urlscan.io logo urlscan.io
SecurityTrails logo

naughtychicksfordate.com Open in urlscan Pro
2606:4700:30::681c:1edb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://presepaceq1979.blogspot.com.au/
Effective URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Submission: On May 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 28 HTTP transactions. The main IP is 2606:4700:30::681c:1edb, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is naughtychicksfordate.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 26th 2018. Valid for: a year.
This is the only time naughtychicksfordate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:30:... 13335 (CLOUDFLAR...)
2 209.197.3.15 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 205.185.208.52 20446 (HIGHWINDS3)
28 10
7    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
presepaceq1979.blogspot.com.au
presepaceq1979.blogspot.com
themes.googleusercontent.com
lh3.googleusercontent.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
6    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:81b::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
resources.blogblog.com
www.blogger.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
7    2606:4700:30::681c:1edb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
naughtychicksfordate.com
2    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
Domain Requested by
7 naughtychicksfordate.com naughtychicksfordate.com
6 fonts.gstatic.com presepaceq1979.blogspot.com
naughtychicksfordate.com
4 presepaceq1979.blogspot.com presepaceq1979.blogspot.com
2 maxcdn.bootstrapcdn.com naughtychicksfordate.com
1 code.jquery.com naughtychicksfordate.com
1 cdnjs.cloudflare.com naughtychicksfordate.com
1 fonts.googleapis.com naughtychicksfordate.com
1 lh3.googleusercontent.com presepaceq1979.blogspot.com
1 www.blogger.com presepaceq1979.blogspot.com
1 www.google.com presepaceq1979.blogspot.com
1 resources.blogblog.com presepaceq1979.blogspot.com
1 themes.googleusercontent.com presepaceq1979.blogspot.com
1 www.gstatic.com presepaceq1979.blogspot.com
1 presepaceq1979.blogspot.com.au 1 redirects
28 14

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
*.googleusercontent.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.blogger.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-12-26 -
2019-12-26		 a year crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Frame ID: AF86E8AF453433B2F96555F6D58AD118
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://presepaceq1979.blogspot.com.au/ HTTP 302
    https://presepaceq1979.blogspot.com/ Page URL
  2. https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.blogspot\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

28
Requests

100 %
HTTPS

80 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

1008 kB
Transfer

1531 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://presepaceq1979.blogspot.com.au/ HTTP 302
    https://presepaceq1979.blogspot.com/ Page URL
  2. https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://presepaceq1979.blogspot.com.au/ HTTP 302
  • https://presepaceq1979.blogspot.com/

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
presepaceq1979.blogspot.com/
Redirect Chain
  • https://presepaceq1979.blogspot.com.au/
  • https://presepaceq1979.blogspot.com/
70 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
8ec57a25d74f35f832e2816fab87f081688fbe693e645034b6817718be4490b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
presepaceq1979.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
expires
Fri, 17 May 2019 12:50:44 GMT
date
Fri, 17 May 2019 12:50:44 GMT
cache-control
private, max-age=0
last-modified
Wed, 01 May 2019 01:00:41 GMT
etag
W/"355606284530c91df1f4d34d79137d73c60097e8ba0a4364df5dfd97c45e6f7b"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
15616
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
location
https://presepaceq1979.blogspot.com/
content-type
text/html; charset=UTF-8
content-encoding
gzip
date
Fri, 17 May 2019 12:50:43 GMT
expires
Fri, 17 May 2019 12:50:43 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-length
183
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 May 2017 18:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4096
x-xss-protection
0
expires
Fri, 17 May 2019 12:50:44 GMT
sprite_v1_6.css.svg
presepaceq1979.blogspot.com/responsive/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://presepaceq1979.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 11:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 07:18:11 GMT
server
sffe
age
90960
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2244
x-xss-protection
0
expires
Thu, 23 May 2019 11:34:44 GMT
image
themes.googleusercontent.com/ 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
228521
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 May 2019 12:50:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://presepaceq1979.blogspot.com/
Origin
https://presepaceq1979.blogspot.com

Response headers

date
Mon, 25 Mar 2019 20:20:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:01 GMT
server
sffe
age
4552220
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15736
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v19/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://presepaceq1979.blogspot.com/
Origin
https://presepaceq1979.blogspot.com

Response headers

date
Mon, 25 Mar 2019 20:20:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:46 GMT
server
sffe
age
4552227
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15816
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:20:17 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v19/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://presepaceq1979.blogspot.com/
Origin
https://presepaceq1979.blogspot.com

