cinova-b0b24e.ingress-daribow.ewp.live Open in urlscan Pro
63.250.43.14  Public Scan

Submitted URL: https://esqueentertainment.com/zmladzbu/blantrey.html
Effective URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Submission: On June 09 via manual from AU — Scanned from FR

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 39 HTTP transactions. The main IP is 63.250.43.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is cinova-b0b24e.ingress-daribow.ewp.live.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2022. Valid for: a year.
This is the only time cinova-b0b24e.ingress-daribow.ewp.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
5 myaccount3.westnet.com.au cinova-b0b24e.ingress-daribow.ewp.live
myaccount3.westnet.com.au
5 apis.google.com togirunse.blogspot.com
apis.google.com
draft.blogger.com
4 cinova-b0b24e.ingress-daribow.ewp.live cinova-b0b24e.ingress-daribow.ewp.live
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cinova-b0b24e.ingress-daribow.ewp.live
2 cdn.jsdelivr.net cinova-b0b24e.ingress-daribow.ewp.live
2 resources.blogblog.com draft.blogger.com
2 togirunse.blogspot.com togirunse.blogspot.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 connect.facebook.net esqueentertainment.com
connect.facebook.net
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com cinova-b0b24e.ingress-daribow.ewp.live
1 www.iinet.net.au cinova-b0b24e.ingress-daribow.ewp.live
1 code.jquery.com cinova-b0b24e.ingress-daribow.ewp.live
1 draft.blogger.com apis.google.com
1 www.blogger.com togirunse.blogspot.com
1 esqueentertainment.com
0 www.google.fr Failed cinova-b0b24e.ingress-daribow.ewp.live
0 www.google.com Failed cinova-b0b24e.ingress-daribow.ewp.live
0 stats.g.doubleclick.net Failed www.google-analytics.com
39 19

This site contains no links.

Subject Issuer Validity Valid
esqueentertainment.com
R3
2022-04-14 -
2022-07-13
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.blogger.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
*.ingress-daribow.ewp.live
Sectigo RSA Domain Validation Secure Server CA
2022-05-24 -
2023-05-24
a year crt.sh
*.westnet.com.au
Entrust Certification Authority - L1K
2022-05-13 -
2023-05-12
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-19 -
2022-06-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh

This page contains 2 frames:

Primary Page: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Frame ID: 51E537A6E407CEC6E9BC240039916FF4
Requests: 34 HTTP requests in this frame

Frame: https://draft.blogger.com/navbar.g?targetBlogID=3504333628523891657&blogName=togigakrunsea&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://togirunse.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://togirunse.blogspot.com/&vt=590806494031177163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.PkB2fDphQao.O%2Fd%3D1%2Frs%3DAHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA%2Fm%3D__features__
Frame ID: 35CDBCB957242A443D783F4D4D68B4FE
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://esqueentertainment.com/zmladzbu/blantrey.html Page URL
  2. https://togirunse.blogspot.com/ Page URL
  3. https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

