urlscan.io logo urlscan.io
SecurityTrails logo

blogqpot.com Open in urlscan Pro
216.158.229.70  Public Scan

Go To Rescan Add Verdict Report
URL: http://blogqpot.com/
Submission: On May 31 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 41 HTTP transactions. The main IP is 216.158.229.70, located in United States and belongs to IS-AS-1, US. The main domain is blogqpot.com.
This is the only time blogqpot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 216.158.229.70 19318 (IS-AS-1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 13.224.194.133 16509 (AMAZON-02)
1 3 139.45.197.236 9002 (RETN-AS)
10 10 2606:4700:303... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 188.114.96.3 13335 (CLOUDFLAR...)
1 52.222.236.3 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
41 16
4    216.158.229.70 (United States)

ASN19318 (IS-AS-1, US)
PTR: blogqpot.com
blogqpot.com
googglet.com
www.googglet.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    13.224.194.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-133.fra2.r.cloudfront.net
d2ghscazvn398x.cloudfront.net
3    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
go.oclaserver.com
cobalten.com
10    2606:4700:3034::6815:3209 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dwuser.com
10    2606:4700:3032::ac43:c6b5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dwuser.com
6    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
ranopportunityt.com
1    52.222.236.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-3.fra56.r.cloudfront.net
adthereissome.info
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
20 dwuser.com
www.dwuser.com
1 MB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 33
3 KB
4 ranopportunityt.com
ranopportunityt.com
2 KB
4 cloudfront.net
d2ghscazvn398x.cloudfront.net
117 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
21 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 13643
c.statcounter.com — Cisco Umbrella Rank: 9051
15 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 27873
101 KB
2 cobalten.com
cobalten.com — Cisco Umbrella Rank: 667348
27 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817
31 KB
2 googglet.com
googglet.com
www.googglet.com
2 KB
2 blogqpot.com
blogqpot.com
10 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
73 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11120
541 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 adthereissome.info
adthereissome.info
536 B
1 oclaserver.com
go.oclaserver.com — Cisco Umbrella Rank: 954106
305 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
33 KB
0 Failed
function sub() { [native code] }. Failed
41 18
Domain Requested by
20 www.dwuser.com 10 redirects blogqpot.com
6 accounts.google.com 4 redirects blogqpot.com
4 ranopportunityt.com 1 redirects blogqpot.com
4 d2ghscazvn398x.cloudfront.net blogqpot.com
d2ghscazvn398x.cloudfront.net
2 www.google-analytics.com blogqpot.com
www.google-analytics.com
2 pogothere.xyz d2ghscazvn398x.cloudfront.net
2 cobalten.com blogqpot.com
go.oclaserver.com
2 maxcdn.bootstrapcdn.com blogqpot.com
2 blogqpot.com blogqpot.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com blogqpot.com
1 www.googglet.com googglet.com
1 my.rtmark.net go.oclaserver.com
1 www.facebook.com blogqpot.com
1 adthereissome.info d2ghscazvn398x.cloudfront.net
1 go.oclaserver.com 1 redirects
1 code.jquery.com blogqpot.com
1 googglet.com blogqpot.com
0 null Failed d2ghscazvn398x.cloudfront.net
41 21

This site contains links to these domains. Also see Links.

Domain
driverlayer.com
Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
adthereissome.info
Amazon RSA 2048 M01		 2023-05-05 -
2024-06-02		 a year crt.sh
ranopportunityt.com
GTS CA 1P5		 2023-05-30 -
2023-08-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-09 -
2023-06-07		 3 months crt.sh
rtmark.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh

This page contains 2 frames:

Primary Page: http://blogqpot.com/
Frame ID: 65B4EF80B4C9D6738EA45292628BF087
Requests: 40 HTTP requests in this frame

Frame: http://null/a3pOdHQKGC0ZSx4IIklRWTxrRjIPSCkcBwgbNAIaWEN2DFoIFiEBEA0IIRoARRQrAFFZPCw6LDJIADImPD0YHCcKSgsSIQwWJzAxLj4KIwM/MgsiFiQRGDghW0sjNiYtKBtGJjMqIgAzCBELOSEMFiUxDBsiGR45Ii8IOhUlDSY8MS0vOSJEGDkLHTI+KX8AFicWORUjByw2Ng4qPgkZJTooDy0XIks5LSEHCSQmGCY/DDAEKS85JTExKxgtNgM8IBBFJj8MNzoIPQ81NQgrF0QxHCAlICEqOQYsMSMoIhAxITwlICU9P3wsHFI5CyMuESs5WSEvHykuNS4NFB88OUsrJTAHIBsDJlgZHxAzPBZ+UUYtLwg5MSk+ACUyPUssEiYpPwwYF1MoNhgWPiILPDkqGQguDB89CTUyAjslJS0pLRcwIRwrCz5FOisYRC1SPwsmAyotLTcjKi8NFx8pNmgeBwQUPkkREkh+ExMMSiw8GRk
Frame ID: C6DE7B8269B661F51724DBDB446C3087
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

