gleanerheights.blogspot.com Open in urlscan Pro
2a00:1450:4001:828::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gleanerheights.blogspot.com/
Submission: On January 10 via api (January 10th 2024, 6:46:25 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 112 HTTP transactions. The main IP is 2a00:1450:4001:828::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is gleanerheights.blogspot.com.

This is the only time gleanerheights.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	95.101.54.139 95.101.54.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	184.30.20.74 184.30.20.74	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	95.101.54.217 95.101.54.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
19	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	54.196.26.165 54.196.26.165	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.57.20.29 23.57.20.29	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:20a... 2600:9000:20ab:4c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:1f13:800... 2600:1f13:800:7782:857d:d048:5cf8:98f7	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
112	25

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gleanerheights.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.54.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-139.deploy.static.akamaitechnologies.com

cdn.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.74 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-74.deploy.static.akamaitechnologies.com

store.steampowered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.101.54.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com

store.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.196.26.165 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-26-165.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.20.29 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-20-29.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ab:4c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:857d:d048:5cf8:98f7 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 894 csm.eu.criteo.net — Cisco Umbrella Rank: 7743	208 KB
17	blogspot.com gleanerheights.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 12021 2.bp.blogspot.com — Cisco Umbrella Rank: 16626 4.bp.blogspot.com — Cisco Umbrella Rank: 16814 3.bp.blogspot.com — Cisco Umbrella Rank: 14251	3 MB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	240 KB
14	steamstatic.com cdn.akamai.steamstatic.com — Cisco Umbrella Rank: 9314 store.akamai.steamstatic.com — Cisco Umbrella Rank: 12685	649 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190 static.adsafeprotected.com — Cisco Umbrella Rank: 988 dt.adsafeprotected.com — Cisco Umbrella Rank: 933	106 KB
9	blogger.com www.blogger.com — Cisco Umbrella Rank: 10715	560 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 255 www.google.com — Cisco Umbrella Rank: 6	150 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	20 KB
4	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 21709 www.blogblog.com — Cisco Umbrella Rank: 53052	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	30 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7692 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10138 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14817	16 KB
2	steampowered.com 1 redirects store.steampowered.com — Cisco Umbrella Rank: 4214	4 KB
2	googleusercontent.com 1 redirects blogger.googleusercontent.com — Cisco Umbrella Rank: 10066	4 KB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 6429	1 KB
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1579	343 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
112	16

	Domain	Requested by
19	static.criteo.net	ads.eu.criteo.com static.criteo.net
11	store.akamai.steamstatic.com	store.steampowered.com store.akamai.steamstatic.com
10	pagead2.googlesyndication.com	gleanerheights.blogspot.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
9	www.blogger.com	gleanerheights.blogspot.com www.blogger.com apis.google.com
7	dt.adsafeprotected.com	ads.eu.criteo.com
6	2.bp.blogspot.com	gleanerheights.blogspot.com
6	1.bp.blogspot.com	gleanerheights.blogspot.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	apis.google.com	gleanerheights.blogspot.com apis.google.com www.blogger.com
3	cdnjs.cloudflare.com	static.criteo.net
3	static.adsafeprotected.com	pixel.adsafeprotected.com ads.eu.criteo.com
3	cdn.akamai.steamstatic.com	gleanerheights.blogspot.com store.steampowered.com
3	resources.blogblog.com	gleanerheights.blogspot.com www.blogger.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pixel.adsafeprotected.com	1 redirects ads.eu.criteo.com
2	store.steampowered.com	1 redirects gleanerheights.blogspot.com
2	blogger.googleusercontent.com	1 redirects gleanerheights.blogspot.com
2	i.imgur.com	gleanerheights.blogspot.com
2	4.bp.blogspot.com	gleanerheights.blogspot.com
2	gleanerheights.blogspot.com	gleanerheights.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	servedby.flashtalking.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.blogblog.com	gleanerheights.blogspot.com
1	3.bp.blogspot.com	gleanerheights.blogspot.com
112	29

This site contains links to these domains. Also see Links.