82 %
HTTPS

71 %
IPv6

16
Domains

19
Subdomains

15
IPs

4
Countries

429 kB
Transfer

1318 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://esqueentertainment.com/zmladzbu/blantrey.html Page URL
  2. https://togirunse.blogspot.com/ Page URL
  3. https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
blantrey.html
esqueentertainment.com/zmladzbu/
93 B
343 B
Document
General
Full URL
https://esqueentertainment.com/zmladzbu/blantrey.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.182.175.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3819423.ip-217-182-175.eu
Software
/
Resource Hash
feefe94e3d05022bc65f6a7f60cecb417c7013dc0447f6994f786c401aff43cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
max-age=3600, must-revalidate
content-length
93
content-type
text/html
date
Thu, 09 Jun 2022 23:22:56 GMT
last-modified
Tue, 07 Jun 2022 21:43:04 GMT
/
togirunse.blogspot.com/
3 KB
2 KB
Document
General
Full URL
https://togirunse.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98ff37c6772bedcb8c30f0990b6fe7ae6a4e57342ded4af42ad7a8327a50122b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://esqueentertainment.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
1582
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 23:22:57 GMT
etag
W/"21318b3ea47c4c7c6d40558302b8887a14c5a06d8206eb4f1e88ab787755d290"
expires
Thu, 09 Jun 2022 23:22:57 GMT
last-modified
Thu, 09 Jun 2022 12:47:25 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3334278262-classic.css
www.blogger.com/static/v1/v-css/navbar/
871 B
1 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/v-css/navbar/3334278262-classic.css
Requested by
Host: togirunse.blogspot.com
URL: https://togirunse.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://togirunse.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 20:00:19 GMT
x-content-type-options
nosniff
age
271358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
871
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 06:51:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 06 Jun 2023 20:00:19 GMT
plusone.js
apis.google.com/js/
52 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: togirunse.blogspot.com
URL: https://togirunse.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebbe87506639870f6489e65077b4991ebf0d38daa41e3efe58626c36e02f33d2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://togirunse.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20317
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 09 Jun 2022 23:22:57 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"387ed0c93ce3ecc7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 23:22:57 GMT
cookienotice.js
togirunse.blogspot.com/js/
6 KB
2 KB
Script
General
Full URL
https://togirunse.blogspot.com/js/cookienotice.js
Requested by
Host: togirunse.blogspot.com
URL: https://togirunse.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://togirunse.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 21:10:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 16 Jun 2022 23:22:57 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/
149 KB
51 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9622f2b6466b555d9c5b789702155e39ef25710ed29d738308d865c7819c233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://togirunse.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 19:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52088
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 15:21:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 19:56:27 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/
52 KB
16 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aa44deed79712562241c1b55e1dfd5083de7caec70755cad4aa29da9355a432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://togirunse.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 19:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16781
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 15:21:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 19:58:17 GMT
navbar.g
draft.blogger.com/ Frame 35CD
7 KB
3 KB
Document
General
Full URL
https://draft.blogger.com/navbar.g?targetBlogID=3504333628523891657&blogName=togigakrunsea&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://togirunse.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://togirunse.blogspot.com/&vt=590806494031177163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.PkB2fDphQao.O%2Fd%3D1%2Frs%3DAHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6062c332e822eea1d58d1299f310b91cfc3cf42a5aeb2085939f1d768588d41b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://togirunse.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2610
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 23:22:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 35CD
52 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: draft.blogger.com
URL: https://draft.blogger.com/navbar.g?targetBlogID=3504333628523891657&blogName=togigakrunsea&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://togirunse.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://togirunse.blogspot.com/&vt=590806494031177163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.PkB2fDphQao.O%2Fd%3D1%2Frs%3DAHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
000b03cce6c68947d876a8acfe22d8e6b994e1a05e04bb1dc849bd987735b3ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://draft.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20326