Response headers

date
Mon, 25 Mar 2019 20:27:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:01 GMT
server
sffe
age
4551783
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9900
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:27:41 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v19/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b12b566a4b982d1d9ebdd2f94dbffc73ff39c9f6df112b8752191418538d01e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://presepaceq1979.blogspot.com/
Origin
https://presepaceq1979.blogspot.com

Response headers

date
Mon, 25 Mar 2019 20:24:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:06 GMT
server
sffe
age
4551973
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9760
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:24:31 GMT
3632239517-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/3632239517-indie_compiled.js
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4bee243d19afc2aea7f6e238d4d6eb173f137e76884784e60fbe3c8e802bf8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 14 May 2019 00:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 May 2019 17:30:49 GMT
server
sffe
age
302086
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
45748
x-xss-protection
0
expires
Tue, 21 May 2019 00:55:58 GMT
cookienotice.js
presepaceq1979.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://presepaceq1979.blogspot.com/js/cookienotice.js
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 11:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 07:18:11 GMT
server
sffe
age
90960
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2026
x-xss-protection
0
expires
Thu, 23 May 2019 11:34:44 GMT
4PUpJpDdHqrNInFpJRafrYplQ7Yc_Rr5C2RXnbsOa_8.js
www.google.com/js/bg/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/4PUpJpDdHqrNInFpJRafrYplQ7Yc_Rr5C2RXnbsOa_8.js
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f5292690dd1eaacd22716925169fad8a6543b61cfd1af90b64579dbb0e6bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 16:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2019 14:30:00 GMT
server
sffe
age
851152
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
5157
x-xss-protection
0
expires
Wed, 06 May 2020 16:24:52 GMT
csi.js
presepaceq1979.blogspot.com/b/ 		27 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://presepaceq1979.blogspot.com/b/csi.js?h=4PUpJpDdHqrNInFpJRafrYplQ7Yc_Rr5C2RXnbsOa_8
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
date
Fri, 17 May 2019 12:50:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
12415
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
2905083093-widgets.js
www.blogger.com/static/v1/widgets/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2905083093-widgets.js
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e71b63863dfbd4b79fd95ae95d5a88f8ae781055def150b764c5d6c252e66c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 00:30:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 20:22:11 GMT
server
sffe
age
1254008
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
53421
x-xss-protection
0
expires
Sat, 02 May 2020 00:30:36 GMT
zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35
lh3.googleusercontent.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35
Requested by
Host: presepaceq1979.blogspot.com
URL: https://presepaceq1979.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://presepaceq1979.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:10:37 GMT
x-content-type-options
nosniff
age
2407
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1766
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 May 2019 08:10:37 GMT
Primary Request keysrbgjtgzsx
naughtychicksfordate.com/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac55b023d141ddbe7a54e4e264ac5bc81185d3cfa0742a06be3578b12a4e62df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
naughtychicksfordate.com
:scheme
https
:path
/keysrbgjtgzsx?t=16419
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://presepaceq1979.blogspot.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://presepaceq1979.blogspot.com/

Response headers

status
200
date
Fri, 17 May 2019 12:50:45 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd82a0f1a7e0c3dcd9fa576ec4463d0411558097445; expires=Sat, 16-May-20 12:50:45 GMT; path=/; domain=.naughtychicksfordate.com; HttpOnly uord=2ca8eeb5c62850359008b8d3ef4c05dc; path=/; expires=Sun, 16 May 2021 12:50:45 GMT; max-age=63072000; HttpOnly k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTEwMDQxbQAAAApLSkxqbmVBYlhSbQAAAANoaWRtAAAAHHZHVXZVeHZaaUVkR3RXRWl4a1hPeHJiV2FCRVZtAAAAAmhsZAADbmlsbQAAAAJyZHQAAAAEZAAKX19zdHJ1Y3RfX2QAGEVsaXhpci5UZGV4LlJvdGF0aW9uRGF0YWQADmNsaWNrZWRfb2ZmZXJzdAAAAABkAAhsYW5kaW5nc2wAAAABYgAAAydqZAALc2Vlbl9vZmZlcnNsAAAAAWIAADeeam0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8yZAADbmlsbQAAAAd0cmFja2VybQAAAAUxNjQxOW0AAAADdW5xbQAAAAxCUWhqSlpXbmFZRng.VJ5Y3tWBCxh3Dx4zlrIs5o2v5pvyq-K1FlVm86VvX10; path=/; expires=Sat, 16 May 2020 12:50:45 GMT; max-age=31536000
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d85b8085a07c2ae-FRA
content-encoding
br
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Origin
https://naughtychicksfordate.com