Domain
2.bp.blogspot.com
www.blogger.com
4.bp.blogspot.com
1.bp.blogspot.com
gleanerheights.blogspot.gr
cdn.akamai.steamstatic.com
indiegamepicks.wordpress.com
3.bp.blogspot.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
store.steampowered.com DigiCert SHA2 Extended Validation Server CA	`2023-12-05` - `2024-12-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.akamai.steamstatic.com R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://gleanerheights.blogspot.com/
Frame ID: 13DF1E8C979BFC6C51FAA31BFEC4B1F3
Requests: 42 HTTP requests in this frame

Frame: https://store.steampowered.com/widget/457600/
Frame ID: 575A4F0A6D3BDF2B713B2F895C2AB58C
Requests: 13 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=9003567345528333768&blogName=Gleaner+Heights&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://gleanerheights.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://gleanerheights.blogspot.com/&vt=-1013131122009011098&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__
Frame ID: C061663B687BA4371A071E6F9B6AF116
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html
Frame ID: 7CC00EEFB7CE87AACA6E228A7411FBEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&h=600&slotname=8444344501&adk=2687467163&adf=612511006&pi=t.ma~as.8444344501&w=190&fwrn=4&fwrnh=100&lmt=1691751138&rafmt=1&format=190x600&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1704912380936&bpp=3&bdt=715&idt=187&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3811062847720&frm=20&pv=2&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1082&ady=678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&cms=1&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: FF136265A7F6AE31EBD8AFF17AF96BC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&adk=1812271804&adf=3025194257&lmt=1691751138&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.6&asamct=0.6&dt=1704912380952&bpp=1&bdt=732&idt=182&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=190x600&nras=1&correlator=3811062847720&pv_h_ch=L0001&frm=20&pv=1&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=189
Frame ID: 55D8DD70E9077BBA4B88C0EF59EE25EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Frame ID: DC6C2CBD376E797C9D9FBAD2EE549EFB
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Frame ID: 0BF671466DE34BCF1F8C0DC6D780BD7D
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html
Frame ID: 5294B19F06788CFDC8088B5E4D17C5FF
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8EC861748D85A85C7517CEF39F92D634
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDE72A196DA690E50BAAD5BEEBB81C86
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02BEBA689D461D45701EB3A259578D05
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gleaner Heights

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

90 %
HTTPS

71 %
IPv6

16
Domains

29
Subdomains

25
IPs

3
Countries

5215 kB
Transfer

6968 kB
Size

3
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: https://2.bp.blogspot.com/-RrTvD8_Y_08/WmdThFSiqMI/AAAAAAAAAYA/E5RtZNkvSJAFlyK3JFw0ripRySzEK4CqQCLcBGAs/s1600/Kt0TFAJ.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/06314241759044348333
Title: vdweller

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=3104427488494889958&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=3104427488494889958&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=3104427488494889958&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=3104427488494889958&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=3104427488494889958&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=3104427488494889958&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-d-9JRBGPcy4/WgXt-ktO0iI/AAAAAAAAAXo/yRt7wnovZrUqgA1dPbh9KBymeYJ47ah6QCLcBGAs/s1600/boat.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-4eqqbiLvuHM/WgXtm7P8cEI/AAAAAAAAAXk/fVMiyZ_CE80hkDHddcYn_opt68vq-rMBQCLcBGAs/s1600/underwater.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=5075039667345341943&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5075039667345341943&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5075039667345341943&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5075039667345341943&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5075039667345341943&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5075039667345341943&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://gleanerheights.blogspot.gr/2016/11/sprite-multi-recoloring-shaders-and.html
Title: simple color switch

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-TuS9BmZsg2E/WeSJv9k-C9I/AAAAAAAAAW0/DvUZMwqiAOM-HsSM99VNm_MXKUAaS5q5ACLcBGAs/s1600/strip_roll.png

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-s7TevwQkNn8/WeSSvA18e0I/AAAAAAAAAXU/aNMLwF1RCZYiIPOOhy3Cwm8BiXrFFD7vACLcBGAs/s1600/s5.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-VJBmAH_IjzQ/WeSSupRx7vI/AAAAAAAAAXQ/chJ-VTrrX58vf-eaLH4qIP0TMLtwz_g9wCLcBGAs/s1600/s4.png

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-DvkhSTXpjaU/WeSSuJgUkvI/AAAAAAAAAXI/pPfd0tQgPAMcUXdvD3M9qsyRD3s5aT-cQCLcBGAs/s1600/s3.png

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-MkAdbW8v9uA/WeSSt_CdqXI/AAAAAAAAAXE/VwLO-4FdS-YAg7uoiH4LAlQh_Lmq-l6mACLcBGAs/s1600/s2.png