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Thu, 09 Jun 2022 23:22:58 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"81ea6d0cb99d7242"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 23:22:58 GMT
icons_orange.png
resources.blogblog.com/img/navbar/ Frame 35CD
915 B
1 KB
Image
General
Full URL
https://resources.blogblog.com/img/navbar/icons_orange.png
Requested by
Host: draft.blogger.com
URL: https://draft.blogger.com/navbar.g?targetBlogID=3504333628523891657&blogName=togigakrunsea&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://togirunse.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://togirunse.blogspot.com/&vt=590806494031177163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.PkB2fDphQao.O%2Fd%3D1%2Frs%3DAHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://draft.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 12:15:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 05 Jun 2022 05:49:28 GMT
server
sffe
age
385619
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
915
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 12 Jun 2022 12:15:59 GMT
arrows-blue.png
resources.blogblog.com/img/navbar/ Frame 35CD
104 B
217 B
Image
General
Full URL
https://resources.blogblog.com/img/navbar/arrows-blue.png
Requested by
Host: draft.blogger.com
URL: https://draft.blogger.com/navbar.g?targetBlogID=3504333628523891657&blogName=togigakrunsea&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://togirunse.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://togirunse.blogspot.com/&vt=590806494031177163&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fr.PkB2fDphQao.O%2Fd%3D1%2Frs%3DAHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://draft.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 21:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 05 Jun 2022 11:01:53 GMT
server
sffe
age
353211
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 12 Jun 2022 21:16:07 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/ Frame 35CD
128 KB
42 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.PkB2fDphQao.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo82l81rOFeb8_zRFeKk5LsG-fVtdA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7cca1bfde7b7958eea6ab5704bca8e48a5a8aba89c1cf9562233c8c2d096da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://draft.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 19:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42876
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 15:21:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 19:58:18 GMT
Primary Request login.php
cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/
9 KB
3 KB
Document
General
Full URL
https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-daribow.easywp.com
Software
nginx /
Resource Hash
694471a3ab3e05f7fe40bb6da3f429ebefb20c1ac97474f39c7bdfc78058bb9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://togirunse.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 09 Jun 2022 23:22:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Common
myaccount3.westnet.com.au/Content/Css/
42 KB
11 KB
Stylesheet
General
Full URL
https://myaccount3.westnet.com.au/Content/Css/Common?v=bo8jbfi0Mc6hKEAnFX6mHZMLlyh17TAWVRhGlSkr96o1
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.0.178.37 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ced52ea83eb2da3475f589b2522632599d9331e0720b8de9adfdb0f2b789299
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Encoding
gzip
X-Build-ID
3.12.874
Last-Modified
Thu, 09 Jun 2022 23:23:02 GMT
X-Frame-Options
DENY
Date
Thu, 09 Jun 2022 23:23:02 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
public
Content-Security-Policy
frame-ancestors 'none';
Content-Length
10778
X-Content-Type-Options
nosniff
Expires
Fri, 09 Jun 2023 23:23:02 GMT
westnet
myaccount3.westnet.com.au/Content/Css/
149 KB
38 KB
Stylesheet
General
Full URL
https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.0.178.37 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
66b3c5161e204b54ac4d31a9ad1dadf5db3bc24b535b1c4e520dd332c3f769c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Encoding
gzip
X-Build-ID
3.12.874
Last-Modified
Thu, 09 Jun 2022 23:23:02 GMT
X-Frame-Options
DENY
Date
Thu, 09 Jun 2022 23:23:02 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
public
Content-Security-Policy
frame-ancestors 'none';
Content-Length
38787
X-Content-Type-Options
nosniff
Expires
Fri, 09 Jun 2023 23:23:02 GMT
modernizr
cinova-b0b24e.ingress-daribow.ewp.live/bundles/
0
0
Script
General
Full URL
https://cinova-b0b24e.ingress-daribow.ewp.live/bundles/modernizr?v=jmdBhqkI3eMaPZJduAyIYBj7MpXrGd2ZqmHAOSNeYcg1
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-daribow.easywp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:59 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=15768000
link
<https://cinova-b0b24e.ingress-daribow.ewp.live/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery-1.11.1.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:59 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1762a"
vary
Accept-Encoding
x-hw
1654816979.dop043.pa1.t,1654816979.cds248.pa1.hn,1654816979.cds039.pa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
jquery.validate.min.js
cdn.jsdelivr.net/jquery.validation/1.16.0/
23 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/jquery.validation/1.16.0/jquery.validate.min.js