32 %
HTTPS

56 %
IPv6

18
Domains

21
Subdomains

16
IPs

5
Countries

1725 kB
Transfer

2370 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css HTTP 307
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Request Chain 3
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js HTTP 307
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Request Chain 6
  • http://go.oclaserver.com/apu.php?zoneid=1185183 HTTP 302
  • http://cobalten.com/apu.php?zoneid=1185183
Request Chain 7
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
Request Chain 8
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
Request Chain 9
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
Request Chain 10
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
Request Chain 11
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
Request Chain 12
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
Request Chain 13
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
Request Chain 14
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
Request Chain 15
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
Request Chain 16
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
Request Chain 22
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneEuld9sF4oAD78y9wWB8bE8JHxADx-vhZlj9VTNDGvzDduTZX4yKAWMm314GlgNRpwStAjf9Q HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S419960301%3A1685533672835516&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqORgPfztrkhSyYplWqIBPiMel69FggQsWIjD3lO-WKM526RS1jd4pr6GRR5kIiw6s-iJkA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 23
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGAv4Jt8ck-mnfw-I3jtg4GqFtKiMhXBvtwtRpS3-YvisjjYxtJmKTDoo1W5N2TbdPkRYSIdg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S604737671%3A1685533672826720&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXugUgVkW1kyQgmHKe4mqmnb6DAMp3cDtEfSTXMD3w0CBCtAqxldKmWKU3JVrJXVkxYjgGYQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 24
  • http://ranopportunityt.com/popunder.gif HTTP 301
  • https://ranopportunityt.com/popunder.gif

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blogqpot.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://blogqpot.com/
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
4fd6e3b0ebf6f90a062b6ae7215ff9d3165ae74082f4c2c37e8934abb9d77dc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
Keep-Alive
content-encoding
gzip
content-length
3882
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 11:47:52 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
styleDesk.css
googglet.com/imgs/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://googglet.com/imgs/assets/styleDesk.css
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
91db94d2d3f0fefb1ed7f967eac612ce1b3490477b1c95d3a0510edd53b24fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
gzip
last-modified
Sat, 31 Oct 2015 14:41:58 GMT
server
LiteSpeed
etag
"136b-5634d336-2818b2;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
1388
expires
Wed, 07 Jun 2023 11:47:52 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/
Redirect Chain
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
864
age
8246307
cdn-cachedat
02/24/2022 14:58:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fbe7e6fea753e22c4e1fd8ba1cf2b066
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cfefc0a9dae9a15-FRA
cdn-requestpullsuccess
True

Redirect headers

Location
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jquery-1.8.2.min.js
code.jquery.com/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.8.2.min.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-16cfb"
vary
Accept-Encoding
x-hw
1685533672.dop004.fr8.t,1685533672.cds136.fr8.hn,1685533672.cds201.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33384
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/
Redirect Chain
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
10902005
cdn-cachedat
2021-08-02 20:17:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5ff25f9a1c8a5b9bb60761eb541fc458
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cfefc0a9daf9a15-FRA
cdn-requestpullsuccess
True

Redirect headers

Location
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jquery.popupoverlay.js
blogqpot.com/assets/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://blogqpot.com/assets/jquery.popupoverlay.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
04fb607d71bd2d670cb60d3b91ee53885340cd6581eed67e72056bd875bdcfa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 18:39:43 GMT
server
LiteSpeed
etag
"7496-590a23ef-1a010e;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
5827
expires
Wed, 07 Jun 2023 11:47:52 GMT
/
d2ghscazvn398x.cloudfront.net/ 		326 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
13.224.194.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-133.fra2.r.cloudfront.net
Software
/
Resource Hash
7c49ce11ee6388326d00be692e152185cf0e87add77190c543144878fed78d44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
gzip
Via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
117309
X-Amz-Cf-Id
PC3uf0m8QteT2D5HD2bA_esnR-vBWJRpnNGePWGkm60sEtZ6L0X6xg==
apu.php
cobalten.com/
Redirect Chain
  • http://go.oclaserver.com/apu.php?zoneid=1185183
  • http://cobalten.com/apu.php?zoneid=1185183
63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cobalten.com/apu.php?zoneid=1185183
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9c2ca5a4612390392804aa277dff0a1343ce69f82f930a71a7aa1244c33984d3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 11:47:52 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
fe9af395ce838e484c4dc52488a31e5d
Pragma
no-cache
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires
Tue, 11 Jan 1994 10:00:00 GMT

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
http://cobalten.com/apu.php?zoneid=1185183
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
138
7.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4282cd1cd6aeda3960f5a6dcfcf1b7e2e973c213291ff4c56f214bbf8da9bc71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"151d6-58d61f8bf5ff7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEaKxnfLIIvzc98cXdwFyt8yisXAJ%2BKQgI5GeqGWee6vqqaszZZ9IoVwuSaQ8VLKHLdjqCqTpF3KHbnwMD9eGhVWvHxqy33A%2BK5mQVIoRH8%2BGHtTr70CyAk4iqcdcQz995hi%2BkaMc9ZXNwuvGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0c5c999b2d-FRA
alt-svc
h3=":443"; ma=86400
content-length
86486

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hlt%2BKz1IRshCQqrkwlmIwxiK1rKgYziX6WkpIaL984BbRc%2FBq3flxjLr1Sg0R8SAEk0WRE2HOrz1K48Xp8gCmdFFZYe05EU6ffecwSxXtytk4Bzn4ViqpqyzCiGHlenE4POb%2FZ3Fyv4UcQ58kA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0c1b78196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
1.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b0967706a16fe52d6db96de7e05ddbd0cfa72dcdaf3f164089def25d27e0d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"27323-58d61f8bf0237"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQVOvEH6GBiDsKqALwAbf4gytA%2BfQ37pm6CAm5dvAxyYg%2BNOq%2Biwuw84O5r%2FuYrK7umBevUXZuQ63KzQCNumOHzj59lU37A37Y0u1HXwns3w2fLFE6rb7ZWOSNPyJcXqIedaQih%2FQfKLNt9eQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0c8ce29b2d-FRA
alt-svc
h3=":443"; ma=86400
content-length
160547

