bloggingdirty.com Open in urlscan Pro
2a02:26f0:ef::5c7b:c27a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bloggingdirty.com/safeview-redirect/tc_frame.html
Effective URL:
https://bloggingdirty.com/safeview-redirect/tc_frame.html
Submission: On March 15 via manual (March 15th 2022, 11:17:04 am UTC) from SG — Scanned from DE

Summary HTTP 101 Redirects Links 75 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 30 domains to perform 101 HTTP transactions. The main IP is 2a02:26f0:ef::5c7b:c27a, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is bloggingdirty.com.
TLS certificate: Issued by R3 on February 11th 2022. Valid for: 3 months.

This is the only time bloggingdirty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c27a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:450	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
19	2a02:26f0:170... 2a02:26f0:1700:14::b856:fb44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2.16.186.17 2.16.186.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.156.253.114 108.156.253.114	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.66.248.124 18.66.248.124	16509 (AMAZON-02) (AMAZON-02)
4	108.156.255.177 108.156.255.177	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:231... 2600:9000:2315:9c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400e:801::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 3	108.157.4.121 108.157.4.121	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	35.190.48.184 35.190.48.184	15169 (GOOGLE) (GOOGLE)
1	96.16.142.89 96.16.142.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700:20:... 2606:4700:20::681a:c5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.101.27.12 95.101.27.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223f:4a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218f:1200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	34.120.117.212 34.120.117.212	15169 (GOOGLE) (GOOGLE)
1	3.121.92.52 3.121.92.52	16509 (AMAZON-02) (AMAZON-02)
2	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:d200:1b:3a6c:1300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:9a00:1:4290:76c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.89.31.187 104.89.31.187	16625 (AKAMAI-AS) (AKAMAI-AS)
101	40

6 2a02:26f0:ef::5c7b:c27a (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

bloggingdirty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:450 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.wazimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:1700:14::b856:fb44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com

images2.minutemediacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.253.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-253-114.dus51.r.cloudfront.net

d3ujids68p6xmq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-124.dus51.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2315:9c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:801::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.121 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.48.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.48.190.35.bc.googleusercontent.com

gammamaximum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.142.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-142-89.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:c5f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.27.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-12.deploy.static.akamaitechnologies.com

cdn.mmctsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218f:1200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.92.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

memorizeneck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:d200:1b:3a6c:1300:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.fansided.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:9a00:1:4290:76c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

promotions.minutemediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	fansided.com cdn.fansided.com — Cisco Umbrella Rank: 50729 app.fansided.com — Cisco Umbrella Rank: 87792	251 KB
9	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2789 t.skimresources.com — Cisco Umbrella Rank: 2825 p.skimresources.com — Cisco Umbrella Rank: 3627 r.skimresources.com — Cisco Umbrella Rank: 2662 ls.skimresources.com — Cisco Umbrella Rank: 8581	22 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2005 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5719 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9692	179 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 ad.doubleclick.net — Cisco Umbrella Rank: 181 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	178 KB
6	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 24714	28 KB
6	gstatic.com fonts.gstatic.com	102 KB
6	bloggingdirty.com 1 redirects bloggingdirty.com	36 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	268 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	76 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769	133 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 125	2 KB
2	memorizeneck.com memorizeneck.com — Cisco Umbrella Rank: 65360	679 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	426 B
2	google.de www.google.de — Cisco Umbrella Rank: 6433	564 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 785 www.google.com — Cisco Umbrella Rank: 2	849 B
2	mmctsvc.com cdn.mmctsvc.com — Cisco Umbrella Rank: 13217	139 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	17 KB
1	minutemediaservices.com promotions.minutemediaservices.com — Cisco Umbrella Rank: 12007
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 500	482 B
1	optimizely.com cdn3.optimizely.com — Cisco Umbrella Rank: 3319	700 B
1	gammamaximum.com gammamaximum.com — Cisco Umbrella Rank: 66774	27 KB
1	sharethrough.com native.sharethrough.com — Cisco Umbrella Rank: 1740	76 KB
1	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5894	66 KB
1	cloudfront.net d3ujids68p6xmq.cloudfront.net	42 KB
1	minutemediacdn.com images2.minutemediacdn.com — Cisco Umbrella Rank: 15497	4 KB
1	webcontentassessor.com scripts.webcontentassessor.com — Cisco Umbrella Rank: 4175	38 KB
1	wazimo.com cdn.wazimo.com — Cisco Umbrella Rank: 31274	1 KB
101	30

	Domain	Requested by
19	cdn.fansided.com	bloggingdirty.com cdn.fansided.com
6	cdn.equalweb.com	bloggingdirty.com cdn.equalweb.com
6	fonts.gstatic.com	cdn.fansided.com
6	bloggingdirty.com	1 redirects bloggingdirty.com
5	www.googletagmanager.com	bloggingdirty.com www.googletagmanager.com cdn.mmctsvc.com
5	quantcast.mgr.consensu.org	bloggingdirty.com quantcast.mgr.consensu.org
4	c.amazon-adsystem.com	bloggingdirty.com c.amazon-adsystem.com cdn.mmctsvc.com
4	securepubads.g.doubleclick.net	bloggingdirty.com securepubads.g.doubleclick.net cdn.mmctsvc.com
3	t.skimresources.com	bloggingdirty.com s.skimresources.com
3	sb.scorecardresearch.com	1 redirects bloggingdirty.com
2	memorizeneck.com	gammamaximum.com
2	ls.skimresources.com	s.skimresources.com
2	www.facebook.com	bloggingdirty.com
2	p.skimresources.com	bloggingdirty.com
2	www.google.de	bloggingdirty.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn.mmctsvc.com	bloggingdirty.com cdn.mmctsvc.com
2	connect.facebook.net	bloggingdirty.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform.twitter.com	bloggingdirty.com platform.twitter.com
2	fonts.googleapis.com	bloggingdirty.com
1	secure.cdn.fastclick.net	bloggingdirty.com
1	promotions.minutemediaservices.com	cdn.mmctsvc.com
1	app.fansided.com	www.googletagmanager.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.com	bloggingdirty.com
1	syndication.twitter.com	platform.twitter.com
1	r.skimresources.com	s.skimresources.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	analytics.google.com	www.googletagmanager.com
1	static.adsafeprotected.com	bloggingdirty.com
1	s.skimresources.com	www.googletagmanager.com
1	ad.doubleclick.net	bloggingdirty.com
1	cdn3.optimizely.com	d3ujids68p6xmq.cloudfront.net
1	gammamaximum.com	bloggingdirty.com
1	native.sharethrough.com	bloggingdirty.com
1	assets.revcontent.com	bloggingdirty.com
1	d3ujids68p6xmq.cloudfront.net	bloggingdirty.com
1	images2.minutemediacdn.com	bloggingdirty.com
1	scripts.webcontentassessor.com	bloggingdirty.com
1	cdn.wazimo.com	bloggingdirty.com
101	41

This site contains links to these domains. Also see Links.

Domain
fansided.com
www.facebook.com
twitter.com
shop.minutemedia.com
daily.fansided.com
itunes.apple.com
play.google.com
nflspinzone.com
withthefirstpick.com
nflmocks.com
buffalowdown.com
phinphanatic.com
musketfire.com
thejetpress.com
stripehype.com
dawgpounddaily.com
ebonybird.com
stillcurtain.com
horseshoeheroes.com
torotimes.com
blackandteal.com
titansized.com
predominantlyorange.com
arrowheadaddict.com
justblogbaby.com
boltbeat.com
thelandryhat.com
insidetheiggles.com
gmenhq.com
riggosrag.com
beargoggleson.com
sidelionreport.com
lombardiave.com
thevikingage.com
catcrave.com
whodatdish.com
thepewterplank.com
raisingzona.com
ramblinfan.com
ninernoise.com
12thmanrising.com
www.90min.com
saturdayblitz.com
bustingbrackets.com
netflixlife.com
hiddenremote.com
thebiglead.com
theplayerstribune.com
www.dbltap.com
www.mentalfloss.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
arrowheadaddict.com R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
blogoflegends.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-31` - `2022-12-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.90min.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
assets.revcontent.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
gammamaximum.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
mmctsvc.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
memorizeneck.com R3	`2022-02-27` - `2022-05-28`	3 months	crt.sh
*.fansided.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
*.minutemediaservices.com Amazon	`2022-01-24` - `2023-02-22`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Frame ID: 61F60813DA3B2C7BC2072A9188B8D634
Requests: 95 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1647343018995
Frame ID: 06B82E138B4011F6ECE18B9960474160
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fbloggingdirty.com
Frame ID: 2FD934F7229CC06D908B521229E4305C
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.0798960757097491
Frame ID: 14207F79F0376675572BC35CB4620DF0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 53766A41BE9482892FD4A839138C4FD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - Blogging Dirty

Page URL History Show full URLs

http://bloggingdirty.com/safeview-redirect/tc_frame.html HTTP 301
https://bloggingdirty.com/safeview-redirect/tc_frame.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

99 %
HTTPS

50 %
IPv6

30
Domains

41
Subdomains

40
IPs

4
Countries

1823 kB
Transfer

6363 kB
Size

36
Cookies

75 Outgoing links

These are links going to different origins than the main page.