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-bMxa3pNbsVU/WeSSuKYk1GI/AAAAAAAAAXM/xcuZKq29Gysy5oYd96TACE9Jmrta0gdCwCLcBGAs/s1600/s1.png

Search URL Search Domain Scan URL

URL: http://cdn.akamai.steamstatic.com/steam/apps/668850/ss_970ff9ad159e9638f6c7bff884c3d9a7fb289c15.600x338.jpg

Search URL Search Domain Scan URL

URL: http://cdn.akamai.steamstatic.com/steam/apps/707800/ss_fdfab43486f05d46bfb5ad9c09c07c5d27ea8073.600x338.jpg

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=1917568492910619533&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=1917568492910619533&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=1917568492910619533&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=1917568492910619533&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=1917568492910619533&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=1917568492910619533&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-sP0-rDyNsUw/WawTTxXWmoI/AAAAAAAAAWE/w1UQ5Y_4LFce3o1Cdv7xIRW6PQSeRdpqQCLcBGAs/s1600/chicken.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=7963715159503792296&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=7963715159503792296&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=7963715159503792296&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=7963715159503792296&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=7963715159503792296&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=7963715159503792296&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://indiegamepicks.wordpress.com/2017/07/18/gleaner-heights-interview/
Title: here's an interview from Indie Game Picks

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=4591425708980241421&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=4591425708980241421&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=4591425708980241421&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=4591425708980241421&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=4591425708980241421&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=4591425708980241421&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-5989sYVbeeU/WUY8NyY-6gI/AAAAAAAAAVY/7ID1P1vLZMIE-inpdrZ3E8bRtHJEJKWZwCLcBGAs/s1600/narshe%2Bmines.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-P5O-UkDce5g/WUV_yOW9pRI/AAAAAAAAAVI/GD1XWx0_hywzmgVSBLMJV8d15yE2Kn8TACLcBGAs/s1600/crysta.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=5877012814326105906&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5877012814326105906&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5877012814326105906&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5877012814326105906&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5877012814326105906&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=5877012814326105906&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://3.bp.blogspot.com/-HX7QBLcn50I/WQwogRAxouI/AAAAAAAAAT0/79AISXhtl04ioxBr18AUvu21YfRMtqCegCLcB/s1600/screen1.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=9003567345528333768&postID=8448882479861681277&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=8448882479861681277&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=8448882479861681277&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=8448882479861681277&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=8448882479861681277&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=9003567345528333768&postID=8448882479861681277&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gleanerheights/

Search URL Search Domain Scan URL

URL: https://twitter.com/Gleaner_Heights/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/profile.png HTTP 301
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/profile.png

Request Chain 29

http://store.steampowered.com/widget/457600/ HTTP 302
https://store.steampowered.com/widget/457600/

Request Chain 89

https://pixel.adsafeprotected.com/rfw/st/1278201/71854792/skeleton.js?adsafe_url=http%3A%2F%2Fgleanerheights.blogspot.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA%26u%3D%257ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%253D%257C%26c1%3DjWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%2526client%253Dca-pub-9171029009349482%2526adurl%253D&adsafe_type=d&adsafe_jsinfo=,id:a1027dc5-8d05-1477-fd5c-8bf69d2a3041,c:Vrp0J,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5f89878557-dh5js,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:sky1,mtim:87,mot:0,app:0,maw:0,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:107,oid:8c78e294-afe8-11ee-95e9-aa6d684f7782,v:19.8.471,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

112 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gleanerheights.blogspot.com/ 85 KB
17 KB 322ms
277ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2856c201455e5e44d7c6162dc45debd3d9e76408eff5ccb069ff2880ba179308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 17427
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Jan 2024 18:46:20 GMT
ETag: W/"05eb931ada4f4ef459a8a508473743d6849080199013f3513f8dac2d6dd5a060"
Expires: Wed, 10 Jan 2024 18:46:20 GMT
Last-Modified: Fri, 11 Aug 2023 10:52:18 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 132ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 07 Jan 2025 14:18:13 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 152ms
28ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 18:46:20 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "744e1fa93653e48f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 18:46:20 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 113ms
113ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9003567345528333768&zx=62e13dc8-27a6-4a47-8f72-ddbe084c3af1