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6962467
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19141-FRA, cache-cdg20749-CDG
timing-allow-origin
*
server
cloudflare
etag
W/"5a1e-IUhhlLqiLrEVX+mL969jFOd3PMc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8G7m%2Ft3svfBc7pVt9R9lIl7bqbw%2FpwNELxDU0s3omxpF2cExVCaQsQpF46w%2Bnn76Pvizyi8K2Fj%2BrbSQPKHi%2B%2FJ2wE9JvsDW3Py2y17ibebJnFPtOrXRk3tOrku91e99W0U02gVORskQ0UDANM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
718d9cc94bbfa2f1-CDG
additional-methods.min.js
cdn.jsdelivr.net/jquery.validation/1.16.0/
17 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/jquery.validation/1.16.0/additional-methods.min.js
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6962474
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-cdg20752-CDG
timing-allow-origin
*
server
cloudflare
etag
W/"4587-uIBUYLV1S+ixaiI99zfZV32kwYI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi%2F04Qogx4DwVhjs4YWiKyAwZPuhKExjDFHMCzmcNDAwP8LMioJVVUb1sT8TdJiTw01tTuUTmBPMJY4bTO7z5j2tywamw5o8TSX71MHkGrVm15LKjoUHYjkewo%2BMz%2BAFr6X2Kwoz9YzHLLl9ZmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
718d9cc94bc1a2f1-CDG
footer-scripts
cinova-b0b24e.ingress-daribow.ewp.live/bundles/
0
0
Script
General
Full URL
https://cinova-b0b24e.ingress-daribow.ewp.live/bundles/footer-scripts?v=-rfgjfrchiBDOxmRs1nSVKU00Dty_MxXFVrd_OOlXZ41
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-daribow.easywp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:59 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=15768000
link
<https://cinova-b0b24e.ingress-daribow.ewp.live/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
iinet
cinova-b0b24e.ingress-daribow.ewp.live/bundles/
0
0
Script
General
Full URL
https://cinova-b0b24e.ingress-daribow.ewp.live/bundles/iinet?v=OsxAUqisYGvcfBnPl2t-G1IML3bAtFMdy8BgmThVG_Y1
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-daribow.easywp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:22:59 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=15768000
link
<https://cinova-b0b24e.ingress-daribow.ewp.live/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
script
www.iinet.net.au/_library/banners/toolbox-homepage/
35 B
372 B
Script
General
Full URL
https://www.iinet.net.au/_library/banners/toolbox-homepage/script
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
fa5b0becec47163745359e666a1a61a80b3c74407a0107d38a822d9494b6be52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:23:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/javascript
access-control-allow-origin
*
x-cnection
close
cf-ray
718d9cd049e340db-CDG
content-length
35
gtm.js
www.googletagmanager.com/
309 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-FH77
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
268e24b629c8acb7d520cfa265465fb10762036593478896df07f70b8e437ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:23:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91142
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 22:15:31 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Jun 2022 23:23:03 GMT
logo.svg
myaccount3.westnet.com.au/Content/images/brand-westnet/
11 KB
12 KB
Image
General
Full URL
https://myaccount3.westnet.com.au/Content/images/brand-westnet/logo.svg
Requested by
Host: myaccount3.westnet.com.au
URL: https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.0.178.37 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b4afd883c0b5a12197c1beda18e201c19ffc7a23029f37967a6b0514d61ee6fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jun 2022 00:33:02 GMT
Server
Microsoft-IIS/10.0
ETag
"073cafa3c79d81:0"
X-Frame-Options
DENY
Content-Type
image/svg+xml
X-Build-ID
3.12.874
Date
Thu, 09 Jun 2022 23:23:03 GMT
Content-Security-Policy
frame-ancestors 'none';
Accept-Ranges
bytes
Content-Length
11719
X-XSS-Protection
1; mode=block
sprite-48.png
myaccount3.westnet.com.au/Content/images/brand-westnet/
18 KB
0
Image
General
Full URL
https://myaccount3.westnet.com.au/Content/images/brand-westnet/sprite-48.png
Requested by
Host: myaccount3.westnet.com.au
URL: https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.0.178.37 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jun 2022 00:33:02 GMT
Server
Microsoft-IIS/10.0
ETag
"073cafa3c79d81:0"
X-Frame-Options
DENY
Content-Type
image/png
X-Build-ID
3.12.874
Date
Thu, 09 Jun 2022 23:23:03 GMT
Content-Security-Policy
frame-ancestors 'none';
Accept-Ranges
bytes
Content-Length
68705
X-XSS-Protection
1; mode=block
loading-sml.gif
myaccount3.westnet.com.au/Content/images/
3 KB
3 KB
Image
General
Full URL
https://myaccount3.westnet.com.au/Content/images/loading-sml.gif
Requested by
Host: myaccount3.westnet.com.au
URL: https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.0.178.37 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ae544f1895b0e1b9b1c2df25370e10680a98d9e030fde782aa6efc10da8bfd56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://myaccount3.westnet.com.au/Content/Css/westnet?v=uhwia6nTV_tGDqvA4DRfRfGnZ24h4HY_BK3abEYzEeQ1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jun 2022 00:33:00 GMT
Server
Microsoft-IIS/10.0
ETag
"04699f93c79d81:0"
X-Frame-Options
DENY
Content-Type
image/gif
X-Build-ID
3.12.874
Date
Thu, 09 Jun 2022 23:23:03 GMT
Content-Security-Policy
frame-ancestors 'none';
Accept-Ranges
bytes
Content-Length
2975
X-XSS-Protection
1; mode=block
login.png
myaccount3.westnet.com.au/Content/images/tool-watermarks/
0
0