URL: https://fansided.com/betsided
Title: BetSided

Search URL Search Domain Scan URL

URL: https://fansided.com/fansided-openings/
Title: Write for us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BloggingDirty
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/BloggingDirty
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fansided.com/

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided/
Title: About

Search URL Search Domain Scan URL

URL: https://fansided.com/about-fansided#masthead
Title: Masthead

Search URL Search Domain Scan URL

URL: https://fansided.com/join-fansided/
Title: Openings

Search URL Search Domain Scan URL

URL: https://shop.minutemedia.com/
Title: Swag

Search URL Search Domain Scan URL

URL: https://fansided.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://fansided.com/network/
Title: Our 300+ Sites

Search URL Search Domain Scan URL

URL: https://fansided.com/mobile/
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://daily.fansided.com/
Title: FanSided Daily

Search URL Search Domain Scan URL

URL: https://fansided.com/how-to-pitch-a-story-to-fansided/
Title: Pitch a Story

Search URL Search Domain Scan URL

URL: https://fansided.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://fansided.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://fansided.com/website-disclaimer/
Title: Legal Disclaimer

Search URL Search Domain Scan URL

URL: https://fansided.com/accessibility-statement/
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://fansided.com/eu-privacy-policy/#data-subject-requests
Title: EU Data Subject Requests

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/fansided-sports/id553311886?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.noticesoftware.FanSided

Search URL Search Domain Scan URL

URL: https://fansided.com/network/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://fansided.com/nfl/
Title: More NFL News »

Search URL Search Domain Scan URL

URL: https://nflspinzone.com/
Title: NFL Rumors

Search URL Search Domain Scan URL

URL: https://withthefirstpick.com/
Title: NFL Draft

Search URL Search Domain Scan URL

URL: https://nflmocks.com/
Title: NFL Mock Drafts

Search URL Search Domain Scan URL

URL: https://fansided.com/fantasy/fantasy-football/
Title: Fantasy Football

Search URL Search Domain Scan URL

URL: https://buffalowdown.com/
Title: Buffalo Bills

Search URL Search Domain Scan URL

URL: https://phinphanatic.com/
Title: Miami Dolphins

Search URL Search Domain Scan URL

URL: https://musketfire.com/
Title: New England Patriots

Search URL Search Domain Scan URL

URL: https://thejetpress.com/
Title: NY Jets

Search URL Search Domain Scan URL

URL: https://stripehype.com/
Title: Cincinnati Bengals

Search URL Search Domain Scan URL

URL: https://dawgpounddaily.com/
Title: Cleveland Browns

Search URL Search Domain Scan URL

URL: https://ebonybird.com/
Title: Baltimore Ravens

Search URL Search Domain Scan URL

URL: https://stillcurtain.com/
Title: Pittsburgh Steelers

Search URL Search Domain Scan URL

URL: https://horseshoeheroes.com/
Title: Indianapolis Colts

Search URL Search Domain Scan URL

URL: https://torotimes.com/
Title: Houston Texans

Search URL Search Domain Scan URL

URL: https://blackandteal.com/
Title: Jacksonville Jaguars

Search URL Search Domain Scan URL

URL: https://titansized.com/
Title: Tennessee Titans

Search URL Search Domain Scan URL

URL: https://predominantlyorange.com/
Title: Denver Broncos

Search URL Search Domain Scan URL

URL: https://arrowheadaddict.com/
Title: Kansas City Chiefs

Search URL Search Domain Scan URL

URL: https://justblogbaby.com/
Title: Las Vegas Raiders

Search URL Search Domain Scan URL

URL: https://boltbeat.com/
Title: LA Chargers

Search URL Search Domain Scan URL

URL: https://thelandryhat.com/
Title: Dallas Cowboys

Search URL Search Domain Scan URL

URL: https://insidetheiggles.com/
Title: Philadelphia Eagles

Search URL Search Domain Scan URL

URL: https://gmenhq.com/
Title: NY Giants

Search URL Search Domain Scan URL

URL: https://riggosrag.com/
Title: Washington Commanders

Search URL Search Domain Scan URL

URL: https://beargoggleson.com/
Title: Chicago Bears

Search URL Search Domain Scan URL

URL: https://sidelionreport.com/
Title: Detroit Lions

Search URL Search Domain Scan URL

URL: https://lombardiave.com/
Title: Green Bay Packers

Search URL Search Domain Scan URL

URL: https://thevikingage.com/
Title: Minnesota Vikings

Search URL Search Domain Scan URL

URL: https://catcrave.com/
Title: Carolina Panthers

Search URL Search Domain Scan URL

URL: https://whodatdish.com/
Title: New Orleans Saints

Search URL Search Domain Scan URL

URL: https://thepewterplank.com/
Title: Tampa Bay Bucs

Search URL Search Domain Scan URL

URL: https://raisingzona.com/
Title: Arizona Cardinals

Search URL Search Domain Scan URL

URL: https://ramblinfan.com/
Title: LA Rams

Search URL Search Domain Scan URL

URL: https://ninernoise.com/
Title: San Francisco 49ers

Search URL Search Domain Scan URL

URL: https://12thmanrising.com/
Title: Seattle Seahawks

Search URL Search Domain Scan URL

URL: https://fansided.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://fansided.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://fansided.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://www.90min.com/
Title: Soccer

Search URL Search Domain Scan URL

URL: https://saturdayblitz.com/
Title: CFB

Search URL Search Domain Scan URL

URL: https://bustingbrackets.com/
Title: CBB

Search URL Search Domain Scan URL

URL: https://netflixlife.com/
Title: Netflix News

Search URL Search Domain Scan URL

URL: https://hiddenremote.com/
Title: TV Shows

Search URL Search Domain Scan URL

URL: https://thebiglead.com/
Title: Sports Media News

Search URL Search Domain Scan URL

URL: https://theplayerstribune.com/
Title: The Players Tribune

Search URL Search Domain Scan URL

URL: https://www.dbltap.com/
Title: Esports & Gaming

Search URL Search Domain Scan URL

URL: https://www.mentalfloss.com/
Title: Facts & Trivia

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fansided?_rdr=p
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/fansided
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fansided/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fansidedblogs
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bloggingdirty.com/safeview-redirect/tc_frame.html HTTP 301
https://bloggingdirty.com/safeview-redirect/tc_frame.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1647343018920&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Blogging%20Dirty&c7=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1647343018920&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Blogging%20Dirty&c7=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&c9=

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request tc_frame.html Show response
bloggingdirty.com/safeview-redirect/
Redirect Chain

http://bloggingdirty.com/safeview-redirect/tc_frame.html
https://bloggingdirty.com/safeview-redirect/tc_frame.html

86 KB
18 KB

603ms
573ms

Document
text/html

2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai /

Resource Hash

1a097255933748819c0889cd9efc7715dab930e03ce29f71b7396fd2ebc462d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-user-agent: standard
x-cache-config: 0 0
content-encoding: gzip
content-length: 17939
expires: Tue, 15 Mar 2022 11:16:58 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 15 Mar 2022 11:16:58 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
server: Akamai

Redirect headers

Content-Length: 0
Location: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Date: Tue, 15 Mar 2022 11:16:57 GMT
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Server: Akamai

GET
H2 200 main.js Show response
cdn.wazimo.com/engine/common/widgets/mmlogger/ 2 KB
1 KB 83ms
36ms Script
application/javascript 2606:4700:20::681a:450
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wazimo.com/engine/common/widgets/mmlogger/main.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:450 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15eac693e39938e3189dc27f25824c01c534aa3e2be9dc26d8de81480749109