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 10 Jan 2024 18:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Jan 2024 18:46:20 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK back.png
1.bp.blogspot.com/-PpWN9MPqeoo/WASwyVHJHwI/AAAAAAAAAKc/CTSccKpOwukxJ7TJRIHzAgzQ63dtlNVewCK4B/s0/ 159 KB
159 KB 609ms
576ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-PpWN9MPqeoo/WASwyVHJHwI/AAAAAAAAAKc/CTSccKpOwukxJ7TJRIHzAgzQ63dtlNVewCK4B/s0/back.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7b7a6093c108a67db62e51e2ee17dfad0888220f47cfc7f3845c6a9835349880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:20 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "va9"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="back.png"
Timing-Allow-Origin: *
Content-Length: 162632
X-XSS-Protection: 0
Expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H/1.1 200
OK header.png
1.bp.blogspot.com/-KFslcdMMh2o/WAS6DI9eMuI/AAAAAAAAAKw/YsUoc-BUG6c6TYrvW0GDaWO1G44kLl4MgCK4B/s1600/ 25 KB
25 KB 430ms
398ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-KFslcdMMh2o/WAS6DI9eMuI/AAAAAAAAAKw/YsUoc-BUG6c6TYrvW0GDaWO1G44kLl4MgCK4B/s1600/header.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a705dde67414439918b881fba457b42e292b4a95d7779ba6aecbb565fb7d9097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:20 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb1"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="header.png"
Timing-Allow-Origin: *
Content-Length: 25126
X-XSS-Protection: 0
Expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 Kt0TFAJ.png
2.bp.blogspot.com/-RrTvD8_Y_08/WmdThFSiqMI/AAAAAAAAAYA/E5RtZNkvSJAFlyK3JFw0ripRySzEK4CqQCLcBGAs/s640/ 200 KB
201 KB 504ms
477ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-RrTvD8_Y_08/WmdThFSiqMI/AAAAAAAAAYA/E5RtZNkvSJAFlyK3JFw0ripRySzEK4CqQCLcBGAs/s640/Kt0TFAJ.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ae17e106b4eabbac72b12ad02732bf19ec871983c3ead7ff9e956c07961c63f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v184"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kt0TFAJ.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205108
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
277 B 24ms
9ms Image
image/gif 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 177906
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 15 Jan 2024 17:21:14 GMT

GET
H2 200 boat.png
4.bp.blogspot.com/-d-9JRBGPcy4/WgXt-ktO0iI/AAAAAAAAAXo/yRt7wnovZrUqgA1dPbh9KBymeYJ47ah6QCLcBGAs/s640/ 401 KB
402 KB 497ms
470ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-d-9JRBGPcy4/WgXt-ktO0iI/AAAAAAAAAXo/yRt7wnovZrUqgA1dPbh9KBymeYJ47ah6QCLcBGAs/s640/boat.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b49531ac2fcc973750ab78465204dc586850dba6063c19ee1a73bf96ec557783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v17b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="boat.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 410969
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 underwater.png
1.bp.blogspot.com/-4eqqbiLvuHM/WgXtm7P8cEI/AAAAAAAAAXk/fVMiyZ_CE80hkDHddcYn_opt68vq-rMBQCLcBGAs/s640/ 214 KB
214 KB 619ms
597ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4eqqbiLvuHM/WgXtm7P8cEI/AAAAAAAAAXk/fVMiyZ_CE80hkDHddcYn_opt68vq-rMBQCLcBGAs/s640/underwater.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

68bd7b1446a46abccd09e9f0195357beadc2a4eeab9c420af71ad2665b19469b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v17b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="underwater.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218760
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 strip_roll.png
2.bp.blogspot.com/-TuS9BmZsg2E/WeSJv9k-C9I/AAAAAAAAAW0/DvUZMwqiAOM-HsSM99VNm_MXKUAaS5q5ACLcBGAs/s640/ 17 KB
17 KB 502ms
476ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-TuS9BmZsg2E/WeSJv9k-C9I/AAAAAAAAAW0/DvUZMwqiAOM-HsSM99VNm_MXKUAaS5q5ACLcBGAs/s640/strip_roll.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3af1d554275cf577ae8ad54153bdffbfb475ced9d994e7866cbcbd1cb3e52d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v16f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="strip_roll.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17517
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 s5.png
4.bp.blogspot.com/-s7TevwQkNn8/WeSSvA18e0I/AAAAAAAAAXU/aNMLwF1RCZYiIPOOhy3Cwm8BiXrFFD7vACLcBGAs/s640/ 355 KB
355 KB 460ms
434ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-s7TevwQkNn8/WeSSvA18e0I/AAAAAAAAAXU/aNMLwF1RCZYiIPOOhy3Cwm8BiXrFFD7vACLcBGAs/s640/s5.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c797114b172c5c485cb93528971496e0d00ffeec1a6825b6bb82d267e3156d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v176"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="s5.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 363233
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 s4.png
1.bp.blogspot.com/-VJBmAH_IjzQ/WeSSupRx7vI/AAAAAAAAAXQ/chJ-VTrrX58vf-eaLH4qIP0TMLtwz_g9wCLcBGAs/s640/ 343 KB
343 KB 639ms
617ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-VJBmAH_IjzQ/WeSSupRx7vI/AAAAAAAAAXQ/chJ-VTrrX58vf-eaLH4qIP0TMLtwz_g9wCLcBGAs/s640/s4.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