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkP42kwEcBHL%2FcxSq7Ti%2BH1WU1MFfBYAfRq%2F5WP3%2BwbO%2B0QtHvYK3CJ5X1rcEj8pqYD1czcZFXQblZqEfoe8EAiuRpFGmr%2BbowRo32YKc1CML4YbVBxx4KWF5Pq5uk%2FmBia4csQAcu3TJQYznw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0c7c04196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
2.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ba4b3d465cc0c1b1f7ea418006776dc57bbbf0da5df975749e65399009a931

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"18564-58d61f8bf2177"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3hVGga1gNWAEtTlvL8P7lffyF8MqFGBywNT7PDbGKe4FKDCBf8SEtaK4YhxQui3TPTnETKAQK%2B6X%2B4Wn8KePMAjZ0FG4se%2FCRgAN%2FrRqjLkPraxDikbqe%2B5%2BRPeeQ7kF%2BWFX%2B5MXg6vAZT7xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0cb87e691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
99684

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx4C7fibUrAWNoNT%2F%2Fhqz%2BpLwvozYT6T1ts1epyuNc%2BDGuYovNjVP1l5HD9OnJHGeoaduJWIapFCMbvoSNlq732ZP7EZK6aPj8YNo3%2FCJ%2BJfU9PUm5aT4PdLwkn2oLY0xUist5d2jI5X%2BdEnZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0cac41196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
3.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d057014ad14f9d6ed7a6f13651e1c69f1607c72853ff4697a3b644fa2705e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"2ac29-58d61f8beb417"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzW86cfE9t%2B54c0yP9DOtaBRe0KgvjbOfQqjti0sUhW6Idi6r3HeVrnRrP8gUdv7PCFTqONuOR%2F%2B%2BeNCBX1gRvt4N2%2Fx7mrjaVMZyiMncAsmkKnv%2F9%2BNPOaqDfZmDRjVU15djaBFfic%2BgUPyKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0d092c691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
175145

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeTBrTkmqbqORRwyilqsNc81iUqDTYEnPopBd1735sPh91C782ghnY%2F%2BtyrAtuC5gyC7KWijSBh4QIi65bqwajDDXU%2F6BEKts4lr9OQv%2FBmSV%2BbPp4KRetPT9LVQdlhUJbrVajdGMNKKSE0Hdg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0cfcd3196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
10.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d94731bd0ff2965f0ec51f2e8c4f84c93ac4b241eb1c499ee17c06548c7875

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"112ca-58d61f8bf40b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3yDzvGV87bJyLnk5aIvqzbtJeT%2BLHANGEu0re95c4ND8JUsLO7BhY%2BpoybZ7q3dkPIA5SKAiwjXT5PrgdO0jiJQSCbOJhHvBC32C7uwUlm%2BtVIGPjqFlcAaS%2FTWRnVv94x8eMVyNcpvEBPwuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0d4989691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
70346

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx56pwQyM8QAOWHmU47gReDTtxpG2SwJ0reDVpyAqLKttihI9wxdt%2BxBy60F%2BMNe7ASP0DsxGNe7v1H1RrkJoDX64n2%2FmTmF62RjTiE5A0sN2M5%2FrqOX62SD4EfT%2FIzhvp4vf0olo4aIS1U9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0d3d1f196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
4.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd20cc8d121d6d0cd3d435fde61e650b9a4a06b49d658999d54fbdce32c3aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"25c92-58d61f8bee2f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hGQFiv4tfbk4Q69YrxHmURCeq5RYn%2FsEl5IqDWLVL68Khs06f7yROYQRP8N55uyKN58XmbKr0JSMTFAKocS7OYB9fQzHJPr2quOcmvnJLn7jM8Tp9oPHTjgtkNpZ13DszMnv5Os8UqV2oZyzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0d6a12691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
154770

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BVmlVVRyYoOIX9Vgjqmsu4wTRUvR9rZXFCOYkmhos8r7rNmBScf1HAzCQTpG8oJQfLjffG7p9wrgvsKhJzTnNFxo8dS6xKMWr4DAI6cPAHfrHx0peckAkoWwCgJ95HcKeEOpGzEom1rwFdygA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0d5d51196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
5.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473bd7e311ce56491d5babd8f60bb6800c89bb662af6b35837ad1d22d007c051

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"267dd-58d61f8bf8ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG5JRR9vjOWnfBEAwuh3pLNxt3cwoRCtHeevHd3pbJGdwe33wJv2CyYZekUQtGq8TTkQNnNvdQUolJpvgkGjBRUqaCKMkql%2BSkZT6MYFr0JmZOgDfpqAejs7F7iO0GVukzMkAacL0TStq70uag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0daa62691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
157661

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imA3Rk9UtaKkTLC%2FYAdTzRE34yId3Xk1vz2tlg3FU38yEwKbvK3yjaq2FHbIvHFTIKP1dhWTRQ37CKMo6pkGFGXQ784WhMMBpXtKp3AOdoo%2Fduu3YLgjQGMPKYoOy9kgvi1xqCIZwzuGrBOFvg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0d9d9e196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
6.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4208a6ed7f0866df21c15943e708bf729a21555999394d563d307171972012

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"2aeff-58d61f8bf5057"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncBiQCm4hGvfFYYwsaq61uHNdTyIldmPn4LTc5ikSkVicI2lAyKd77DwXiPpHUdRH%2FDNZ5jtLkNhctHQaClX6Xmy3CuFI%2Fmbp5g%2F%2Fp%2FuA5UEH2DikcRHZe27m4vzqSvhX1ogC40tPQCIw71UEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0ddaa3691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
175871