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4488
cf-polished: origSize=2299
last-modified: Sun, 13 Mar 2022 13:58:14 GMT
server: cloudflare
etag: W/"622df876-8fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzGlXvwDB7266Fyt2iDffFQEyz8fnYNnNc%2Bk5swZRhUH2u7ngRZ%2FkQ54r19YA66qwJb7Bo2mXJBB1JtWFcp8ipe93K%2Fg0xqLdL%2BtjcgXpTXEok%2FiRyb3QqK3VYUDnt0umJjEe7eupKzNVSFU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ec4d70a6b2f83b2-MXP
cf-bgj: minify

GET
H2 200 style.css
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles/ 116 B
628 B 8ms
6ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggingdirty.com/wp-content/plugins/voltax-video-player/styles/style.css?ver=1644424553
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 16:35:53 GMT
server: Akamai
etag: "6203ed69-74"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2012799
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 120
expires: Thu, 07 Apr 2022 18:23:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1023 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&ver=2.69.10

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 10:43:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 11:16:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 11:16:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
452 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&ver=2.69.10

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15214e2e579c336fdac00479139530f8d39c71f3f898601d738411fb79b11f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 10:49:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 11:16:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 11:16:58 GMT

GET
H2 200 style.css
cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/ 435 KB
68 KB 134ms
18ms Stylesheet
text/css 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: a590d83536ee74cde7e99173d44e2deafff928a6206b2cf00ac973e537170a8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:06 GMT
server: Akamai
etag: W/"62154012-6cc95"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=808875
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 69219
expires: Thu, 24 Mar 2022 19:58:13 GMT

GET
H2 200 shortcodes-75bc6ebc34.css
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist/ 61 KB
10 KB 11ms
9ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist/shortcodes-75bc6ebc34.css
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b053ebd2eeb5e4d473405015c41e7e173f8561c3bbe0f81974a38e85552058dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Mar 2022 17:57:23 GMT
server: Akamai
etag: W/"621fb003-f488"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1493595
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 9676
expires: Fri, 01 Apr 2022 18:10:13 GMT

GET
H2 200 network-nav.css
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 40 KB
7 KB 152ms
36ms Stylesheet
text/css 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 0a919ef477d47a8e6e7cdfb4da000abe193428a1b14ee072016c843d90bc5953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:17 GMT
server: Akamai
etag: W/"6215401d-9e5e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=808782
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 6598
expires: Thu, 24 Mar 2022 19:56:40 GMT

GET
H2 200 mm-video.js Show response
cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/ 74 B
577 B 153ms
37ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/mm-video.js?ver=1.6.0
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: c889d3593066c74eae7b8f0ee34c61dbe7c6a57a1807830e7c29bd807781fac6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 16:35:53 GMT
server: Akamai
etag: "6203ed69-4a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2006425
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 59
expires: Thu, 07 Apr 2022 16:37:23 GMT

GET
H2 200 jquery.js Show response
cdn.fansided.com/wp-includes/js/jquery/ 95 KB
34 KB 153ms
38ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jan 2022 21:52:02 GMT
server: Akamai
etag: W/"61d76482-17a6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=386973
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 34019
expires: Sat, 19 Mar 2022 22:46:31 GMT

GET
H2 200 iframeSizer.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 11 KB
5 KB 155ms
40ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/iframeSizer.min.js?ver=4.9.20
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:01 GMT
server: Akamai
etag: W/"6215400d-2d5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2257585
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 4629
expires: Sun, 10 Apr 2022 14:23:23 GMT

GET
H2 200 a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35 Show response
scripts.webcontentassessor.com/scripts/ 165 KB
38 KB 50ms
6ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/a8d912c4bac42cdeccf3177e26df8911d068de3cd69a7c228faad97c6587de35
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa5df64f12cb36a6efd7ee53d3ec3176fcb76c0b5eb83e186c9a7d50654d0e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: gzip
age: 2016
x-cache: HIT
content-length: 38225
x-amz-id-2: QvGETFrMtFg3nx+WOs9rQDidTu6AiEDgoXfNMIfLNp0XkHCSSNfb1sM+6PFR/62oSpH1GjphVzg=
x-served-by: cache-hhn4044-HHN
last-modified: Tue, 15 Mar 2022 10:37:39 GMT
server: AmazonS3
x-timer: S1647343019.621267,VS0,VE0
etag: "d2b127a19b052958a16a21ca0dc19c5c"
vary: Accept-Encoding
x-amz-request-id: 81XCXTJZXJ61S65P
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 11

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 52ms
21ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

701182bb2073640a17f07c27aa4cd2fbf35f9ccdfe9692288f6f30f70c2e989f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27748
x-xss-protection: 0
server: sffe
etag: "1159 / 246 of 1000 / last-modified: 1647333762"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Mar 2022 11:16:58 GMT

GET
H2 200 logo_bloggingdirty-com__150x150.png
images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/falcons/ 4 KB
4 KB 233ms
126ms Image
image/webp 2.16.186.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/fetch/c_fill,f_auto,w_150,h_150/https://fansided.com/wp-content/assets/site_images/falcons/logo_bloggingdirty-com__150x150.png
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e70a4b3af12458aecb0bfa24bbf028bab9a22bef5217816c14efd7900fce87b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:58 GMT
last-modified: Tue, 25 Feb 2020 18:12:08 GMT
x-timer: S1619672237.299519,VS0,VE88
etag: "ca483ba5d17000f2fe9b435bccc08d35"
x-served-by: cache-wdc5525-WDC
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=31480699
x-cache-hits: 0
content-disposition: inline; filename="logo_bloggingdirty-com__150x150.webp"
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 3770
expires: Tue, 22 Mar 2022 11:16:58 GMT

GET
H2 200 yeti404.png
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 59 KB
60 KB 27ms
22ms Image
image/png 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/yeti404.png
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: a29d19254b64f37328ceccb95bc1010f85a0a40ce3dfc715d46f7ab85d66da25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:56:27 GMT
server: Akamai
etag: "62153feb-ed99"
content-type: image/png
cache-control: max-age=958785
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 60825
expires: Sat, 26 Mar 2022 13:36:43 GMT

GET
H2 200 logo_bloggingdirty-com__150x150.png
cdn.fansided.com/wp-content/assets/site_images/falcons/ 11 KB
12 KB 41ms
35ms Image
image/png 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/assets/site_images/falcons/logo_bloggingdirty-com__150x150.png
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 4100e8d8f69b8d1694edafab221529f8486d5e36784f100e1cca7b8033e897df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Feb 2016 21:10:23 GMT
server: Akamai
etag: "56b26cbf-2d06"
content-type: image/png
cache-control: max-age=1031926
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 11526
expires: Sun, 27 Mar 2022 09:55:44 GMT

GET
H2 200 fansided-logo.svg
cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/ 8 KB
3 KB 25ms
20ms Image
image/svg+xml 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/images/fansided-logo.svg
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:56:27 GMT
server: Akamai
etag: W/"62153feb-2191"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2390191
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 3016
expires: Tue, 12 Apr 2022 03:13:29 GMT

GET
H2 200 apple-app.png
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images/ 2 KB
2 KB 12ms
7ms Image
image/png 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloggingdirty.com/wp-content/themes/fansided-v5/assets/images/apple-app.png
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Feb 2022 18:00:03 GMT
server: Akamai
etag: "620bea23-682"
content-type: image/png
cache-control: max-age=710667
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 1666
expires: Wed, 23 Mar 2022 16:41:25 GMT

GET
H2 200 android-app.png
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images/ 4 KB
4 KB 12ms
7ms Image
image/png 2a02:26f0:ef::5c7b:c27a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloggingdirty.com/wp-content/themes/fansided-v5/assets/images/android-app.png
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c27a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Feb 2022 18:00:03 GMT
server: Akamai
etag: "620bea23-f1f"
content-type: image/png
cache-control: max-age=715800
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 3871
expires: Wed, 23 Mar 2022 18:06:58 GMT

GET
H/1.1 200
OK abw.js Show response
d3ujids68p6xmq.cloudfront.net/ 223 KB
42 KB 66ms
13ms Script
application/javascript 108.156.253.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.253.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-253-114.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 23:10:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2018 14:40:14 GMT
Server: AmazonS3
Age: 43586
ETag: "e817b0f323fb2559fcb2e5701865527a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P2
Accept-Ranges: bytes
Content-Length: 42771
X-Amz-Cf-Id: dBTElMOD5r04FGXy4F_AkQwJEbMzCpNr-i4fyZJnKFNaib0xR1107g==

