

Show headers Download Go to

Full URL: https://dstats.net/sitetracker.php?url
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.25.184.216 , Czech Republic, ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ),
Reverse DNS: vm1795.cust.netio.cz
Software: Apache /
Resource Hash: 75a1b42214dcd92b8e40f54ce70972b14f87d3cebfc86ddd1ad2b7dd6b679abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
content-encoding: gzip
server: Apache
content-length: 149
vary: Accept-Encoding
content-type: text/html

GET
H3 200 AVvXsEgLlCGP74WOAEnTrL8CmR3pc11Krn7FYHNEFbwiHjQkqKyS1MYpifbfrqWEcvX-tPlNVkVxpj-UEv4FHUNHB-8k1DOi2-TOJQSFS4Gn9RiMKn117oKlCo5V6nQ5cKtAkAhLFQK-uO_5TDkvMtr0vIDEMtvOx7Np9JjWcWlkyIWcP9CtRb_vkY-L9et-Sg=w4...
blogger.googleusercontent.com/img/a/ Frame F688 34 KB
34 KB 447ms
447ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d8a0bad909aff707d253c7da11290f88f6a89af970b369d3ede0b993b47dc804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="maxresdefault.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34362
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:27 GMT

GET
DATA 200
OK truncated
/ Frame F688 10 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 486efd4ba41b81545585086604dab000a7f127cb319f9691ba94b1b05a94ccec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/jpeg

GET

2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg
gamespot1.cbsistatic.com/uploads/screen_kubrick/mig/7/1/0/0/ Frame F688
Redirect Chain

https://static.gamespot.com/uploads/screen_kubrick/mig/7/1/0/0/2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg
https://gamespot1.cbsistatic.com/uploads/screen_kubrick/mig/7/1/0/0/2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg

0
0

GET
DATA 200
OK truncated
/ Frame F688 7 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8f65504775246c783f5bc6976302c99cea856d67a75f008d1b504a993056f98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F688 7 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7e6b4c8528075d5c2a4cb23b6335f334859b7c482c8ff29a791db2c4c2bf85c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/jpeg

GET

698332-920387_20051109_002.jpg
gamespot1.cbsistatic.com/uploads/original/gamespot/images/2005/311/reviews/ Frame F688
Redirect Chain

https://static.gamespot.com/uploads/original/gamespot/images/2005/311/reviews/698332-920387_20051109_002.jpg
https://gamespot1.cbsistatic.com/uploads/original/gamespot/images/2005/311/reviews/698332-920387_20051109_002.jpg

0
0

GET
H3 200 AVvXsEi7cexZFDVum-zorQ05SMDw5UozIMrlWaMPjqw22eOGv9X5CRAuKaJqFAyLZSiGwWk3r3dYH6hQEICEESOUTrOCcmoLhJoRkwVV4fcqngAqOYRnjVA3GojwFxfCfhfw12Vgy2amORTrpn7-Dv3mCFBWQJPCaPyIrR8deM-QtMAzzGBahpEMNEMHOpnLtw=w6...
blogger.googleusercontent.com/img/a/ Frame F688 65 KB
65 KB 589ms
588ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEi7cexZFDVum-zorQ05SMDw5UozIMrlWaMPjqw22eOGv9X5CRAuKaJqFAyLZSiGwWk3r3dYH6hQEICEESOUTrOCcmoLhJoRkwVV4fcqngAqOYRnjVA3GojwFxfCfhfw12Vgy2amORTrpn7-Dv3mCFBWQJPCaPyIrR8deM-QtMAzzGBahpEMNEMHOpnLtw=w640-h360

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2052e10b6bd04f9ac82df1e05db34c054f2dc5089af5508a8e39d16547b0c491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b6"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="soldiers-of-the-universe_80247.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66981
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:28 GMT

GET
H2 200 ab609541764615.57b3799ad488a.jpg
mir-s3-cdn-cf.behance.net/project_modules/disp/ Frame F688 88 KB
89 KB 105ms
22ms Image
image/jpg 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir-s3-cdn-cf.behance.net/project_modules/disp/ab609541764615.57b3799ad488a.jpg
Requested by: Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79a46c2d8bd7d534681c7d8bc67f156b75a93051a54c233c5e8f3634c9df9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 21:20:48 GMT
x-amz-version-id: dNEKc7X9HXkoHNh6EVocq7nYsgndM9ic
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2016 08:14:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 35080
etag: "b0f3cf42e0d458a6fa7b49230fd97728"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=2628000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 90379
x-amz-cf-id: txTrW6FNfVzSl2Y7E_zZRzWHJreWlwzypDUTAhY661zLeoemUX6sJg==