821724b079c9b5cc96b2e57dd19e59c28d591c430f7a42cbc8169e7f74cceac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v176"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="s4.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350741
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 s3.png
2.bp.blogspot.com/-DvkhSTXpjaU/WeSSuJgUkvI/AAAAAAAAAXI/pPfd0tQgPAMcUXdvD3M9qsyRD3s5aT-cQCLcBGAs/s640/ 219 KB
219 KB 613ms
588ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-DvkhSTXpjaU/WeSSuJgUkvI/AAAAAAAAAXI/pPfd0tQgPAMcUXdvD3M9qsyRD3s5aT-cQCLcBGAs/s640/s3.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7345fbbe274fe7b80d8acd7ef0b6e521113c80ccd757ef373ff62c9e608345a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v176"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="s3.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 224006
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 s2.png
2.bp.blogspot.com/-MkAdbW8v9uA/WeSSt_CdqXI/AAAAAAAAAXE/VwLO-4FdS-YAg7uoiH4LAlQh_Lmq-l6mACLcBGAs/s640/ 101 KB
102 KB 401ms
400ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-MkAdbW8v9uA/WeSSt_CdqXI/AAAAAAAAAXE/VwLO-4FdS-YAg7uoiH4LAlQh_Lmq-l6mACLcBGAs/s640/s2.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17e7ad263c17f9fe54d8f4f85ef7a875465618003b8e57f9e7fd1bbef8c39973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v176"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="s2.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103923
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H2 200 s1.png
2.bp.blogspot.com/-bMxa3pNbsVU/WeSSuKYk1GI/AAAAAAAAAXM/xcuZKq29Gysy5oYd96TACE9Jmrta0gdCwCLcBGAs/s640/ 330 KB
330 KB 472ms
471ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-bMxa3pNbsVU/WeSSuKYk1GI/AAAAAAAAAXM/xcuZKq29Gysy5oYd96TACE9Jmrta0gdCwCLcBGAs/s640/s1.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b25bf90cae233590154c33f5efa8c17c4fb9763908d6a8f54ec7b20cdfb6fbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v176"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="s1.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337589
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:20 GMT

GET
H/1.1 200
OK ss_970ff9ad159e9638f6c7bff884c3d9a7fb289c15.600x338.jpg
cdn.akamai.steamstatic.com/steam/apps/668850/ 131 KB
131 KB 656ms
631ms Image
image/jpeg 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.akamai.steamstatic.com/steam/apps/668850/ss_970ff9ad159e9638f6c7bff884c3d9a7fb289c15.600x338.jpg
Requested by: Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/
Protocol: HTTP/1.1
Server: 95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e21e2dd6b4a531745c478aabe367ce8b100a0035fa2a9b58a7a2f56e90de3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sat, 19 Aug 2017 05:38:18 GMT
Server: nginx
ETag: "5997ceca-20a39"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=498283
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133689
Expires: Tue, 16 Jan 2024 13:11:04 GMT

GET
H/1.1 200
OK ss_fdfab43486f05d46bfb5ad9c09c07c5d27ea8073.600x338.jpg
cdn.akamai.steamstatic.com/steam/apps/707800/ 150 KB
150 KB 942ms
773ms Image
image/jpeg 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.akamai.steamstatic.com/steam/apps/707800/ss_fdfab43486f05d46bfb5ad9c09c07c5d27ea8073.600x338.jpg
Requested by: Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/
Protocol: HTTP/1.1
Server: 95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f5630c5418950823903ee3fbd0e92c6ba6d20e047ef89d97c6c3b51bd6a9e6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 17 Sep 2017 03:56:08 GMT
Server: nginx
ETag: "59bdf258-256fc"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604797
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153340
Expires: Wed, 17 Jan 2024 18:46:18 GMT