GET
H2 200 front.js Show response
cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/ 1 KB
919 B 18ms
18ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/plugins/voltax-video-player/scripts/front.js?ver=1644424553
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 16:35:53 GMT
server: Akamai
etag: W/"6203ed69-41a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2006263
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 405
expires: Thu, 07 Apr 2022 16:34:41 GMT

GET
H2 200 longform.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 272 B
720 B 19ms
18ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/longform.min.js?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:56:59 GMT
server: Akamai
etag: "6215400b-110"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=808854
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 202
expires: Thu, 24 Mar 2022 19:57:52 GMT

GET
H2 200 fs-event-preview.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 1 KB
998 B 22ms
16ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/fs-event-preview.min.js?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:56:59 GMT
server: Akamai
etag: W/"6215400b-5ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=808872
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 485
expires: Thu, 24 Mar 2022 19:58:10 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 201 KB
66 KB 48ms
12ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a70f80824ada4357f22aaa4d7ba5811cb5878fb578db9a8c42440ba535a608d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 17:52:12 GMT
server: AmazonS3
x-amz-request-id: 0W6YV1397K2B1QH6
etag: "42d099b0d4993ea06b6787bf14c2db8e"
x-hw: 1647343018.cds054.fr8.hn,1647343018.cds146.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 67586
x-amz-id-2: AdnFkR0K3YK8W2EdBGoarwkUZyqo7kwpIU7gMc8N1G0QBfcOWUV1Zluo1NGiD+4tuPlxaLYhis8=

GET
H2 200 main.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 27 KB
9 KB 23ms
17ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/main.min.js?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 14e6ca0167f6a25b412bfd7b0061ab643215a6de77d9799977a393096f4ae781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:00 GMT
server: Akamai
etag: W/"6215400c-6c16"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=808785
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 8719
expires: Thu, 24 Mar 2022 19:56:43 GMT

GET
H2 200 network-nav.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/ 38 KB
14 KB 29ms
27ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.min.js?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: cdcfe798d0f7bac375a28b5ebe918d9b150d67f7cb8eea40ea956ac579f65f95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:17 GMT
server: Akamai
etag: W/"6215401d-9805"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=808853
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 13911
expires: Thu, 24 Mar 2022 19:57:51 GMT

GET
H2 200 bundled-scripts.min.js Show response
cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/ 946 B
969 B 24ms
18ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/js/bundled-scripts.min.js?ver=2.69.10
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:08 GMT
server: Akamai
etag: W/"62154014-3b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=808783
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 455
expires: Thu, 24 Mar 2022 19:56:41 GMT

GET
H2 200 wp-embed.js Show response
cdn.fansided.com/wp-includes/js/ 3 KB
2 KB 24ms
19ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/wp-embed.js?ver=4.9.20
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 06:24:25 GMT
server: Akamai
etag: W/"622aeb19-c68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2257600
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 1243
expires: Sun, 10 Apr 2022 14:23:38 GMT

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 277 KB
76 KB 68ms
11ms Script
application/javascript 18.66.248.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js?ver=4.9.20
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-124.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4601ead5891c34bb1150f1581cdccc813904f98ad0e9edaee0cf48cd2fee97f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:09:50 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 18:09:42 GMT
server: AmazonS3
age: 429
etag: W/"08bd629defc115f7b577670c15047dff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 1m9rbDOQx257Ba1WeFmiv5E8fi_bMkyt-KIiBAz64wcf33oojXtbZA==
expires: Wed, 09 Mar 2022 19:09:41 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 40ms
11ms Script
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 805
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1Z3Z16TX0PNW551QP003
date: Tue, 15 Mar 2022 11:03:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: biMPID0TW8w4tSF0mO-Yy8JVDHPl9o0wGzdILIdytSnmatHHzr9vvQ==

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/bloggingdirty.com/ 10 KB
4 KB 167ms
138ms Script
application/javascript 2600:9000:2315:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/bloggingdirty.com/choice.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11ff0217d0ead18e32c634c0cdaedcb6928a2cb279b898770df70b950a29dd2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 11:22:55 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: W/"8a6ed00c344ddd37fc2e5656477b7eec"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RtiBQsIyJS7yW-lW_F9NNTSmrbG6fqY6uD_grcM3DgukcZR1hvPohw==

GET
H2 200 twemoji.js Show response
cdn.fansided.com/wp-includes/js/ 25 KB
8 KB 29ms
27ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/twemoji.js?ver=4.9.20
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 06:24:25 GMT
server: Akamai
etag: W/"622aeb19-64c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2257672
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 7682
expires: Sun, 10 Apr 2022 14:24:50 GMT

GET
H2 200 wp-emoji.js Show response
cdn.fansided.com/wp-includes/js/ 7 KB
3 KB 31ms
28ms Script
application/javascript 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-includes/js/wp-emoji.js?ver=4.9.20
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 06:24:25 GMT
server: Akamai
etag: W/"622aeb19-1a68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2257510
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
content-length: 2637
expires: Sun, 10 Apr 2022 14:22:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 403 KB
83 KB 58ms
25ms Script
application/javascript 2a00:1450:400e:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

514247d9134353de55e54ffe3fff383359617dd2e5a27de1b1038f1f28ac1946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84187
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 11:16:58 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 36ms
11ms Font
font/woff 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wprx7IBmrqA5IG9z8WNe77b9o.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:13:20 GMT
x-content-type-options: nosniff
age: 569018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 21:13:20 GMT

GET
H2 200 FontSided1dot5.woff
cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/ 19 KB
20 KB 78ms
19ms Font
application/font-woff 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/fonts/FontSided1dot5.woff?v=1.5
Requested by: Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: 1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Feb 2022 18:00:03 GMT
server: Akamai
etag: "620bea23-4bec"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=621215
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 19436
expires: Tue, 22 Mar 2022 15:50:33 GMT

GET
H2 200 Y_TKV6o8WovbUd3m_X9aAA.ttf
fonts.gstatic.com/s/oswald/v10/ 34 KB
20 KB 26ms
6ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/Y_TKV6o8WovbUd3m_X9aAA.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 11:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19906
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:36:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 11:13:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 78ms
11ms Script
application/javascript 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:39:32 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 13047
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: UuoTMUJJuHX-cI2TgdP64JTkui-n2PS2vnhXGt262vWkug0vPdn22g==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 182ms
37ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 11:16:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1070
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CE9)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea Show response
gammamaximum.com/ 89 KB
27 KB 219ms
17ms Script
text/javascript 35.190.48.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.48.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.48.190.35.bc.googleusercontent.com

Software

Resource Hash

6d93065d9a7261a8f971d72b6b8b801cd6c7d173fae247060a552529ef5904ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "e32c505e35cc0f82026400568afaffd365230fc8f13095d65e8c86e2e539303b"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 15 Mar 2022 11:16:58 GMT
x-buildnumber: 489470392
timing-allow-origin: *

GET
H2 200 bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/oswald/v10/ 39 KB
22 KB 12ms
10ms Font
font/ttf 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v10/bH7276GfdCjMjApa_dkG6aCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22073
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:36:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 19:00:20 GMT

GET
H2 200 7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 13ms
12ms Font
font/woff 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/7XUFZ5tgS-tD6QamInJTcdGU7DQ8I6RFMlK0vgclk7w.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 11:18:03 GMT
x-content-type-options: nosniff
age: 604735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15504
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:53:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 11:18:03 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff
fonts.gstatic.com/s/titilliumweb/v4/ 15 KB
15 KB 21ms
20ms Font
font/woff 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr24bNCNEoFTpS2BTjF6FB5E.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:00:40 GMT
x-content-type-options: nosniff
age: 576978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15568
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:50:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 19:00:40 GMT

GET
H2 200 anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff
fonts.gstatic.com/s/titilliumweb/v4/ 14 KB
14 KB 15ms
14ms Font
font/woff 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v4/anMUvcNT0H1YN4FII8wpr0bathaSTBR2c4i13_wzlb0.woff

Requested by

Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/assets/css/style.css?ver=2.69.10
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 23:12:02 GMT
x-content-type-options: nosniff
age: 561896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14692
x-xss-protection: 0
last-modified: Wed, 27 Aug 2014 23:51:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 23:12:02 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 410ms
389ms XHR
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: DUS51-P2
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 15 Mar 2022 11:17:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: gzN31yvokH56ib2TnqLsghlToseaUJ3GQcaEAN67uJGdkFoWyrNZ_A==

GET
H2 200 pubads_impl_2022030201.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 7ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065568

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:52:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124504
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 09:35:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 10:52:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 244 B
161 B 31ms
16ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bloggingdirty.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bf6a57bf02ea97f3fd6fcf4c74bef9fc794403864163924cce942f20761972da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
expires: Tue, 15 Mar 2022 11:16:58 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035728&cs_ucfr=1&ns__t=1647343018920&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Blogging%20Dirty&c7=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirec...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1647343018920&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Blogging%20Dirty&c7=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redire...