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUkoJVoqeiWQiWTySj5UgCFF77%2BlbxGqXv0nc7rrexPWLYdQMIiz21kBuI7MdgejRG6S8M24fr908LvrNYcrK7PTDadLG43SziwQOihdb3ZS5Wti6Zr197QeqtMCLFp5V6uhrusm0dvYlrrSzA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0dbdd0196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
8.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e4125e895980c68684b37e4f5ca8b79eb69131d0f99f0d26af48809f7ea9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"1c190-58d61f8bed357"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ13bUivEOwuIDLwY%2FDXucK3cxPAR80lFU8f4Z%2FPdxv2wPeq3Gaa6vMy%2F%2FStFp0D31RWcVT%2BfC%2FSsob12G7pBNwu5u%2FvkDGEeqCFb0n7TgLOI1y4Am%2BYZGBbrChg8Sqe1VkL0Xxg%2FBZezyvbfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0e7bb1691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
115088

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35Ky1jNxvzzujGPBf3hHMFKX4WO7kfYNICffHRC%2FPu1pAyckes9p6KU3vTuX2%2BGgBxt75rV%2F1fDmLmkWrEHREuKhUhYMqz0YgOGTDfG9ObaMvpgrKHNb6B7baE3b4sfm5OVmaYseBKVHC0akNg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0dde10196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
9.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2606:4700:3032::ac43:c6b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af6cb5865c4910485c6b9a21adec0f6ce502847dde490c6042b6eed0245bf81

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
338
etag
"1de4e-58d61f8bf11d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EkTGvVXVKlahUxu8PtYkqt7fAzNr13sb63jjQYR3Z8FEKZGR9QXoz80dY4tkzUDp0cUxkwEHFeT%2Fo%2ByFRXVWa8jioi%2BJtKtbRrAZD0YUDftlvMy6IhId1DpUteCzITXyQWwy0iWQFqOHeGIhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfefc0e8bd3691b-FRA
alt-svc
h3=":443"; ma=86400
content-length
122446