GET
H2 200 2c38fb41764615.57b3799ad513c.jpg
mir-s3-cdn-cf.behance.net/project_modules/disp/ Frame F688 109 KB
110 KB 605ms
522ms Image
image/jpg 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir-s3-cdn-cf.behance.net/project_modules/disp/2c38fb41764615.57b3799ad513c.jpg
Requested by: Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75272c0011fb1e2c938390f6645167bd90317c8a66b0474d12f1af17743bd119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:28 GMT
x-amz-version-id: YWARqFskCoOBqR8C9P6nVnK5WtydfkS0
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Dec 2016 00:50:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e4579073a94dab4f4fb9716e35f9444f"
x-cache: Miss from cloudfront
content-type: image/jpg
cache-control: max-age=2628000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 111597
x-amz-cf-id: KWraTtyzwhACWKtyzbKLu-yiA6wiLXUQ6EGZhomgCUIFabUXqmah0Q==

GET
H2 200 f93d9941764615.57b37bb68e52c.jpg
mir-s3-cdn-cf.behance.net/project_modules/disp/ Frame F688 144 KB
144 KB 294ms
211ms Image
image/jpg 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir-s3-cdn-cf.behance.net/project_modules/disp/f93d9941764615.57b37bb68e52c.jpg
Requested by: Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1303bd50d4ddce530aaac089560f072285fb1f8cb333adea03ddeec2659d80c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:28 GMT
x-amz-version-id: PXNKhmOvRL3hI98EI_p2zd8ZBpm.9UWw
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2016 16:20:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "6713f0d4e410054176c4149d02db8be5"
x-cache: Miss from cloudfront
content-type: image/jpg
x-amz-storage-class: STANDARD_IA
cache-control: max-age=2628000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 147137
x-amz-cf-id: GYJTge7xz7Dw4qTnywogNt_F3lSKvn3FBl7cSL63UOeEilmLeIHkfQ==

GET
H3 200 %25D9%2582%25D8%25A7%25D9%2584%25D8%25A8%2BN%2BLight%2B%25D9%2585%25D8%25B9%25D8%25B1%25D8%25A8.png
4.bp.blogspot.com/-mTYB6tzip30/VykAd5DRv0I/AAAAAAAABGQ/PGhjZJC3TQU-bP3OKotfUOdLpiNwJ89yQCLcB/s640/ Frame F688 22 KB
22 KB 360ms
359ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-mTYB6tzip30/VykAd5DRv0I/AAAAAAAABGQ/PGhjZJC3TQU-bP3OKotfUOdLpiNwJ89yQCLcB/s640/%25D9%2582%25D8%25A7%25D9%2584%25D8%25A8%2BN%2BLight%2B%25D9%2585%25D8%25B9%25D8%25B1%25D8%25A8.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb86b94bec63f85f7d852319cd30d04aa79b343bcf10ff138c3d43efdfcfb6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v465"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____ N Light ____.png";filename*=UTF-8''%D9%82%D8%A7%D9%84%D8%A8%20N%20Light%20%D9%85%D8%B9%D8%B1%D8%A8.png
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22262
x-xss-protection: 0
expires: Thu, 24 Nov 2022 07:05:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F688 14 KB
11 KB 156ms
74ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e9323e93994933f0e162fdb97e1f918c2dec8a447cafb5792b6f5a8855d2a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11183
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F688 17 KB
7 KB 156ms
59ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 07:05:28 GMT

GET
H3 200 original-logos_2018_Mar_60a9db2c0ba225wm.png
4.bp.blogspot.com/--rq67CIFjig/WtHf1yKFwWI/AAAAAAAABCM/rtXlFmKmrU8o_Jim9GVjAvtxZe7-yqG1wCK4BGAYYCw/s1600/ Frame F688 21 KB
21 KB 41ms
40ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--rq67CIFjig/WtHf1yKFwWI/AAAAAAAABCM/rtXlFmKmrU8o_Jim9GVjAvtxZe7-yqG1wCK4BGAYYCw/s1600/original-logos_2018_Mar_60a9db2c0ba225wm.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c306577bcabba140ab7f2842a6fdc870ac5ff83a2e4a57c0e03034acc0c2a31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="original-logos_2018_Mar_60a9db2c0ba225wm.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20996
x-xss-protection: 0
server: fife
etag: "v424"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Nov 2022 23:14:17 GMT