0
223 B

15ms
15ms

Image
text/plain

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1647343018920&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Blogging%20Dirty&c7=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&c9=
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: zhfa1frl_fnJ9jRYas4suF2tZyLiLLR1alqZs04rVhmlpqJXzgsXew==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 15 Mar 2022 11:16:58 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&cs_ucfr=1&ns__t=1647343018920&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Blogging%20Dirty&c7=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&c9=
content-length: 241
x-amz-cf-id: cv7uifQ57Con80kx8EocS-SvDlwn0y_EkzyEOhi0J41Ir4Lk4cOZjw==

GET
H2 200 accessibility-light.svg
cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/ 612 B
868 B 18ms
18ms Image
image/svg+xml 2a02:26f0:1700:14::b856:fb44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/assets/images/accessibility-light.svg
Requested by: Host: cdn.fansided.com
URL: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.69.10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:14::b856:fb44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai /
Resource Hash: b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.fansided.com/wp-content/themes/fansided-v5/network-nav/network-nav.css?ver=2.69.10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-user-agent: standard
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Feb 2022 19:57:17 GMT
server: Akamai
etag: "6215401d-264"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=907505
date: Tue, 15 Mar 2022 11:16:58 GMT
x-cache-config: 0 0
accept-ranges: bytes
content-length: 351
expires: Fri, 25 Mar 2022 23:22:03 GMT

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ Frame 06B8 293 B
700 B 50ms
13ms Script
application/javascript 96.16.142.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js?cb=1647343018995
Requested by: Host: d3ujids68p6xmq.cloudfront.net
URL: https://d3ujids68p6xmq.cloudfront.net/abw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 96.16.142.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-142-89.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 986824b06c6bfc47f856f675d5fc565b02d0c24c563fc8e41ee703c639b298a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: X7PFXN75RDZFHZ0B
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=66130
Date: Tue, 15 Mar 2022 11:16:59 GMT
Connection: keep-alive
Content-Length: 293
x-amz-id-2: KXCq6comk7Lq5amOzbTWirk80o+3uG+30SpoOuXztnYMSbqB0Pm0fSnjNHduzlinny4+c7VPOy0=

GET
H2 200 ;ord=1647343018996
ad.doubleclick.net/ddm/ad/wbgw/zqbpuimflo/ 43 B
628 B 44ms
15ms Image
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/wbgw/zqbpuimflo/;ord=1647343018996?

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
56 KB 38ms
20ms Script
application/javascript 2a00:1450:400e:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

077ca0d42ae02c98cd3cbb16adade5d96666d87e66154ec019e73faf22ca2071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56907
x-xss-protection: 0
expires: Tue, 15 Mar 2022 11:16:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4333
date: Tue, 15 Mar 2022 10:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Mar 2022 12:04:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e885457ba20624b6b2ce062f0c9f63adaa4e8b215cf068bdf701a6c819b9e5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26293
x-xss-protection: 0
pragma: public
x-fb-debug: Le+UQkROKygin/zcJ1nCwY+qsj1oxPTzbkyaQ2ZzCAOZNTJpJS43OtFLsjMJ/1mJtmlbqJIPObaX25szSPPvqQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 15 Mar 2022 11:16:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 124578X1617579.skimlinks.js Show response
s.skimresources.com/js/ 56 KB
21 KB 44ms
10ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a45cb3b53a01acfe497a2aef2aaef9a4e121901a540c15c6a211bb857023d6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:49:25 GMT
server: AmazonS3
x-amz-request-id: 3FHT9GGEE9ACSH4H
etag: "df8d4673e183b123eb2b5009ebb9a9f4"
x-hw: 1647343019.cds056.fr8.hn,1647343019.cds246.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20705
x-amz-id-2: //2mcrbynXJYE2LLGlHkuB2cePtYyYVbBOw47x7G62MNNCckEwlaMEmA30u7PhCOhMMRZgPccAE=

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/3.0.3/ 34 KB
13 KB 361ms
305ms Script
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/3.0.3/accessibility.js

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Origin: https://bloggingdirty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 30 May 2021 11:33:38 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0155a24755d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u50pu5395gPpHVs9vpLhm%2Ft1ddYyjE5%2B%2FpsMzbWRFGkLaqF3c7V5%2BGpoPxGdDlnVAb1LKruFeoT%2Fjx7639jSirlJqf6%2Baz9PhW2G1duXDypSuM2DdS7nAYzy8D0mlYET3FQFN24izeFDoj%2FiAuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6ec4d70d5d4f5a31-MXP

GET
H2 200 index.non-platform.prod.latest.js Show response
cdn.mmctsvc.com/commercial-api/ 474 KB
138 KB 675ms
616ms Script
application/javascript 95.101.27.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b83515e428658c736b469ebfc03554305ecddceac58b991b0f39acc6d9f60492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: gzip
last-modified: Sun, 06 Mar 2022 12:22:47 GMT
etag: "6832420b3318d4d069a8167c71ae82a9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 6000
accept-ranges: bytes
content-length: 140904

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
44 KB 15ms
14ms Script
text/javascript 2600:9000:2315:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=bloggingdirty.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/f3-DFdjnrLazk/bloggingdirty.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:55 GMT
content-encoding: br
age: 8
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: uXwHJxqwRd4cExAOvTrggFmhbL66W7kuToBob1ztZW59sTBBjStNPg==

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 2FD9 319 KB
104 KB 38ms
37ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fbloggingdirty.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 993102
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 15 Mar 2022 11:16:59 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 22ms
6ms Image
image/gif 2600:9000:223f:4a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
age: 19076545
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: gW0fv_5xpZjpaRgmF389cAojoRlWH3KnFd4KlQJNoxpdQtBUdrMflw==

GET
H3 200 2811814612385369 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2811814612385369?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6aebfc66594ff40ffeb27b0e2918d474a44926c55427b910d870c9431ef5c04c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89516
x-xss-protection: 0
pragma: public
x-fb-debug: 4VsVCGafb0mtYeoz8srCQSyziUA+qKJG4BfuzkKBgfq3UJ26FtEHOEfLRqjaOkI2knTAXPmPqmfRJC4YC9vEKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 15 Mar 2022 11:16:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 35ms
17ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=388315454&t=pageview&_s=1&dl=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Blogging%20Dirty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=78602012&gjid=1943484864&cid=456173218.1647343019&tid=UA-1577313-14&_gid=324742270.1647343019&_r=1&gtm=2wg370KXFQXHB&cd1=none&cd2=none&cd3=none&cd4=none&cd5=NFL&cd6=none&cd7=none&cd8=none&cd9=none&cd10=none&cd11=none&cd12=none&cd13=none&cd14=none&cd15=none&cd16=none&cd17=none&cd23=en&cd24=en&cd27=none&cd73=0&cd75=Page%20not%20found%20-%20Blogging%20Dirty&cd76=%2Fsafeview-redirect%2Ftc_frame.html&cd78=9&cd88=none&cm1=0&z=5629159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 46ms
15ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NB8RD6J3M6&gtm=2oe370&_p=388315454&sr=1600x1200&_gaz=1&ul=en-us&cid=456173218.1647343019&_s=1&dl=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&dt=Page%20not%20found%20-%20Blogging%20Dirty&sid=1647343019&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 61ms
19ms Ping
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NB8RD6J3M6&cid=456173218.1647343019&gtm=2oe370&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NB8RD6J3M6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 66ms
36ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NB8RD6J3M6&cid=456173218.1647343019&gtm=2oe370&aip=1&z=649162904