GET
H2 200 chicken.png
2.bp.blogspot.com/-sP0-rDyNsUw/WawTTxXWmoI/AAAAAAAAAWE/w1UQ5Y_4LFce3o1Cdv7xIRW6PQSeRdpqQCLcBGAs/s640/ 389 KB
390 KB 504ms
504ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-sP0-rDyNsUw/WawTTxXWmoI/AAAAAAAAAWE/w1UQ5Y_4LFce3o1Cdv7xIRW6PQSeRdpqQCLcBGAs/s640/chicken.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5f7076f60df8c0785a9c134c293a21b8bd9cde04263cffbb8f5e83bafd9422b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v169"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="chicken.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398540
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:21 GMT

GET
H2 200 narshe%2Bmines.png
1.bp.blogspot.com/-5989sYVbeeU/WUY8NyY-6gI/AAAAAAAAAVY/7ID1P1vLZMIE-inpdrZ3E8bRtHJEJKWZwCLcBGAs/s1600/ 39 KB
39 KB 381ms
381ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5989sYVbeeU/WUY8NyY-6gI/AAAAAAAAAVY/7ID1P1vLZMIE-inpdrZ3E8bRtHJEJKWZwCLcBGAs/s1600/narshe%2Bmines.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

976d9f2d8673ed0ae85422a34eb72e4ca2a17c65dfd9ce5ba7a6f9ed2507ce86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v157"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="narshe mines.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39454
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:21 GMT

GET
H2 200 crysta.png
1.bp.blogspot.com/-P5O-UkDce5g/WUV_yOW9pRI/AAAAAAAAAVI/GD1XWx0_hywzmgVSBLMJV8d15yE2Kn8TACLcBGAs/s1600/ 32 KB
32 KB 631ms
631ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-P5O-UkDce5g/WUV_yOW9pRI/AAAAAAAAAVI/GD1XWx0_hywzmgVSBLMJV8d15yE2Kn8TACLcBGAs/s1600/crysta.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b49464fb4f3728910571942e734434eb181f72dac6ca84fc4a5ada893579bcad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v153"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="crysta.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33117
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:21 GMT

GET
H2 200 screen1.png
3.bp.blogspot.com/-HX7QBLcn50I/WQwogRAxouI/AAAAAAAAAT0/79AISXhtl04ioxBr18AUvu21YfRMtqCegCLcB/s640/ 314 KB
314 KB 487ms
480ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-HX7QBLcn50I/WQwogRAxouI/AAAAAAAAAT0/79AISXhtl04ioxBr18AUvu21YfRMtqCegCLcB/s640/screen1.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4efdacc9720912de56c91a926425f6209c256790a0c5d0f93ad6d6052f9a55d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v143"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="screen1.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321512
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:21 GMT

GET
H2 200 jyf0AmJ.png
i.imgur.com/ 405 B
833 B 42ms
10ms Image
image/png 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/jyf0AmJ.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d6a90f79f134cc5eb020a3f52b46a9a1fbae0c015d85e09fafc7e379ab7adcf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2246595
x-cache: Miss from cloudfront, HIT, HIT
content-length: 405
x-served-by: cache-iad-kcgs7200071-IAD, cache-fra-eddf8230083-FRA
last-modified: Tue, 23 Jan 2018 15:49:53 GMT
server: cat factory 1.0
x-timer: S1704912380.465797,VS0,VE2
etag: "cd3e1f386c4ed3574134f668ae65271a"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UfXjRlPs-2WwTOS1QbSKnZ-EfDc8PI_LjHBjjYTGOxl_XuoTlGnx9Q==
x-cache-hits: 13, 1

GET
H2 200 6JgKijE.png
i.imgur.com/ 480 B
701 B 42ms
10ms Image
image/png 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/6JgKijE.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

03364f3ef15a617035aaef56f224be2a774f25ce8f315ce854bfcbd37100141b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 2860923
x-cache: Miss from cloudfront, HIT, HIT
content-length: 480
x-served-by: cache-iad-kjyo7100144-IAD, cache-fra-eddf8230083-FRA
last-modified: Tue, 23 Jan 2018 15:49:54 GMT
server: cat factory 1.0
x-timer: S1704912380.465757,VS0,VE2
etag: "9192c30e3f3c88ae48a21483a79d031a"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OPmN1yACjbTFGBbYPKYVdtR7WGpBOALLT7koINkeEmO0i3trqtycsQ==
x-cache-hits: 2, 1

GET
H2

200

profile.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/
Redirect Chain

http://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/profi...
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/prof...