277A0F_0_0.woff
myaccount3.westnet.com.au/Content/fonts/andes/
0
0

login-icons.gif
myaccount3.westnet.com.au/Content/images/brand-westnet/
0
0

conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-FH77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15069
x-xss-protection
0
server
cafe
etag
11223643544955582496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Jun 2022 23:23:03 GMT
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: esqueentertainment.com
URL: https://esqueentertainment.com/zmladzbu/blantrey.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
vNHWWIvM4DFqNFtBCYgTU8q9WRb+q99aVh3Avoe7Pmsy6f8KY3n4D3iRuKraQOlrvJX84V0vn9+DlWmkDpRQjA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 09 Jun 2022 23:23:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-FH77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6497
date
Thu, 09 Jun 2022 21:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 09 Jun 2022 23:34:46 GMT
335827996594231
connect.facebook.net/signals/config/
0
0

linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 Jun 2022 00:11:01 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058840756/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058840756/?random=1654816983295&cv=9&fst=1654816983295&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcinova-b0b24e.ingress-daribow.ewp.live%2FAU%2Fwestnet-2m%2FWestnet%2Ftoolbox2%2Ftoolbox2%2Ftoolbox%2Flogin.php&ref=https%3A%2F%2Ftogirunse.blogspot.com%2F&tiba=Login%20-%20Westnet%20MyAccount&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f5035d11f91808af23e3d0f24a65f204eb6df0b9f9cc18368e9e481d2672a291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 23:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1091
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
0
0

collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1099405083&t=pageview&_s=1&dl=https%3A%2F%2Fcinova-b0b24e.ingress-daribow.ewp.live%2FAU%2Fwestnet-2m%2FWestnet%2Ftoolbox2%2Ftoolbox2%2Ftoolbox%2Flogin.php&dr=https%3A%2F%2Ftogirunse.blogspot.com%2F&ul=en-us&de=UTF-8&dt=Login%20-%20Westnet%20MyAccount&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=1732423541&gjid=1549132458&cid=2015233241.1654816983&tid=UA-100745-1&_gid=873629109.1654816983&gtm=2wg680FH77&cd5=&cd6=no%20action&cd8=Intent&cd10=New&cd12=&z=1720708876
Requested by
Host: cinova-b0b24e.ingress-daribow.ewp.live
URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://cinova-b0b24e.ingress-daribow.ewp.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jun 2022 08:29:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53592
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1058840756/
0
0

/
www.google.fr/pagead/1p-user-list/1058840756/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
myaccount3.westnet.com.au
URL
https://myaccount3.westnet.com.au/Content/images/tool-watermarks/login.png
Domain
myaccount3.westnet.com.au
URL
https://myaccount3.westnet.com.au/Content/fonts/andes/277A0F_0_0.woff
Domain
myaccount3.westnet.com.au
URL
https://myaccount3.westnet.com.au/Content/images/brand-westnet/login-icons.gif
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/335827996594231?v=2.9.62&r=stable
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100745-1&cid=2015233241.1654816983&jid=1732423541&gjid=1549132458&_gid=873629109.1654816983&_u=aGBAgAAjAAAAAE~&z=341290334
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/1058840756/?random=1654816983295&cv=9&fst=1654815600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Fcinova-b0b24e.ingress-daribow.ewp.live%2FAU%2Fwestnet-2m%2FWestnet%2Ftoolbox2%2Ftoolbox2%2Ftoolbox%2Flogin.php&ref=https%3A%2F%2Ftogirunse.blogspot.com%2F&tiba=Login%20-%20Westnet%20MyAccount&async=1&fmt=3&is_vtc=1&random=2824631873&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Domain
www.google.fr
URL
https://www.google.fr/pagead/1p-user-list/1058840756/?random=1654816983295&cv=9&fst=1654815600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Fcinova-b0b24e.ingress-daribow.ewp.live%2FAU%2Fwestnet-2m%2FWestnet%2Ftoolbox2%2Ftoolbox2%2Ftoolbox%2Flogin.php&ref=https%3A%2F%2Ftogirunse.blogspot.com%2F&tiba=Login%20-%20Westnet%20MyAccount&async=1&fmt=3&is_vtc=1&random=2824631873&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