GET
H3 200 original-logos_2018_Mar_60a9db2c0ba225wm.png
4.bp.blogspot.com/--rq67CIFjig/WtHf1yKFwWI/AAAAAAAABCM/rtXlFmKmrU8o_Jim9GVjAvtxZe7-yqG1wCK4BGAYYCw/s1600/ Frame F688 21 KB
21 KB 40ms
40ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--rq67CIFjig/WtHf1yKFwWI/AAAAAAAABCM/rtXlFmKmrU8o_Jim9GVjAvtxZe7-yqG1wCK4BGAYYCw/s1600/original-logos_2018_Mar_60a9db2c0ba225wm.png

Requested by

Host: t9anihtam.blogspot.com
URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c306577bcabba140ab7f2842a6fdc870ac5ff83a2e4a57c0e03034acc0c2a31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:26 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="original-logos_2018_Mar_60a9db2c0ba225wm.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20996
x-xss-protection: 0
server: fife
etag: "v424"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Nov 2022 23:14:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB4E 13 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://t9anihtam.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 01:03:22 GMT
expires: Thu, 23 Nov 2023 01:03:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29A6 783 B
1 KB 138ms
49ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ef02e02d71e3c25aa60b0f1000caed3ea4f3c89fd5c7589584e85753ab2916a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YzjYEMj8dlRIHeX2em41PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t9anihtam.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YzjYEMj8dlRIHeX2em41PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 07:05:28 GMT
expires: Wed, 23 Nov 2022 07:05:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29A6 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1105358199535504&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame AB4E 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 00:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:22:18 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AB4E 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PjW5jg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:05:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F688 0
0 78ms
77ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1105358199535504&bg=!REelRwPNAAbvMpMzzzI7ACkAdvg8WjuKjW93MfMVS7_nj1r21lW6e7SIPk8VqFLRhO1mKJztWen5kAIAAABfUgAAAARoAQeZAsHzYRxJul2XOFeWs9axmDb5guodbANTCVfP7S2qDPQm9qmvWDgF_dLYowajadOzKCa09TATogggK4RIg-jKC87LJI1qqiw2exZhr7ea_kPsJTOiOSgJfPHpdF_9y-ifi5VP2WK3QUJ0Gbkppay_RAfVWcYfihzXh2KDvdl0o3u2y5CD8yj6VTX1Gl_bBtHxuTqdkSpOC_7YndzfuXBhx4CdbLNLxU2oCAcQkx1uxITsJbVlpDGkXrY05iiRrIPexXHyMiGAXFBQ3P7GxzZ26EuV8ZJCalf56jAAPGwCNf2N30NEYrPntVrzDmYd-dwW2mhTkLsfBPhejH_ez_dtusFpijyp4ddCJMN1qDrxlpHcsuijN6YNtaZTD7dXQhx1vBZjUZkXfpHv1zOdit4h5bSD_kqw0ct6jeFT6UMBiGiIg30C3Ybixc5AKt3BhKHPlJKhJPUa6zXnZqvJfc32A_MEbEb1irUm1XW0yBGWmDcY0VbY3uLrYE50GXD4Qp5w7RmT6C4i2LsIxUuq3X7xIZ2RbQfOZZGtKQ-d0fnHsZLL5eC3gtJCw77hfWjWKovu_aestH1N_auCyvGBP2_r5_g8qAGJqFPAMtZTPO7MIFQQOlDi5B_WqSD98zjGnNlEu5qpy8pL3m9HieF_ED45BV8oNcZXdb1xj3oe3_wyEbCvUYrgQy-OEJy4l6s5ipxT6vCnlg1MdvnpCd9Oi2a-HS-uXaAYhThqboxf5Wn7_mLwu5RMM9z0sRRVOXnjhhN1KOsliKDxkO8MJOgp3d1wV6ecK2RkgFsJRTScNF59kGE87pzoBMreK_q06kv_f8IQz6yGOHHlexAy4hiJCqx2fHkoBpVnwuLpoLp84iYsxDh4pDeIwfG9K0_T9gYrZXXQ5mxFlX1oC7wTB-ZRdDWYCbh26CXfcB0X_UvXbP0V9HNJK-I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t9anihtam.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d.theme20.com
URL: http://d.theme20.com/ipress/styles/icons.css

Domain: www.facebook.com
URL: http://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fkofdownload&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30