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtPyft7nzXn%2F9w1zEERiBdbRbngQlVnHVcvSJnVyinqZN%2BQyZ32LJCUlpm57VoSPhFtyWKWQlRszNobHo7W6IiDbdnv3K4Py4KIvrPIlxrtUYFx8g%2Bt2CZhJNXbp%2B9zbw%2FmMhJDhcFmhMj%2BNTw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0e6ece196a-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 31 May 2023 11:45:38 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://blogqpot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GpvPa85OH3asnLZ8DPvy0jfqellrvX%2FRXxEUqyHBErrSF0i5fbJ5eVRS16%2BAZLh%2BttyWVALIHI4%2B%2B3mZvlTcW1FGuQCDsz3JNg7ycD9ChE52tOzsbpy6bv9AV%2B76%2FII"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7cfefc0e1e06907c-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c29e36a25bdbc4c5a946c6d3f55e17ba954499cc53bbbaf686fb4794f1f47ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SobSTudayhmp%2Fe3TOvqN%2B7DzfsVH%2FYdbRAzDpuoU7OQdne7n4MwowWWb5Hi77hmtu5Rl1Ua0moqSXczJ1DC9Spl39eHSEf6Qb4OhEpZCS5yXBJGbp1MBXb1H9KQk4DYJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://blogqpot.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7cfefc0e1e08907c-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
adthereissome.info/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adthereissome.info/utx?cb=nBApOyk6WdRg&top=blogqpot.com&tid=622295
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-3.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 11:47:52 GMT
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://blogqpot.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
NKkl8ukOqyZM18qK39pEWqFGI25bb4lUPsdNhD050-vOsWNUHNGn3A==
bgFCQX1rD0BGeGoO
ranopportunityt.com/OXd0TlgWSBc9ZW8aGC8BVy0YFh9VJSZ8DmAWGCoQYEYyOg5sMlI6MV1KQnxqC05BaChQE0l/fkoDFTotSkpFaDFXERtzfk9KRWBrDVlHfHYLUQFzaR8DBC8/BEZSPixNG0l/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/OXd0TlgWSBc9ZW8aGC8BVy0YFh9VJSZ8DmAWGCoQYEYyOg5sMlI6MV1KQnxqC05BaChQE0l/fkoDFTotSkpFaDFXERtzfk9KRWBrDVlHfHYLUQFzaR8DBC8/BEZSPixNG0l/bgFCQX1rD0BGeGoO
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJs%2F6mgVTm3cpkQFk0%2B7FIC7BbLmxEVPgFv3CHe0ytlzGzDbUKJwKaS%2BrZ5Pq1xqsRih0OUtfNTzSXQ2uxh397p3iskmIA5v2%2BZRvssRp3RKnszRukr%2BVLD9c0BsJyew3GVGbhxm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cfefc0e99a98fd7-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneEuld9sF4oAD78y9wWB8bE8JHxADx-vhZlj9VTNDGvzDduTZX4yKAWMm31...
  • https://accounts.google.com/v3/signin/identifier?dsh=S419960301%3A1685533672835516&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqORgPfztrkhSyYplWqIBPiMel69FggQsWIjD3lO-WKM...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S419960301%3A1685533672835516&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqORgPfztrkhSyYplWqIBPiMel69FggQsWIjD3lO-WKM526RS1jd4pr6GRR5kIiw6s-iJkA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Wed, 31 May 2023 11:47:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xDttr9VD_Jcy7UmvzlShkA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S419960301%3A1685533672835516&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqORgPfztrkhSyYplWqIBPiMel69FggQsWIjD3lO-WKM526RS1jd4pr6GRR5kIiw6s-iJkA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGAv4Jt8ck-mnfw-I3jtg4GqFtKiMhXBvtwtRpS3-YvisjjYxtJmKT...
  • https://accounts.google.com/v3/signin/identifier?dsh=S604737671%3A1685533672826720&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXugUgVkW1kyQgmHKe4mqmnb6DAMp3cDtEfSTXMD3w0C...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S604737671%3A1685533672826720&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXugUgVkW1kyQgmHKe4mqmnb6DAMp3cDtEfSTXMD3w0CBCtAqxldKmWKU3JVrJXVkxYjgGYQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Wed, 31 May 2023 11:47:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-p9wO4orUSrnftf-iKF2wpg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S604737671%3A1685533672826720&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXugUgVkW1kyQgmHKe4mqmnb6DAMp3cDtEfSTXMD3w0CBCtAqxldKmWKU3JVrJXVkxYjgGYQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
ranopportunityt.com/
Redirect Chain
  • http://ranopportunityt.com/popunder.gif
  • https://ranopportunityt.com/popunder.gif
35 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/popunder.gif
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 15:06:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
74472
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BB9lUd%2BcxuJefJvOc5fkElxvxzaGlDOHnNh0eESsxhc8IzREAWfcVBKEiuyX%2FuiX8z9R6oU4OYhE6OgWM09EtQXxKm8b7JP%2FtT8KsaWGVD4LtonIcWGN%2FoGrpr4Qefb%2FORjO3Vi"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7cfefc0ea9b78fd7-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 31 May 2023 11:47:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TwDsMYD%2FNBdumpVk1fgSLUjbgx%2BeAj7cZuK2xELh74w5Rb7tTT3JKaLKI84JoXj1JRG%2F2Wbsw66QKBvXV7K5AVq9dgpy2YmXDGPFKrtlv4JfDEh2Z0IedSfgMXK02oWdiuzLb6m"}],"group":"cf-nel","max_age":604800}
Location
https://ranopportunityt.com/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfefc0e88b0365c-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 12:47:52 GMT
MTRnSlYeCwQ5a39YFzMEAwAmKxNVQzALEF5nCQQzdQYfCTV3V0E+P1UJUX1jBwxfbCZYUFp7bhdHEysiREdae3BYWgElaxdCWnt4ARpVZGUXQVp7cEVEBi1rABIXPiJdCVZ8bgQBVHlgBgZRfm4
ranopportunityt.com/ 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunityt.com/MTRnSlYeCwQ5a39YFzMEAwAmKxNVQzALEF5nCQQzdQYfCTV3V0E+P1UJUX1jBwxfbCZYUFp7bhdHEysiREdae3BYWgElaxdCWnt4ARpVZGUXQVp7cEVEBi1rABIXPiJdCVZ8bgQBVHlgBgZRfm4
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2%2F2VrCvG06ZEDKBJ5f7D2ZN1O%2FcdKYhAvOGvuP5OV5N1lmQYs1tV9gDyPrvsojo7LQIVyaM3m1InOgVB2s88R%2Bb9LWmTIoe1vuNy%2FgzK3aiMryfYlGxqPr2Zu9r3Mn0il%2B9NbVs"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cfefc0e99ab8fd7-FRA
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/ 		65 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=5a9c4253414a4ee2b3e8f890f92e88a8
Requested by
Host: go.oclaserver.com
URL: http://go.oclaserver.com/apu.php?zoneid=1185183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ee585c0f9e7d75812c9a6a72489c7c9bdc682c1c86806a2c0147a48a7822d7bf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://blogqpot.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
search.png
www.googglet.com/img/ 		378 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.googglet.com/img/search.png
Requested by
Host: googglet.com
URL: http://googglet.com/imgs/assets/styleDesk.css
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
e098299739463998895c7f2bf91fd9c73faa9cd5524b100d11fa3c9f5e79684e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://googglet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
last-modified
Wed, 02 Sep 2015 04:50:14 GMT
server
LiteSpeed
etag
"17a-55e68006-240ec3;;;"
content-type
image/png
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
378
expires
Wed, 07 Jun 2023 11:47:52 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 May 2023 10:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4338
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 31 May 2023 12:35:34 GMT
counter.js
www.statcounter.com/counter/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd

Request headers

Referer
http://blogqpot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 31 May 2023 11:47:52 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
User-Cache-Control
max-age=43200
Age
26837
Transfer-Encoding
chunked
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection
keep-alive
Last-Modified
Tue, 30 May 2023 15:58:18 GMT
Server
cloudflare
ETag
W/"ae4f-5fceb459ac651"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
CF-RAY
7cfefc0eaef62c73-FRA
Expires
Wed, 31 May 2023 16:20:35 GMT
collect
www.google-analytics.com/j/ 		15 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=57436076&t=pageview&_s=1&dl=http%3A%2F%2Fblogqpot.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1498017680&gjid=1795139425&cid=1236758068.1685533673&tid=UA-85219586-1&_gid=485942565.1685533673&_r=1&_slc=1&z=1214920938
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9eb9993a5fe5aff724a591032dea5feacbf29f35020f675d1ceda6857b0479cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://blogqpot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 May 2023 11:47:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://blogqpot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cobalten.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://cobalten.com/?rb=WVXUzqsKonX9qKPfMDFUYZMm-5aS_HNh5_U4Q8cOdyeDaX_O8S0LJK39msEbixbo9sTIQ0PA-3i-1gSpNO5UJTkqawuNqvj8vbnZjGfcVJKlw0tv0EnWZrWXpAsglnPTNee1seFjK6ure8_b7WrfjPNuHhtTf6jDK2vIQ6KfYPlCT-U508DzqLjJk6xIb1zx64t03cPrkJUOF-0om-3-O1adlpOZqULT9zbntuXiSeLnfitO6KBUE9uveDtU801ehB67K2GxlK8eIztYN54gjg%3D%3D&request_ab2=0&zoneid=1185183&js_build=iclick-1.548.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Fblogqpot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-1.548.0&bs=a7d33fd7-e86b-414c-9650-cedbc0c2a3f9&userId=5a9c4253414a4ee2b3e8f890f92e88a8&m=link
Requested by
Host: go.oclaserver.com
URL: http://go.oclaserver.com/apu.php?zoneid=1185183
Protocol
HTTP/1.1
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
87a3d5752555ab983a013e0f5fc2de9609ab9a827963942cdc10f7ab8b326952
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 11:47:52 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
6d6cc4c81f226b86a6b07a7c3817bb3e
Pragma
no-cache
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://blogqpot.com
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires
Tue, 11 Jan 1994 10:00:00 GMT
t.php
c.statcounter.com/ 		192 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=11106452&u1=822577BA39774FF490EB67ED1952FA29&java=1&security=fd67f294&sc_snum=1&sess=c61bc8&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//blogqpot.com/&t=&invisible=1&sc_rum_e_s=1489&sc_rum_e_e=1498&sc_rum_f_s=0&sc_rum_f_e=1478&get_config=true
Requested by
Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
http://blogqpot.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
7cfefc0f2b649bfb-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XG3M1RYT42&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
091e7bd4f3c82be874c19098d00e278d4b43e4f60d866b1fe802002003fe7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74676
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 May 2023 11:47:52 GMT
ocmxlUjcRAws0CAYFAW8BQF5XawJUBhY9WQJRLSAECggyZA8jBTd0QwgIWGIRHg0LNQpUCQsxCkNKBDZVT1xDJkcdB1grUh8GBiFdChsfdEITUQg9TRsACTMSQCpQfAdXXlV6QBsCAT1AAUlXYlkGSVdiBkJCVXcEMElXYkAbAlNmEkEuQGAHClpRexJAXA-QiRx4...
d2ghscazvn398x.cloudfront.net/ 		675 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d2ghscazvn398x.cloudfront.net/ocmxlUjcRAws0CAYFAW8BQF5XawJUBhY9WQJRLSAECggyZA8jBTd0QwgIWGIRHg0LNQpUCQsxCkNKBDZVT1xDJkcdB1grUh8GBiFdChsfdEITUQg9TRsACTMSQCpQfAdXXlV6QBsCAT1AAUlXYlkGSVdiBkJCVXcEMElXYkAbAlNmEkEuQGAHClpRexJAXA-QiRx4JEjdVGQURdwU0WVZlGUFaQGAHWgcNJloeSVcREkBcCTtcF0lXYlAXDw49HldeVTFfAAMINxJAKlRjBFxcS2cBRV5LYwVESVdiRBMKBCBeV14jZwRFQlZkEQdRVGsPRF1RawdBWFBhB0VVUw
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
HTTP/1.1
Server
13.224.194.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-133.fra2.r.cloudfront.net
Software
/
Resource Hash
a474de24498d100dd1c50a43ad84e33661f57ebd62b67ea1729832a261ab07a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 11:47:53 GMT
content-encoding