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 1420 0
102 B 58ms
17ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.0798960757097491
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 48ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=5.299193457075897
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 46ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=5.299193457075897
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 63ms
20ms XHR
application/json 2600:9000:218f:1200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=bloggingdirty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:1200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35fee54d1936ef02f161aeb36334a12a8dafdf581b4f59567f273d6f53092ea4

Request headers

Accept: application/json, text/plain, */*
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:00:41 GMT
content-encoding: br
age: 29779
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Sat, 05 Mar 2022 19:52:29 GMT
server: AmazonS3
etag: W/"981d25ed3ef5d4bfb8a6bca9de845edc"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: qGKaHdiTG3Kzr7xdxm5CP1wdaqv_htUi
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: CDG52-P2
content-type: application/json
x-amz-cf-id: 7_WF26KD3k-cLcvIUjfi4B1Y6gfLhRTydY6J1tWvMnOf32VDQ7hTcQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 24ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1577313-14&cid=456173218.1647343019&jid=78602012&gjid=1943484864&_gid=324742270.1647343019&_u=YEBAAEAAAAAAAC~&z=282501327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Mar 2022 11:16:59 GMT
content-type: text/plain
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 195 B
367 B 45ms
16ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

4f0001f4ee1319171ac0a746977bf60e277c84e39b5a149d233b189f30ff1d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://bloggingdirty.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2811814612385369&ev=PageView&dl=https%3A%2F%2Fbloggingdirty.com%2Fsafeview-redirect%2Ftc_frame.html&rl=&if=false&ts=1647343019181&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1647343019180.1987955531&it=1647343019074&coo=false&rqm=GET

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 15 Mar 2022 11:16:59 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2FD9 293 B
467 B 139ms
119ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9636749aaa2a43719d27b199bbd59020a7d5ab0f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fbloggingdirty.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 113
date: Tue, 15 Mar 2022 11:16:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 11:16:59 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bceee7cc31dc6cdd3556bbdc70772c29a552aa3586e19c2474437304945c0bae
content-length: 186

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
34ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=456173218.1647343019&jid=78602012&_u=YEBAAEAAAAAAAC~&z=2332102

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1577313-14&cid=456173218.1647343019&jid=78602012&_u=YEBAAEAAAAAAAC~&z=2332102

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
367 B 19ms
18ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 227 KB
58 KB 11ms
11ms Script
text/javascript 2600:9000:2315:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=bloggingdirty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:26:06 GMT
content-encoding: gzip
age: 129054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:35 GMT
server: AmazonS3
etag: W/"58b24098a17406b31f4f22592394578b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: LomJX5hV2vkxcDmlargYu-WdUi2yb-OGmfRLUSnNs2EIE70oBW7K8w==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 284 KB
33 KB 34ms
10ms XHR
application/json 2600:9000:2315:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=bloggingdirty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f28abe358edbac612a26d0c71639459a2c85b22ed214cfaa068191ac729c94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:00:35 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 29785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 03:00:32 GMT
server: AmazonS3
etag: W/"d145a5fedb5dca2cef35025c69493f0f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: B4JIIWZbGDx7S80gU_4wWmPNXC8TVAo3uH911Pl2-pjfuI_S65v2Cw==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 42ms
19ms XHR
application/json 2600:9000:2315:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=bloggingdirty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8399b3debed8835d14dfebc86d3f6a2a6f8c699096fad29b5672f4df20772f45

Request headers

Accept: application/json, text/plain, */*
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:00:29 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 29791
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 15 Mar 2022 03:00:26 GMT
server: AmazonS3
etag: W/"13cb9173cb6a40eab7ed0c4afab5cc50"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Fat_j04bkZHfWBwKQuljEYnRNus3qO6nvlee4Qvx-fyTcmIKRAeDlg==

POST
H2 200 api Show response
ls.skimresources.com/ 2 B
347 B 32ms
18ms XHR
application/json 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.117.120.34.bc.googleusercontent.com

Software

Python/3.8 aiohttp/3.6.3 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.6.3
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 52ms
16ms Preflight
text/plain 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.117.120.34.bc.googleusercontent.com
Software: Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bloggingdirty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://bloggingdirty.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-credentials: true
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
date: Tue, 15 Mar 2022 11:16:59 GMT
server: Python/3.8 aiohttp/3.6.3
via: 1.1 google
alt-svc: clear

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
88 B 15ms
15ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1617579.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 24ms
7ms XHR
text/plain 3.121.92.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22f3-DFdjnrLazk%22%2C%22domain%22%3A%22bloggingdirty.com%22%2C%22publisher%22%3A%22bloggingdirty.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%2BQjo7rD9GsO%2F1onN0apVCA%22%2C%22clientTimestamp%22%3A1647343019258%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-l7mo9fpchu43ooifpu6c%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.92.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 11:16:59 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 default.css Show response
cdn.equalweb.com/style/ 11 KB
3 KB 113ms
112ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/default.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 09 May 2021 14:33:43 GMT
server: cloudflare
x-frame-options: deny
etag: W/"807da04fe044d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eak3P4Dg8ziUixlS9lSPyhtbLPkInacehXRuLCoIhYW1aUPGmVKy7du08iNyFj91Qq0V855La1gNrL8RThxT67ybtNrClfWeM53ZcaVmqgs6UF7Uyxjr7kWSKp%2FZsNzPxAPOldln1eAZTKXzYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6ec4d70f3b365a31-MXP

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
428 B 105ms
104ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"3f26cd3dfbc1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gA37wwR73k5Do9z6dH8DNnU4XQ4wUShoMWl9Vr71mcVCmLjFhMYyY7IgZL9M9T0fJ1YcQ9p9CrvcVernZOqYjFiy0Xcw1BYAall26yVOS1UNCdb1p%2BXlp1P%2FeGbHWWHUQ%2BCdQHN1BHllq4GwgPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6ec4d70f3b395a31-MXP

GET
H2 200 locale.js Show response
cdn.equalweb.com/assets/scripts/ 29 KB
10 KB 92ms
92ms Fetch
application/javascript 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/locale.js

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Apr 2021 07:22:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"80d59982334d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOlkCdaXEUtXoRMJfCmpqUBMs7ta2yvHi7Dw3uhGE3PLtL2xrCTAox%2FkAEss%2BNqt8F7g5QO8TtN2W%2BGfx%2FYc9YP8xdcns9EsFH4jVhfNjsNgedgTo4W4aMUuQyJU%2FJU0rUEzccya9n56kJht8Iw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6ec4d70f3b3d5a31-MXP

POST
H2 200 v2mmk-W2UlWYv4CXlavygEsyp83W36wBl-6E4A6xnQQSLPGZzrfUXWUoSms97sLVRsRQWF0l9 Show response
memorizeneck.com/ 209 B
642 B 57ms
17ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://memorizeneck.com/v2mmk-W2UlWYv4CXlavygEsyp83W36wBl-6E4A6xnQQSLPGZzrfUXWUoSms97sLVRsRQWF0l9

Requested by

Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

15c735bd02458e72073643ea2bdd3e182d54c8fb556a3c15c9f586eac6b22d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Tue, 15 Mar 2022 11:16:59 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloggingdirty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 489470392
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Tue, 15 Mar 2022 11:16:58 GMT

GET
H2 200 4.svg Show response
cdn.equalweb.com/assets/images/ 386 B
597 B 108ms
107ms Fetch
image/svg+xml 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/4.svg

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Aug 2019 12:49:31 GMT
server: cloudflare
x-frame-options: deny
etag: W/"dade21906748d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2Dw79mYi8o7SAGtH%2FgP1mKO5qZRq0tER2pQYhQApZgT3ZpDtnb5tnXa9fs5XhP7tmXizC381ujoZOXZJU%2F10cveLJRtfHNUYnitBxy%2BW0f0h0QwUI%2BSS7ZR4j7b6HbEVvyhWsfYBWdh8%2BBTDMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6ec4d70ffd635a31-MXP

GET
H2 200 custombtnstyle.css Show response
cdn.equalweb.com/style/ 4 KB
1 KB 90ms
90ms Fetch
text/css 2606:4700:20::681a:c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/custombtnstyle.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/3.0.3/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Mar 2020 09:11:26 GMT
server: cloudflare
x-frame-options: deny
etag: W/"0b350e0bbf6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAno50wFU2cDXx%2B%2Bpt2KRsosrx2OOFjdkoTW5t%2F2jXHUWalBjjK8z1U0cmtMibCldWQTLxteWzYrzJWVFzXPTaQye%2BWFp8M%2FitsyuP2YPjkH%2FZoDR4sznrj59m6nP%2BxJpfI9aiqDLu9gNNXtI%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2204800
access-control-allow-credentials: true
cf-ray: 6ec4d70ffd6b5a31-MXP