Domain: lh3.googleusercontent.com
URL: https://lh3.googleusercontent.com/-Qdftg61tDJU/WTmPJZ-XTeI/AAAAAAAAAnI/fCR7KDC77d8Pf7Mxqehsa9_WQOaMqg7GQCHM/s72-c/%25D9%25A2%25D9%25A0%25D9%25A1%25D9%25A7%25D9%25A0%25D9%25A6%25D9%25A0%25D9%25A8_%25D9%25A1%25D9%25A8%25D9%25A3%25D9%25A6%25D9%25A2%25D9%25A1.jpg

Domain: 4.bp.blogspot.com
URL: https://4.bp.blogspot.com/-KBkDczissH8/WCc638xyRFI/AAAAAAAAFIw/fGH4z2AJgiEDvvgTx0dCieeUK1dbr2qyACLcB/s72-c/grand-theft-auto-4.png

Domain: 4.bp.blogspot.com
URL: https://4.bp.blogspot.com/-mTYB6tzip30/VykAd5DRv0I/AAAAAAAABGQ/PGhjZJC3TQU-bP3OKotfUOdLpiNwJ89yQCLcB/s72-c/%25D9%2582%25D8%25A7%25D9%2584%25D8%25A8%2BN%2BLight%2B%25D9%2585%25D8%25B9%25D8%25B1%25D8%25A8.png

Domain: gamespot1.cbsistatic.com
URL: https://gamespot1.cbsistatic.com/uploads/screen_kubrick/mig/7/1/0/0/2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg

Domain: gamespot1.cbsistatic.com
URL: https://gamespot1.cbsistatic.com/uploads/original/gamespot/images/2005/311/reviews/698332-920387_20051109_002.jpg

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			byturl.blogspot.com/	1970-01-20 07:41:13	Name: faceLike Value: liked
			.doubleclick.net/	1970-01-20 07:39:48	Name: test_cookie Value: CheckForPermission