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
css
fonts.googleapis.com/ 		8 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ffd8d673e1f05f1430fb765bc563cfeb3de6063174c16910c6b41a78689ff9ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 May 2019 12:50:45 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 17 May 2019 12:50:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 17 May 2019 12:50:45 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:15:38 GMT
server
cloudflare
etag
W/"5afd483a-ce35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 06 May 2020 12:50:45 GMT
cache-control
public, max-age=30672000
cf-ray
4d85b8095b71d6f9-FRA
served-in-seconds
0.007
index.png
naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/index.png
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff389557f8c9b66cc2e3c58ee971dbdfed1801361df71e8c009a07dc29a118f9

Request headers

Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
cf-cache-status
HIT
status
200
content-length
10493
last-modified
Mon, 13 May 2019 14:41:43 GMT
server
cloudflare
etag
"5cd98227-28fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d85b8095ceac2ae-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 17 May 2019 16:50:45 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Origin
https://naughtychicksfordate.com

Response headers

Date
Fri, 17 May 2019 12:50:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1558097445.dop084.lo4.shc,1558097445.dop084.lo4.t,1558097445.cds097.lo4.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29811
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Origin
https://naughtychicksfordate.com

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
p.js
naughtychicksfordate.com/ 		385 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://naughtychicksfordate.com/p.js?a=135517&cr=12949&lid=65&mh=dkdVdlV4dlppRWRHdFdFaXhrWE94cmJXYUJFVi04NzU5
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50df63803e22e04dd25de26ba1069d9d6ce9ef8ddbacdcb988b8b05a8f01f957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-download-options
noopen
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=14400
cf-ray
4d85b8096cfec2ae-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
expires
Fri, 17 May 2019 16:50:45 GMT
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v13/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic
Origin
https://naughtychicksfordate.com

Response headers

date
Mon, 25 Mar 2019 20:23:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:34 GMT
server
sffe
age
4552047
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13228
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:23:18 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: naughtychicksfordate.com
URL: https://naughtychicksfordate.com/keysrbgjtgzsx?t=16419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic
Origin
https://naughtychicksfordate.com

Response headers

date
Mon, 25 Mar 2019 20:19:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
4552248
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:57 GMT
slide2.jpg
naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/slide2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74fb8249ba87d2edce7b9d291646dd5b5da12a7a1e5b628017053abb202a19e4

Request headers

Referer
https://naughtychicksfordate.com/DE/b82a2de8ec813322bb7eabf35a5c32e8/?a=135517&cr=12949&lid=65&mh=dkdVdlV4dlppRWRHdFdFaXhrWE94cmJXYUJFVi04NzU5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:45 GMT
cf-cache-status
REVALIDATED
status
200
content-length
127617
last-modified
Mon, 13 May 2019 14:41:42 GMT
server
cloudflare
etag
"5cd98226-1f281"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d85b80a7fc7c2ae-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 17 May 2019 16:50:45 GMT
slide6.jpg
naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/slide6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6ee00684c54134c5a30de2615d059da272ea6c30b71de1f222b8cfa833a451

Request headers

Referer
https://naughtychicksfordate.com/DE/b82a2de8ec813322bb7eabf35a5c32e8/?a=135517&cr=12949&lid=65&mh=dkdVdlV4dlppRWRHdFdFaXhrWE94cmJXYUJFVi04NzU5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:48 GMT
cf-cache-status
HIT
status
200
content-length
99256
last-modified
Mon, 13 May 2019 14:41:43 GMT
server
cloudflare
etag
"5cd98227-183b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d85b81b1ac3c2ae-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 17 May 2019 16:50:48 GMT
slide5.jpg
naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/slide5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
655ce86eeac86fd458c2972665f7d443b999a34c543a49b41c90591561cd5d04