3 KB
3 KB

977ms
937ms

Image
image/png

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/profile.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5265d282e43171fd5b8f221773ab2058e167fe33aef564cc08492eb50b3d9345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "vb8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="profile.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2965
x-xss-protection: 0
expires: Thu, 11 Jan 2024 18:46:21 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 18:46:20 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWtYGEShboMjn2s2z-CWRpg1NkGZzL5GfTEeiTLjEJygytZyXtjwhpw8xG3SW-KewcIiEzp6af6UIzIt5fyIrfXVlb6JaUcd50UxltIiFYHb-wSonzwGpjyvkWFoI2iA/s220/profile.png
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 60ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4f9a419630f920109cb9d93016161203feb67a6e1e68b5f5d068e7eb1bb9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54473
X-XSS-Protection: 0
Server: cafe
ETag: 4328426370859935925
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Expires: Wed, 10 Jan 2024 18:46:20 GMT

GET
H/1.1 200
OK cookienotice.js Show response
gleanerheights.blogspot.com/js/ 6 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://gleanerheights.blogspot.com/js/cookienotice.js

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2024 18:05:23 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Wed, 17 Jan 2024 18:46:20 GMT

GET
H2 200 577263412-widgets.js Show response
www.blogger.com/static/v1/widgets/ 161 KB
161 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/577263412-widgets.js

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fba97eb8920d6a89bf0576db418a9369a56a94b5d55e8add37d92ad5c9f6c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:02 GMT
x-content-type-options: nosniff
age: 122358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164704
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 08 Jan 2025 08:47:02 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ 180 KB
60 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653580135391fdad15c54171bfb61cf1e29b292ec872576e903f77c085b49539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61200
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:52:07 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 20ms
10ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 14:17:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 16119
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Wed, 24 Jan 2024 14:17:41 GMT

GET
H/1.1

200
OK

/ Show response
store.steampowered.com/widget/457600/ Frame 575A
Redirect Chain

http://store.steampowered.com/widget/457600/
https://store.steampowered.com/widget/457600/

4 KB
3 KB

368ms
354ms

Document
text/html

184.30.20.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://store.steampowered.com/widget/457600/

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-74.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4e12a8866a76b17aa0723ddb6ffb6bae200141086d221131c4a609225d81c741

Security Headers

Name

Value

Content-Security-Policy

default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://store.akamai.steamstatic.com/ https://store.akamai.steamstatic.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com https://steamcommunity-a.akamaihd.net; object-src 'none'; connect-src 'self' http://store.steampowered.com https://store.steampowered.com http://127.0.0.1:27060 ws://127.0.0.1:27060 https://community.akamai.steamstatic.com/ https://steamcommunity.com/ https://steamcommunity.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://shared.akamai.steamstatic.com/ https://checkout.steampowered.com/ https://*.steamstatic.com https://*.steamcontent.com https://*.valvesoftware.com https://*.steambeta.net https://*.cqloud.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net https://api.steampowered.com https://steamvideo-a.akamaihd.net https://video.st.dl.eccdnx.com https://vd.queniujq.cn https://*.storage.googleapis.com https://sketchfab.com; frame-src 'self' steam: http://www.youtube.com https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://steamcommunity.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://steamcommunity.com/ embed.nicovideo.jp www.escapistmagazine.com player.youku.com www.bilibili.com https://medal.tv;