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://d.theme20.com/ipress/styles/icons.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://islami-wdbloog.blogspot.com/feeds/posts/summary?alt=json&callback=arlinadesignTicker Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoo%20%20gle.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://4.bp.blogspot.com/-KBkDczissH8/WCc638xyRFI/AAAAAAAAFIw/fGH4z2AJgiEDvvgTx0dCieeUK1dbr2qyACLcB/s1600/grand-theft-auto-4.png Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html Message: Refused to execute script from 'https://1d3050b4-a-62cb3a1a-s-sites.googlegroups.com/site/simoxooorg/Home/jquery.lazyload.mini.js?attachauth=ANoY7crFDvv3ETSLTL43lMD6AT6MA2jHT2a_DljOBTfHz3quKOCdWzhU2R4DeyMjcNt-zNUQgGzbT5Lnrf7quVhlPCl-jiP9KEtwQhA7YrJ1fPq4FxA-xaqGwurCbVBk_m3OBDPGXJxby55EKN7mmmPJP4j679nqKbP0qHkbVB1i-w7yi-oCUCTedU1zBfZvrnmN_lJ9TAAlmHgy7TMdONKeLe0FqA0cvhtvNlfHQJfn7-mRicpS6-s%3D&attredirects=0&ver=1.5.0' because its MIME type ('text/x-c') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://gamespot1.cbsistatic.com/uploads/screen_kubrick/mig/7/1/0/0/2117100-169_sniper_elite_v2_gameplay_pc_050112_warf2_4000.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://gamespot1.cbsistatic.com/uploads/original/gamespot/images/2005/311/reviews/698332-920387_20051109_002.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://ylx-1.com/bnr.php?section=General&pub=283318&format=728x90&ga=g&_=1669187127463 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ylx-1.com/bnr.php?section=General&pub=283318&format=728x90&ga=g&_=1669187127463 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	URL: https://t9anihtam.blogspot.com/2017/09/blog-post.html Message: Refused to execute script from 'https://904daaa5-a-62cb3a1a-s-sites.googlegroups.com/site/addinblogger/how-to-add-in-blogger/lazyload-min.js?attachauth=ANoY7cpCnSvY-ncDSfnkDB8zW8ahMtSMUQvV80MR_A9U2zpZ5tP8BQAixdECJM_4vj8lRSS8QYSPiu1ribCE6QMKnovlu2aJ1u-NvLuPCUnJ8S-Glpmx3ZboQpj5lcY9Oe66p711p9Yg1PJrCeLrq1CugcBIMHSiU-fzBHfkuOv_88ZOfJNQuAeR4Zr8ZpDEw30VLaXnnLIJycEaThcvX1m47QDgnAuY-JkEvP3hjU2rjEgQWhSl4yxBR1WTISw7ihHCSMSMM53w&attredirects=0' because its MIME type ('text/x-c') is not executable, and strict MIME type checking is enabled.
javascript	warning	URL: https://dstats.net/sitetracker.php?url Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://dstats.net/sitetracker.php?url Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://dstats.net/sitetracker.php?url Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
1d3050b4-a-62cb3a1a-s-sites.googlegroups.com
2.bp.blogspot.com
4.bp.blogspot.com
904daaa5-a-62cb3a1a-s-sites.googlegroups.com
ad.a-ads.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
blogger.googleusercontent.com
byturl.blogspot.com
d.theme20.com
dstats.net
e.top4top.io
e.top4top.net
exchangeff.com
fonts.googleapis.com
fonts.gstatic.com
gamespot1.cbsistatic.com
googleads.g.doubleclick.net
img1.blogblog.com
islami-wdbloog.blogspot.com
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
mir-s3-cdn-cf.behance.net
pagead2.googlesyndication.com
resources.blogblog.com
rf.revolvermaps.com
sites.google.com
static.a-ads.com
t9anihtam.blogspot.com
tpc.googlesyndication.com
use.fontawesome.com
www.bestchange.com
www.blogger.com
www.facebook.com
www.fontstatic.com
www.google-analytics.com
www.google.com
ylx-1.com
4.bp.blogspot.com
d.theme20.com
gamespot1.cbsistatic.com
lh3.googleusercontent.com
www.facebook.com
143.204.215.123
148.251.152.47
185.25.184.216
185.66.200.221
2606:4700:3030::ac43:9391
2606:4700:3034::6815:2ca
2606:4700:3035::6815:1ccc
2606:4700::6812:acf
2606:4700:e2::ac40:850f
2a00:1450:4001:803::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2009
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::89
2a00:1450:4013:c04::89
2a00:f820:425::3
2a03:2880:f12d:83:face:b00c:0:25de
51.159.67.109
54.37.161.241
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
043ce40ee812668193673662d2302ca02eb558bb415abc73da6f9b20b7b0fcec
056d3682e6aa1d7d44e470f29dba8b86cf95dc09bfab9a14421df793dc01fd5a
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06ea0e0c403bfaf99f86e67d9a42fd98d1ab19e0ff9e36de16743445f4e4c587
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0be5a483025a27538365b42dfc8c18a89722aed7461f9b24c89fc6dc9fc7868c
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1303bd50d4ddce530aaac089560f072285fb1f8cb333adea03ddeec2659d80c9
1875f0024192f076d0163a7cd8bdeb41c8c3cb011495ad0c1d7df2c8a1c2ba8d
2052e10b6bd04f9ac82df1e05db34c054f2dc5089af5508a8e39d16547b0c491