Request headers

Referer
https://naughtychicksfordate.com/DE/b82a2de8ec813322bb7eabf35a5c32e8/?a=135517&cr=12949&lid=65&mh=dkdVdlV4dlppRWRHdFdFaXhrWE94cmJXYUJFVi04NzU5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:50 GMT
cf-cache-status
REVALIDATED
status
200
content-length
114505
last-modified
Mon, 13 May 2019 14:41:43 GMT
server
cloudflare
etag
"5cd98227-1bf49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d85b82b6effc2ae-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 17 May 2019 16:50:50 GMT
slide3.jpg
naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naughtychicksfordate.com/assets/a2dd7cca8ddb558f2dc5961b596d46e8/images/slide3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:1edb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e9e93704443300052f91baa5006f43a1be8042bbe325339577394a6c8b9961

Request headers

Referer
https://naughtychicksfordate.com/DE/b82a2de8ec813322bb7eabf35a5c32e8/?a=135517&cr=12949&lid=65&mh=dkdVdlV4dlppRWRHdFdFaXhrWE94cmJXYUJFVi04NzU5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 12:50:53 GMT
cf-cache-status
REVALIDATED
status
200
content-length
155692
last-modified
Mon, 13 May 2019 14:41:42 GMT
server
cloudflare
etag
"5cd98226-2602c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d85b83bfda4c2ae-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 17 May 2019 16:50:53 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| clear_delay function| run_loading_run_1 function| run_loading_1 function| run_loading_run_2 function| run_loading_2 function| run_loading_run_3 function| run_loading_3 function| run_loading_run_4 function| run_loading_4 number| interval string| u

3 Cookies

Domain/Path Name / Value
naughtychicksfordate.com/ Name: k
Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTEwMDQxbQAAAApLSkxqbmVBYlhSbQAAAANoaWRtAAAAHHZHVXZVeHZaaUVkR3RXRWl4a1hPeHJiV2FCRVZtAAAAAmhsZAADbmlsbQAAAAJyZHQAAAAEZAAKX19zdHJ1Y3RfX2QAGEVsaXhpci5UZGV4LlJvdGF0aW9uRGF0YWQADmNsaWNrZWRfb2ZmZXJzdAAAAABkAAhsYW5kaW5nc2wAAAABYgAAAydqZAALc2Vlbl9vZmZlcnNsAAAAAWIAADeeam0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8yZAADbmlsbQAAAAd0cmFja2VybQAAAAUxNjQxOW0AAAADdW5xbQAAAAxCUWhqSlpXbmFZRng.VJ5Y3tWBCxh3Dx4zlrIs5o2v5pvyq-K1FlVm86VvX10
naughtychicksfordate.com/ Name: uord
Value: 2ca8eeb5c62850359008b8d3ef4c05dc
.naughtychicksfordate.com/ Name: __cfduid
Value: dd82a0f1a7e0c3dcd9fa576ec4463d0411558097445

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
naughtychicksfordate.com
presepaceq1979.blogspot.com
presepaceq1979.blogspot.com.au
resources.blogblog.com
themes.googleusercontent.com
www.blogger.com
www.google.com
www.gstatic.com
205.185.208.52
209.197.3.15
2606:4700:30::681c:1edb
2606:4700::6813:c697
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:815::200a
2a00:1450:4001:819::2001
2a00:1450:4001:81b::2009
2a00:1450:4001:820::2003
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
4bee243d19afc2aea7f6e238d4d6eb173f137e76884784e60fbe3c8e802bf8e4
50df63803e22e04dd25de26ba1069d9d6ce9ef8ddbacdcb988b8b05a8f01f957
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
655ce86eeac86fd458c2972665f7d443b999a34c543a49b41c90591561cd5d04
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
74fb8249ba87d2edce7b9d291646dd5b5da12a7a1e5b628017053abb202a19e4
8ec57a25d74f35f832e2816fab87f081688fbe693e645034b6817718be4490b2
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
ac55b023d141ddbe7a54e4e264ac5bc81185d3cfa0742a06be3578b12a4e62df
b12b566a4b982d1d9ebdd2f94dbffc73ff39c9f6df112b8752191418538d01e6
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b6e9e93704443300052f91baa5006f43a1be8042bbe325339577394a6c8b9961
cf6ee00684c54134c5a30de2615d059da272ea6c30b71de1f222b8cfa833a451
e0f5292690dd1eaacd22716925169fad8a6543b61cfd1af90b64579dbb0e6bff
e71b63863dfbd4b79fd95ae95d5a88f8ae781055def150b764c5d6c252e66c7b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff389557f8c9b66cc2e3c58ee971dbdfed1801361df71e8c009a07dc29a118f9
ffd8d673e1f05f1430fb765bc563cfeb3de6063174c16910c6b41a78689ff9ee