gzip
Via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
497
X-Amz-Cf-Id
1oXpWCDvNl2FkoIuYd5C6DqZI-EiBX_TkP4Amar3CBo4HVgoe349jw==
DDAEKS85JTExKxgtNgM8IBBFJj8MNzoIPQ81NQgrF0QxHCAlICEqOQYsMSMoIhAxITwlICU9P3wsHFI5CyMuESs5WSEvHykuNS4NFB88OUsrJTAHIBsDJlgZHxAzPBZ+UUYtLwg5MSk+ACUyPUssEiYpPwwYF1MoNhgWPiILPDkqGQguDB89CTUyAjslJS0pLRcwI...
null/a3pOdHQKGC0ZSx4IIklRWTxrRjIPSCkcBwgbNAIaWEN2DFoIFiEBEA0IIRoARRQrAFFZPCw6LDJIADImPD0YHCcKSgsSIQwWJzAxLj4KIwM/MgsiFiQRGDghW0sjNiYtKBtGJjMqIgAzCBELOSEMFiUxDBsiGR45Ii8IOhUlDSY8MS0vOSJEGDkLHTI+KX8A... Frame C6DE 		0
0
R1lAcD1UW09uflheT2Z7XV9FZn9QXA
d2ghscazvn398x.cloudfront.net/7anZWSGkJGTguVh4fMnVfXUNgcFFMHCUnBxpLESsqPTk+BCAdIC8FOCUecDwTDktmbgULGDF1Tw8YNXVYTBcyKlRaUCMpVAcZLCEFBhdzei9fWGZtW1peISEHDhkhO0xYRjg8TFhGZ3hHWlNlCkxYRiEhB1xCc3srT0RmMF... 		203 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d2ghscazvn398x.cloudfront.net/7anZWSGkJGTguVh4fMnVfXUNgcFFMHCUnBxpLESsqPTk+BCAdIC8FOCUecDwTDktmbgULGDF1Tw8YNXVYTBcyKlRaUCMpVAcZLCEFBhdzei9fWGZtW1peISEHDhkhO0xYRjg8TFhGZ3hHWlNlCkxYRiEhB1xCc3srT0RmMF9eX3N6WQsGJiQMHRM0IwAeU2-QOXFlBeHtfT0RmYAICAjskTFg1c3pZBh89LUxYRjEtCgEZf21bWhU+OgYHE3N6L1tHZWZZRENgf1tER2R+TFhGJSkPCwQ/bVssQ2V/R1lAcD1UW09uflheT2Z7XV9FZn9QXA
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
HTTP/1.1
Server
13.224.194.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-133.fra2.r.cloudfront.net
Software
/
Resource Hash
c812ccce01800fe53197848a668831597f6867dadc9376ab2bb48838706906a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
gzip
Via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
198
X-Amz-Cf-Id
-5k4C3EonScz_7v99OOQ4WBJlJkq5lzVT-ESQqaNVgsm2jn9-Q5dPA==
IHlaODAoKFs2b3MCAnl6ZHYHfz0oKlM4PTJhBWckNWEFZ3txagdyeQNhBWc9KCoBY29yBhJlejlyA35vc3RWJzotIUAyKCotQ3-J4B3EEYGRychJlemkvXyMnLWEFFG9zdFs+ISRhBWctJCdcOGNkdgc0IjMrWjJvcwIGZnlvdBlifHZ2GWZ4d2EFZzkgIlYlI2R2...
d2ghscazvn398x.cloudfront.net/WRDdXSkEnWDksfjBeM3d3cwJhcnhiXSQlLzQKPCt0NVETAjEmdSQDDydiIWw1PlNqemcoVjktfGJSOSl8dRE2LiN5B3E/ 		292 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d2ghscazvn398x.cloudfront.net/WRDdXSkEnWDksfjBeM3d3cwJhcnhiXSQlLzQKPCt0NVETAjEmdSQDDydiIWw1PlNqemcoVjktfGJSOSl8dRE2LiN5B3E/IHlaODAoKFs2b3MCAnl6ZHYHfz0oKlM4PTJhBWckNWEFZ3txagdyeQNhBWc9KCoBY29yBhJlejlyA35vc3RWJzotIUAyKCotQ3-J4B3EEYGRychJlemkvXyMnLWEFFG9zdFs+ISRhBWctJCdcOGNkdgc0IjMrWjJvcwIGZnlvdBlifHZ2GWZ4d2EFZzkgIlYlI2R2cWJ5dmoEYWw0eQ
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
HTTP/1.1
Server
13.224.194.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-133.fra2.r.cloudfront.net
Software
/
Resource Hash
2281bdb06de69bc1a82a9eac11880be16f31df53c35d5506f413712c7da833a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 11:47:52 GMT
content-encoding
gzip
Via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
252
X-Amz-Cf-Id
OEhHPRwgZhnXyutK0JmUrw6FlzDN5p8zNrAjdtQZfd9BopYrw93biA==
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XG3M1RYT42&gtm=45je35o0&_p=57436076&cid=1236758068.1685533673&ul=en-us&sr=1600x1200&ir=1&_eu=EBA&ngs=1&_s=1&sid=1685533672&sct=1&seg=0&dl=http%3A%2F%2Fblogqpot.com%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XG3M1RYT42&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 11:47:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://blogqpot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dz5dZ0gGLlV1fFMiXlUMQ28ABAhNcEdYVUhkBhdCATdDREJIYgQXWBswWAwXA2sGHwFbZRkBFwEmVlYMRHBoDABDbgIEAkZgAAYJRWc
null/MTF1VjceDhYlCmsBBQBgZ2cnME1VXhcHZkJ/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
null
URL
http://null/a3pOdHQKGC0ZSx4IIklRWTxrRjIPSCkcBwgbNAIaWEN2DFoIFiEBEA0IIRoARRQrAFFZPCw6LDJIADImPD0YHCcKSgsSIQwWJzAxLj4KIwM/MgsiFiQRGDghW0sjNiYtKBtGJjMqIgAzCBELOSEMFiUxDBsiGR45Ii8IOhUlDSY8MS0vOSJEGDkLHTI+KX8AFicWORUjByw2Ng4qPgkZJTooDy0XIks5LSEHCSQmGCY/DDAEKS85JTExKxgtNgM8IBBFJj8MNzoIPQ81NQgrF0QxHCAlICEqOQYsMSMoIhAxITwlICU9P3wsHFI5CyMuESs5WSEvHykuNS4NFB88OUsrJTAHIBsDJlgZHxAzPBZ+UUYtLwg5MSk+ACUyPUssEiYpPwwYF1MoNhgWPiILPDkqGQguDB89CTUyAjslJS0pLRcwIRwrCz5FOisYRC1SPwsmAyotLTcjKi8NFx8pNmgeBwQUPkkREkh+ExMMSiw8GRk
Domain
null
URL
http://null/MTF1VjceDhYlCmsBBQBgZ2cnME1VXhcHZkJ/Dz5dZ0gGLlV1fFMiXlUMQ28ABAhNcEdYVUhkBhdCATdDREJIYgQXWBswWAwXA2sGHwFbZRkBFwEmVlYMRHBoDABDbgIEAkZgAAYJRWc