POST
H2 200 v2uttclLWwfjS005Zw--PGpJdGQTnf1Tb7nVCUh7RW9yFcmIZR1mq7sXLDRUOz4e4Vew5VrkC Show response
memorizeneck.com/ 3 B
37 B 17ms
16ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://memorizeneck.com/v2uttclLWwfjS005Zw--PGpJdGQTnf1Tb7nVCUh7RW9yFcmIZR1mq7sXLDRUOz4e4Vew5VrkC

Requested by

Host: gammamaximum.com
URL: https://gammamaximum.com/ac595b0bd1b1f6e62ce46c2ce57c936ea6f47b8e2936dc2a3876a18eadffd94a289806f2a42865c2057288dd30b30f07490e2c6ae59ea0f801f1a13317ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Tue, 15 Mar 2022 11:16:59 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-c63t
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloggingdirty.com
access-control-allow-credentials: true
x-buildnumber: 489470392
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5376 0
18 B 15ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://bloggingdirty.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html

Response headers

content-type: text/plain
access-control-allow-origin: https://bloggingdirty.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Tue, 15 Mar 2022 11:16:59 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
49 KB 19ms
19ms Script
application/javascript 2a00:1450:400e:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Requested by

Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d28d4385e676eee83ede9ba68ac4653992b89e1febc1e083f14d01ee3571976a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50605
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 11:00:09 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 11:16:59 GMT

GET
H2 200 geo Show response
cdn.mmctsvc.com/.mc/ 58 B
419 B 45ms
24ms Fetch
application/json 95.101.27.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mmctsvc.com/.mc/geo
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: gzip
last-modified: 2017-01-13
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 6000
content-length: 75

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
48 KB 23ms
23ms Script
application/javascript 2a00:1450:400e:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRHP5BL&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cbe58e7b75950663828e63fcfd3ac80435bfac0d824b61cb5ed03119b4a45d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48695
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 10:20:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 11:16:59 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
33 KB 20ms
20ms Script
application/javascript 2a00:1450:400e:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCL98KW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPBHSJZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e34b926a2ff7f4c74d5afac4ee629afec8f012757e86c2225aa5df5c5e1f94b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33529
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Mar 2022 11:16:59 GMT

GET
H2 200 flyoutInjector.js Show response
app.fansided.com/scripts/ 3 KB
2 KB 55ms
6ms Script
application/javascript 2600:9000:2490:d200:1b:3a6c:1300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fansided.com/scripts/flyoutInjector.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXFQXHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:1b:3a6c:1300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:46:42 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 21:36:05 GMT
server: AmazonS3
age: 1830
etag: W/"ffad40a56d1cafd94dfb7932bd879384"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: 342m7V4zp_3WgwGBMwuWni8WYEnX_my3PTFWpzbUsW1vOtrzZ3rbCQ==

POST
H2 200 impressions
promotions.minutemediaservices.com/ 0
0 521ms
475ms Ping
application/json 2600:9000:2251:9a00:1:4290:76c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promotions.minutemediaservices.com/impressions
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9a00:1:4290:76c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 24ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