22c77bf92671d988032fdb6effc5369e7c1a8cd16511f8287c9db7ffd7c9793c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2baf0db4101196df611d843d4741b65c2ebde9d4d458196ab9fb71039d8ccec7
2ef514ca065d7a46ae381c2df82c2345c15aa003fa8d1867c400499c006368a4
3468311467bc447a9c3a867b57c69911eae474b822af1d36a3b3a21d88b14332
3773d654bcc8a27cb4d3ae689e13978cac23b0c20649496acf4a2de375011696
38b004b86a1bd646c642db0d0c3daeee43cd6e5ab770e6d3093503be9d0cfa10
3c9ecfdea408321a7f5dcad4dfd4df6affcd077826566568cdd78a8a673cde15
3f9be5e38ac825a1a60fed997c20949df25b912edb253f4cdb9a62504a1a3c4e
46361ca4c11e9b0d40374a72e3c4645c9ff04aa1835281510126fda2703a297a
486efd4ba41b81545585086604dab000a7f127cb319f9691ba94b1b05a94ccec
52f3c7b61f178c5e0537cfa9131a54b2a12bf3fb612bc9f649bedb830527bd2d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a6db79bbaaa46e1cff1f4c0333fff49bec0c71ad8b671db49dc832098e79c37
5ad3e0105b8d04570efdd065e47840bec11fb9c507ffab530b3483f667e9d921
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5ca32e1835aa9345c4afb6ca0ee54746b309b6601584e1848d4f0f3b76361b32
5e9323e93994933f0e162fdb97e1f918c2dec8a447cafb5792b6f5a8855d2a54
5f63d59683943b1d9a633099157044efa79a7070dc19d869eff389926d9dc1ac
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6673ba3b39064adc8eb0d26b0bac45fb6b92d1a794f7bcebb62a323dd094d500
66e9eed1320aa339b4e08b1018d6e302da6b83056f1bdf1f49ce4078f9b0a1ff
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6ef02e02d71e3c25aa60b0f1000caed3ea4f3c89fd5c7589584e85753ab2916a
7128c3dd35bd13376ad01db6d1c538815e90aa93bbe9887edb129e1c31a8cd5d
75272c0011fb1e2c938390f6645167bd90317c8a66b0474d12f1af17743bd119
75a1b42214dcd92b8e40f54ce70972b14f87d3cebfc86ddd1ad2b7dd6b679abf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83b23510c2367c767c8db6fc249385da036b28d27e7f0deedfa1f33b85b9777f
866348eb86585561fdb50debfa7f7bfb3935ae9fd3e0251d7075786f8eb59b9c
8f586cb8c22a53de61140a9387e91e9fa2f41271d513ac09896f15633faa2e4d
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
954b7602e830b153ad7df2ab118a763911bd56bec76b4c52cc388179ce606765
95dd8637e7f30dd37a8dd32095296e410cb1757eae368b0f2fdc67e329fb6b03
9991e11491ae16e25d29589ae03eb150edccb2ef5afed237e8ebff9908ed3e5d
9c14e2c6151f3220fee561884131c353f4f7abe39b6536c7b75835bab2cc8fe9
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2b88ecc56f70a23aeb4b213df8f9b407ace05018a418696eab88cbc130e86a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6af41fcab39958bcb2fc249505be0c35139d1727abcc0e3dad8a7a6cf82d703
a7b7182116381ab347c93509005c97fc55f551df0f0a9bff3171e9ba779ef9a8
a7e6b4c8528075d5c2a4cb23b6335f334859b7c482c8ff29a791db2c4c2bf85c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a18a4d2cfad8006b61b07535b28af563cb1da85adbeda9c63477aefa4ef513
b8a06b0c6aa30b326763d312cb07fdff3761ebabbf2909ef359b6a4d6247dfa4
bc3261265a590b68caa5b2333503ee133cbf1ab62b15a67b5eae62b57c98684d
c306577bcabba140ab7f2842a6fdc870ac5ff83a2e4a57c0e03034acc0c2a31f
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c8f65504775246c783f5bc6976302c99cea856d67a75f008d1b504a993056f98
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
caf4221c555153caa0e2a18638f93dc726510dc2c67a2952886724d213ad86bf
ccacd7eb2776fe58094f314feae727e825f42137fbb173f1bd308e1ff9a8d289
cd156339c565592de28aaf73cf89108f6c2d6053cdfb5f705b4ceed3486841d2
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d8a0bad909aff707d253c7da11290f88f6a89af970b369d3ede0b993b47dc804
d9689c3ac23361be972695e566a3ff03cc3c58eaa151dc392572e61b666be6ae
e16225e419c311862b7c7deabb1f85dfc4eb828f189b1aba394c73f2ada5e537
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65c71005678ba9546f9a4a92d60133983c7715664991e62a0d0ea6ddd336d3d
e6ae36ab9209a864fd26a28d206099ce62d007df81a5d38459b472049fc491ee
e79a46c2d8bd7d534681c7d8bc67f156b75a93051a54c233c5e8f3634c9df9a3
e93c90a22f3ef6c543b64f92f82f8226437f4c6729606757610f3703f0617a21
f1a78c58eff068f33367460b3d6d3467392e5b3668383d1ca5dc7adb778d20a9
f22474a6aaea5fc3ef94ecf73908a622feb73c9cbc948cc68c5b89ef68d77838
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
fb86b94bec63f85f7d852319cd30d04aa79b343bcf10ff138c3d43efdfcfb6c5
fe4ddee04af7a45f3f8fe4fdd696033910deabfce858bd690ad220ac1a3fa9dd

byturl.blogspot.com Open in urlscan Pro 2a00:1450:4001:80f::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

85 %HTTPS

79 %IPv6

27 Domains

40 Subdomains

28 IPs

7 Countries

3094 kBTransfer

4367 kBSize

2 Cookies

47 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

byturl.blogspot.com Open in urlscan Pro
2a00:1450:4001:80f::2001 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

85 %
HTTPS

79 %
IPv6

27
Domains

40
Subdomains

28
IPs

7
Countries

3094 kB
Transfer

4367 kB
Size

2
Cookies

111 HTTP transactions
4 data transactions