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery number| LAST_CORRECT_EVENT_TIME object| utr_622295 number| userTrackingInterval number| _3648961283 number| _448764338 object| win object| zfgstorage object| znzxdiebm2 object| zfgformats function| onClickTrigger boolean| zfgonclickfirst object| syncCallbacks boolean| zfgloadedpopup string| GoogleAnalyticsObject function| ga number| sc_project number| sc_invisible string| sc_security string| scJsHost object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _statcounter object| dataLayer function| Hr3xdW68QiR function| GcCWOhLIwVyMQOh function| ka5qfDHpbBsINcUv object| google_tag_manager number| iinf

10 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 1986149034530796@1@1685533672
my.rtmark.net/ Name: ID
Value: 5a9c4253414a4ee2b3e8f890f92e88a8
.blogqpot.com/ Name: _gid
Value: GA1.2.485942565.1685533673
.blogqpot.com/ Name: _gat
Value: 1
blogqpot.com/ Name: prefetchAd_1185183
Value: true
.blogqpot.com/ Name: sc_is_visitor_unique
Value: rx11106452.1685533673.822577BA39774FF490EB67ED1952FA29.1.1.1.1.1.1.1.1.1
.blogqpot.com/ Name: _ga_XG3M1RYT42
Value: GS1.1.1685533672.1.0.1685533672.0.0.0
.blogqpot.com/ Name: _ga
Value: GA1.1.1236758068.1685533673
.statcounter.com/ Name: is_unique
Value: sc11106452.1685533672.0
.statcounter.com/ Name: is_visitor_unique
Value: 1685533672275613862

5 Console Messages

Source Level URL
Text
javascript warning URL: http://blogqpot.com/(Line 311)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://blogqpot.com/(Line 311)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S604737671%3A1685533672826720&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneHXugUgVkW1kyQgmHKe4mqmnb6DAMp3cDtEfSTXMD3w0CBCtAqxldKmWKU3JVrJXVkxYjgGYQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S419960301%3A1685533672835516&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFLqORgPfztrkhSyYplWqIBPiMel69FggQsWIjD3lO-WKM526RS1jd4pr6GRR5kIiw6s-iJkA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: http://null/MTF1VjceDhYlCmsBBQBgZ2cnME1VXhcHZkJ/Dz5dZ0gGLlV1fFMiXlUMQ28ABAhNcEdYVUhkBhdCATdDREJIYgQXWBswWAwXA2sGHwFbZRkBFwEmVlYMRHBoDABDbgIEAkZgAAYJRWc
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adthereissome.info
blogqpot.com
c.statcounter.com
cobalten.com
code.jquery.com
d2ghscazvn398x.cloudfront.net
go.oclaserver.com
googglet.com
maxcdn.bootstrapcdn.com
my.rtmark.net
null
pogothere.xyz
ranopportunityt.com
region1.google-analytics.com
www.dwuser.com
www.facebook.com
www.googglet.com
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
null
104.20.218.77
13.224.194.133
139.45.195.8
139.45.197.236
188.114.96.3
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
216.158.229.70
2606:4700:3032::ac43:c6b5
2606:4700:3034::6815:3209
2606:4700::6812:bcf
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200d
2a03:2880:f177:83:face:b00c:0:25de
52.222.236.3
04fb607d71bd2d670cb60d3b91ee53885340cd6581eed67e72056bd875bdcfa3
091e7bd4f3c82be874c19098d00e278d4b43e4f60d866b1fe802002003fe7395
1a4208a6ed7f0866df21c15943e708bf729a21555999394d563d307171972012
2281bdb06de69bc1a82a9eac11880be16f31df53c35d5506f413712c7da833a3
29ba4b3d465cc0c1b1f7ea418006776dc57bbbf0da5df975749e65399009a931
2af6cb5865c4910485c6b9a21adec0f6ce502847dde490c6042b6eed0245bf81
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
4282cd1cd6aeda3960f5a6dcfcf1b7e2e973c213291ff4c56f214bbf8da9bc71
473bd7e311ce56491d5babd8f60bb6800c89bb662af6b35837ad1d22d007c051
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4fd6e3b0ebf6f90a062b6ae7215ff9d3165ae74082f4c2c37e8934abb9d77dc4
6d057014ad14f9d6ed7a6f13651e1c69f1607c72853ff4697a3b644fa2705e75
7c49ce11ee6388326d00be692e152185cf0e87add77190c543144878fed78d44
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87a3d5752555ab983a013e0f5fc2de9609ab9a827963942cdc10f7ab8b326952
8c29e36a25bdbc4c5a946c6d3f55e17ba954499cc53bbbaf686fb4794f1f47ac
91db94d2d3f0fefb1ed7f967eac612ce1b3490477b1c95d3a0510edd53b24fb3
9c2ca5a4612390392804aa277dff0a1343ce69f82f930a71a7aa1244c33984d3
9eb9993a5fe5aff724a591032dea5feacbf29f35020f675d1ceda6857b0479cc
a474de24498d100dd1c50a43ad84e33661f57ebd62b67ea1729832a261ab07a3
b4e4125e895980c68684b37e4f5ca8b79eb69131d0f99f0d26af48809f7ea9fd
c2b0967706a16fe52d6db96de7e05ddbd0cfa72dcdaf3f164089def25d27e0d1
c812ccce01800fe53197848a668831597f6867dadc9376ab2bb48838706906a3
e098299739463998895c7f2bf91fd9c73faa9cd5524b100d11fa3c9f5e79684e
e1d94731bd0ff2965f0ec51f2e8c4f84c93ac4b241eb1c499ee17c06548c7875
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ee585c0f9e7d75812c9a6a72489c7c9bdc682c1c86806a2c0147a48a7822d7bf
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fbd20cc8d121d6d0cd3d435fde61e650b9a4a06b49d658999d54fbdce32c3aaf