0 Cookies

4 Console Messages

Source Level URL
Text
rendering warning URL: https://cinova-b0b24e.ingress-daribow.ewp.live/AU/westnet-2m/Westnet/toolbox2/toolbox2/toolbox/login.php(Line 16)
Message:
The key "scale" is not recognized and ignored.
network error URL: https://cinova-b0b24e.ingress-daribow.ewp.live/bundles/modernizr?v=jmdBhqkI3eMaPZJduAyIYBj7MpXrGd2ZqmHAOSNeYcg1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cinova-b0b24e.ingress-daribow.ewp.live/bundles/iinet?v=OsxAUqisYGvcfBnPl2t-G1IML3bAtFMdy8BgmThVG_Y1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cinova-b0b24e.ingress-daribow.ewp.live/bundles/footer-scripts?v=-rfgjfrchiBDOxmRs1nSVKU00Dty_MxXFVrd_OOlXZ41
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cdn.jsdelivr.net
cinova-b0b24e.ingress-daribow.ewp.live
code.jquery.com
connect.facebook.net
draft.blogger.com
esqueentertainment.com
googleads.g.doubleclick.net
myaccount3.westnet.com.au
resources.blogblog.com
stats.g.doubleclick.net
togirunse.blogspot.com
www.blogger.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.iinet.net.au
connect.facebook.net
myaccount3.westnet.com.au
stats.g.doubleclick.net
www.google.com
www.google.fr
142.250.181.226
2001:4de0:ac18::1:a:1a
203.0.178.37
217.182.175.206
2606:4700::6810:5514
2606:4700::6812:bf3
2a00:1450:4001:800::2009
2a00:1450:4001:802::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a03:2880:f02d:100:face:b00c:0:3
63.250.43.14
000b03cce6c68947d876a8acfe22d8e6b994e1a05e04bb1dc849bd987735b3ae
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
268e24b629c8acb7d520cfa265465fb10762036593478896df07f70b8e437ed6
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
4aa44deed79712562241c1b55e1dfd5083de7caec70755cad4aa29da9355a432
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6062c332e822eea1d58d1299f310b91cfc3cf42a5aeb2085939f1d768588d41b
66b3c5161e204b54ac4d31a9ad1dadf5db3bc24b535b1c4e520dd332c3f769c0
694471a3ab3e05f7fe40bb6da3f429ebefb20c1ac97474f39c7bdfc78058bb9b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8
8f7cca1bfde7b7958eea6ab5704bca8e48a5a8aba89c1cf9562233c8c2d096da
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98ff37c6772bedcb8c30f0990b6fe7ae6a4e57342ded4af42ad7a8327a50122b
9ced52ea83eb2da3475f589b2522632599d9331e0720b8de9adfdb0f2b789299
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5
ae544f1895b0e1b9b1c2df25370e10680a98d9e030fde782aa6efc10da8bfd56
b4afd883c0b5a12197c1beda18e201c19ffc7a23029f37967a6b0514d61ee6fd
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
e9622f2b6466b555d9c5b789702155e39ef25710ed29d738308d865c7819c233
ebbe87506639870f6489e65077b4991ebf0d38daa41e3efe58626c36e02f33d2
f5035d11f91808af23e3d0f24a65f204eb6df0b9f9cc18368e9e481d2672a291
fa5b0becec47163745359e666a1a61a80b3c74407a0107d38a822d9494b6be52
feefe94e3d05022bc65f6a7f60cecb417c7013dc0447f6994f786c401aff43cd