26fe96ea7c69caeac2b8dfc436160088038644e7734d32d27ae507030ff2d850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27713
x-xss-protection: 0
server: sffe
etag: "1159 / 41 of 1000 / last-modified: 1647333684"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Mar 2022 11:16:59 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 11ms
10ms Script
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/index.non-platform.prod.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 806
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1Z3Z16TX0PNW551QP003
date: Tue, 15 Mar 2022 11:03:33 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ejhEGztMQ6GuGjpFcZ8h3XyobivBVwuYTIKV25WsmnAij8LcjJY7Yg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 248 B
600 B 105ms
105ms XHR
application/json 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2Fbloggingdirty.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-177.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:16:59 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bloggingdirty.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 248
x-amz-cf-id: xDzv6FvtGZl0pW_CA6J-UqCNTiay4JzTlRwTgPcL463G8tbm72EWjQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 61ms
7ms Script
application/javascript 104.89.31.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: bloggingdirty.com
URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-31-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bloggingdirty.com/safeview-redirect/tc_frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:17:00 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 15 Mar 2022 11:32:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles	1970-01-20 01:45:47	Name: stateCode Value: HE
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles	1970-01-20 01:45:47	Name: countryCode Value: DE
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles	1970-01-20 01:45:47	Name: cityCode Value: FRANKFURT
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles	1970-01-20 01:45:47	Name: isMobile Value: false
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles	1970-01-20 01:45:47	Name: isTablet Value: false
bloggingdirty.com/wp-content/plugins/voltax-video-player/styles	1970-01-20 01:45:47	Name: userDevice Value: desktop
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 01:45:47	Name: stateCode Value: HE
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 01:45:47	Name: countryCode Value: DE
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 01:45:47	Name: cityCode Value: FRANKFURT
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 01:45:47	Name: isMobile Value: false
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 01:45:47	Name: isTablet Value: false
bloggingdirty.com/wp-content/plugins/fansided-shortcodes/dist	1970-01-20 01:45:47	Name: userDevice Value: desktop
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 01:45:47	Name: stateCode Value: HE
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 01:45:47	Name: countryCode Value: DE
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 01:45:47	Name: cityCode Value: FRANKFURT
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 01:45:47	Name: isMobile Value: false
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 01:45:47	Name: isTablet Value: false
bloggingdirty.com/wp-content/themes/fansided-v5/assets/images	1970-01-20 01:45:47	Name: userDevice Value: desktop
bloggingdirty.com/safeview-redirect	1970-01-20 01:45:47	Name: stateCode Value: HE
bloggingdirty.com/safeview-redirect	1970-01-20 01:45:47	Name: countryCode Value: DE
bloggingdirty.com/safeview-redirect	1970-01-20 01:45:47	Name: cityCode Value: FRANKFURT
bloggingdirty.com/safeview-redirect	1970-01-20 01:45:47	Name: isMobile Value: false
bloggingdirty.com/safeview-redirect	1970-01-20 01:45:47	Name: isTablet Value: false
bloggingdirty.com/safeview-redirect	1970-01-20 01:45:47	Name: userDevice Value: desktop
cdn.mmctsvc.com/commercial-api	1970-01-20 01:45:47	Name: stateCode Value: HE
cdn.mmctsvc.com/commercial-api	1970-01-20 01:45:47	Name: countryCode Value: DE
cdn.mmctsvc.com/commercial-api	1970-01-20 01:45:47	Name: userPlatform Value: desktop
.scorecardresearch.com/	1970-01-20 18:52:31	Name: UID Value: 1E7fa156340d38c01e91d261647343018
.doubleclick.net/	1970-01-20 01:35:43	Name: test_cookie Value: CheckForPermission
.bloggingdirty.com/	1970-01-20 01:37:09	Name: _gid Value: GA1.2.324742270.1647343019
.bloggingdirty.com/	1970-01-20 01:35:43	Name: _gat_UA-1577313-14 Value: 1
.bloggingdirty.com/	1970-01-20 19:06:55	Name: _ga_NB8RD6J3M6 Value: GS1.1.1647343019.1.0.1647343019.60
.bloggingdirty.com/	1970-01-20 19:06:55	Name: _ga Value: GA1.1.456173218.1647343019
.bloggingdirty.com/	1970-01-20 03:45:19	Name: _fbp Value: fb.1.1647343019180.1987955531
.facebook.com/	1970-01-20 03:45:19	Name: fr Value: 0ftNkGB9G1GosLF0A..BiMHWr...1.0.BiMHWr.
.bloggingdirty.com/	1970-01-21 03:52:31	Name: _awl Value: 2.1647343019.0.5-70b23d0ecad00dc182465d2b17e4f6e9-6763652d6575726f70652d7765737431-0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bloggingdirty.com/safeview-redirect/tc_frame.html Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
analytics.google.com
app.fansided.com
assets.revcontent.com
audit-tcfv2.quantcast.mgr.consensu.org
bloggingdirty.com
c.amazon-adsystem.com
cdn.equalweb.com
cdn.fansided.com
cdn.mmctsvc.com
cdn.wazimo.com
cdn3.optimizely.com
connect.facebook.net
d3ujids68p6xmq.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gammamaximum.com
images2.minutemediacdn.com
ls.skimresources.com
memorizeneck.com
native.sharethrough.com
p.skimresources.com
platform.twitter.com
promotions.minutemediaservices.com
quantcast.mgr.consensu.org
r.skimresources.com
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
test.quantcast.mgr.consensu.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.72
104.89.31.187
108.156.253.114
108.156.255.177
108.157.4.121
142.250.184.198
142.250.185.98
151.101.130.217
151.139.128.11
18.66.248.124
2.16.186.17
2600:9000:218f:1200:3:a4cd:8380:93a1
2600:9000:223f:4a00:8:48e:53c0:93a1
2600:9000:2251:9a00:1:4290:76c0:93a1
2600:9000:2315:9c00:9:46dc:4700:93a1
2600:9000:2490:d200:1b:3a6c:1300:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:450
2606:4700:20::681a:c5f
2a00:1450:4001:808::200e
2a00:1450:4001:813::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9b
2a00:1450:400e:801::2008
2a02:26f0:1700:14::b856:fb44
2a02:26f0:ef::5c7b:c27a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.92.52
34.120.117.212
35.190.48.184
35.190.59.101
35.190.91.160
35.201.67.47
35.201.98.64
95.101.27.12
96.16.142.89
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077ca0d42ae02c98cd3cbb16adade5d96666d87e66154ec019e73faf22ca2071
0a919ef477d47a8e6e7cdfb4da000abe193428a1b14ee072016c843d90bc5953
0b3268e3aacd1abc25b093c7774f71ae4d98b603f309b357f9ad9d43c45996be
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
11ff0217d0ead18e32c634c0cdaedcb6928a2cb279b898770df70b950a29dd2e
14e6ca0167f6a25b412bfd7b0061ab643215a6de77d9799977a393096f4ae781
15214e2e579c336fdac00479139530f8d39c71f3f898601d738411fb79b11f21
1553d8e603896b256320a6c7e3f86b0858cca0ff5da54294630e5b8dc48173ae
15c735bd02458e72073643ea2bdd3e182d54c8fb556a3c15c9f586eac6b22d57
1a097255933748819c0889cd9efc7715dab930e03ce29f71b7396fd2ebc462d1
2221391c40c8af2b6e518e0f22b47497e540acb1d9602cf3a26351a78ef3b1f5
26fe96ea7c69caeac2b8dfc436160088038644e7734d32d27ae507030ff2d850
292f629c17560efa4ebe4e2ba0f8ed027e162ed92b8b61d3685754fb0ba672c1
2f28abe358edbac612a26d0c71639459a2c85b22ed214cfaa068191ac729c94b
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
334a98eaeec325cbc84a300e98e133aae9fac74e682f34d11bf0cea7236781f1
35fee54d1936ef02f161aeb36334a12a8dafdf581b4f59567f273d6f53092ea4
384e6c21bf9819fef4ca15bfc88df4b2db1776e45e52cb0afb68a4aed77ccf66
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
4100e8d8f69b8d1694edafab221529f8486d5e36784f100e1cca7b8033e897df
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
4f0001f4ee1319171ac0a746977bf60e277c84e39b5a149d233b189f30ff1d4e
514247d9134353de55e54ffe3fff383359617dd2e5a27de1b1038f1f28ac1946
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a45cb3b53a01acfe497a2aef2aaef9a4e121901a540c15c6a211bb857023d6f
6626d955670bb766fa4d7b59966addecf6b488506e21f73f343dc88b9872a2f7
68d4f7f16f4dc745363bb4541a1de458687ef3ec8f31200ea4133f9e655e2ae6
6aebfc66594ff40ffeb27b0e2918d474a44926c55427b910d870c9431ef5c04c
6d93065d9a7261a8f971d72b6b8b801cd6c7d173fae247060a552529ef5904ba
701182bb2073640a17f07c27aa4cd2fbf35f9ccdfe9692288f6f30f70c2e989f
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c4379ae888a737fd330f0c964e263b1a64a51a7a69a5c76f3dc049a7f1b325a
7e15a863cf5c93621c44996060e5447c45cc117c446a350a00ec4b4266075bb0
819141dfc76b472e08dbbdd19291a1d06be66f32d9e858dd65751f204480e489
82e16ee1bcf32a940c622c4a318be5da2e337c1278e6226131ca1c6f73001ae1
8399b3debed8835d14dfebc86d3f6a2a6f8c699096fad29b5672f4df20772f45
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b42a20b243b7081f9f5ea51eb72a39895d468943af3c7ba14f7ac176e547c6c
8cbe58e7b75950663828e63fcfd3ac80435bfac0d824b61cb5ed03119b4a45d9
8d7ea423aa6b3c67d811ba1ce6367a67b5880166d717fcd9d582f13e88047497
8e885457ba20624b6b2ce062f0c9f63adaa4e8b215cf068bdf701a6c819b9e5d
986824b06c6bfc47f856f675d5fc565b02d0c24c563fc8e41ee703c639b298a9
9b126307e7d0a88a5fbc31c45cca7e3ebba07fc55c29bfd630583dd266229c00
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9e70a4b3af12458aecb0bfa24bbf028bab9a22bef5217816c14efd7900fce87b
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29d19254b64f37328ceccb95bc1010f85a0a40ce3dfc715d46f7ab85d66da25
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a590d83536ee74cde7e99173d44e2deafff928a6206b2cf00ac973e537170a8c
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a70f80824ada4357f22aaa4d7ba5811cb5878fb578db9a8c42440ba535a608d5
adafa859ac987f6759710ec24cdc864032f43fa594553595be43a4160f1ecd5a
b053ebd2eeb5e4d473405015c41e7e173f8561c3bbe0f81974a38e85552058dd
b0f9acc2facbbbf8a8d2c056a0be3238c6b28354369e5b21ff15ac38f49810ec
b29019bab391863c1652d28d09112d15ddc6c10940526826cbde474bf07d75e2
b2f930658634b1bee750fdc6c453faacd9e79849856324dcc211b0627f4a059a
b393f9c320cbb557f0344993c5e65ca72f6f771ecd4f773fa6a2fd3f1ac36b6c
b83515e428658c736b469ebfc03554305ecddceac58b991b0f39acc6d9f60492
beb6d4ed9e70b9f611405b8e7e5c09782669c6f434fa81f990cc3690adfd6f20
bf6a57bf02ea97f3fd6fcf4c74bef9fc794403864163924cce942f20761972da
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c889d3593066c74eae7b8f0ee34c61dbe7c6a57a1807830e7c29bd807781fac6
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdcfe798d0f7bac375a28b5ebe918d9b150d67f7cb8eea40ea956ac579f65f95
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d28d4385e676eee83ede9ba68ac4653992b89e1febc1e083f14d01ee3571976a
d413265e397f3abe46d14104b1ccc23464119c9094d76623ff79eeb76274b12d
d80a9fbd9c4a76d5d7c6b14e635088b322863f7a78f61508df1e77342669e0ec
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e15eac693e39938e3189dc27f25824c01c534aa3e2be9dc26d8de81480749109
e34b926a2ff7f4c74d5afac4ee629afec8f012757e86c2225aa5df5c5e1f94b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4601ead5891c34bb1150f1581cdccc813904f98ad0e9edaee0cf48cd2fee97f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f406858bf1219aa8c05a27e32c9b22def23bddbe252dcc3df278e09872117681
f85b1102e6c5a07e5c1a79bbf137201b832e80b578fb9243a0a24cc21f93ca35
f9d25963747cf7c6b1686d7382e4c4131a2b6aa19a50aed7d2cef52f6c7929cc
fa5df64f12cb36a6efd7ee53d3ec3176fcb76c0b5eb83e186c9a7d50654d0e00
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

bloggingdirty.com Open in urlscan Pro 2a02:26f0:ef::5c7b:c27a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

99 %HTTPS

50 %IPv6

30 Domains

41 Subdomains

40 IPs

4 Countries

1823 kBTransfer

6363 kBSize

36 Cookies

75 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bloggingdirty.com Open in urlscan Pro
2a02:26f0:ef::5c7b:c27a Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

99 %
HTTPS

50 %
IPv6

30
Domains

41
Subdomains

40
IPs

4
Countries

1823 kB
Transfer

6363 kB
Size

36
Cookies

101 HTTP transactions
0 data transactions