Strict-Transport-Security

max-age=10368000

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private,max-age=600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1358
Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://store.akamai.steamstatic.com/ https://store.akamai.steamstatic.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com https://steamcommunity-a.akamaihd.net; object-src 'none'; connect-src 'self' http://store.steampowered.com https://store.steampowered.com http://127.0.0.1:27060 ws://127.0.0.1:27060 https://community.akamai.steamstatic.com/ https://steamcommunity.com/ https://steamcommunity.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://shared.akamai.steamstatic.com/ https://checkout.steampowered.com/ https://*.steamstatic.com https://*.steamcontent.com https://*.valvesoftware.com https://*.steambeta.net https://*.cqloud.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net https://api.steampowered.com https://steamvideo-a.akamaihd.net https://video.st.dl.eccdnx.com https://vd.queniujq.cn https://*.storage.googleapis.com https://sketchfab.com; frame-src 'self' steam: http://www.youtube.com https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://steamcommunity.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://steamcommunity.com/ embed.nicovideo.jp www.escapistmagazine.com player.youku.com www.bilibili.com https://medal.tv;
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Jan 2024 18:46:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Server: nginx
Strict-Transport-Security: max-age=10368000
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 10 Jan 2024 18:46:20 GMT
Location: https://store.steampowered.com/widget/457600/
Server: nginx

GET
H2 200 gradients_light.png
www.blogblog.com/1kt/simple/ 403 B
501 B 36ms
7ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogblog.com/1kt/simple/gradients_light.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:50:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 122122
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 16 Jan 2024 08:50:58 GMT

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 17ms
16ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 121951
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 16 Jan 2024 08:53:49 GMT

GET
H/1.1 200
OK logo-16.png
www.blogger.com/img/ 279 B
865 B 15ms
9ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.blogger.com/img/logo-16.png

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 07:21:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Jan 2024 20:06:15 GMT
Server: sffe
Age: 127504
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: image/png
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 279
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Tue, 16 Jan 2024 07:21:16 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame C061 7 KB
3 KB 122ms
122ms Document
text/html 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=9003567345528333768&blogName=Gleaner+Heights&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://gleanerheights.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://gleanerheights.blogspot.com/&vt=-1013131122009011098&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26246d2800c87085eeaa0a0e48b7ac5a853c8542ae53d3f8197eb8301f59663a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2591
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 18:46:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 610ms
610ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=9003567345528333768&zx=62e13dc8-27a6-4a47-8f72-ddbe084c3af1

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 10 Jan 2024 18:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Jan 2024 18:46:21 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame C061 56 KB
21 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=9003567345528333768&blogName=Gleaner+Heights&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://gleanerheights.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://gleanerheights.blogspot.com/&vt=-1013131122009011098&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Vfl3xXWFLmk.O%2Fd%3D1%2Frs%3DAHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a2274a1c8d8429e60f07a4a2c4775b90ea509845a09aba2c286c4116922165

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 18:46:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21942
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "1f1cfac2db865f30"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 18:46:20 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame C061 907 B
930 B 16ms
15ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 122352
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 16 Jan 2024 08:47:08 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame C061 117 B
140 B 16ms
16ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 01:04:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
age: 150116
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 16 Jan 2024 01:04:24 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ Frame C061 134 KB
45 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45668
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 21:12:15 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
137 KB 94ms
74ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9171029009349482&plah=gleanerheights.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b82a4b812d7037b21e8612bcd86e2ec2c0373dc32030382914f37c3fd6de85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139428
x-xss-protection: 0
server: cafe
etag: 10986621078842722036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 18:46:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/ Frame 7CC0 9 KB
4 KB 48ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:00:55 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 19:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK motiva_sans.css
store.akamai.steamstatic.com/public/shared/css/ Frame 575A 3 KB
1022 B 221ms
16ms Stylesheet
text/css 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=Rc2hpzg2Ex3T&l=german

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

218bedd2a2817dfde5f3a900b6204c7e378e1b747ff98ae89aedff2391e4429c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx
ETag: "Rc2hpzg2Ex3T"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=13171670
Connection: keep-alive
Content-Length: 632
Expires: Tue, 11 Jun 2024 05:34:11 GMT

GET
H/1.1 200
OK shared_global.css
store.akamai.steamstatic.com/public/shared/css/ Frame 575A 84 KB
18 KB 204ms
17ms Stylesheet
text/css 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/shared/css/shared_global.css?v=jXNd3MpbXSk-&l=german

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1900ed37b2f031f35d3aa5d765b7c71026e7a111bcbdcd1591f8d031c28be739

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10368000
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx
ETag: "jXNd3MpbXSk-"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=13574771
Connection: keep-alive
Content-Length: 18116
Expires: Sat, 15 Jun 2024 21:32:32 GMT

GET
H/1.1 200
OK buttons.css
store.akamai.steamstatic.com/public/shared/css/ Frame 575A 33 KB
4 KB 187ms
17ms Stylesheet
text/css 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/shared/css/buttons.css?v=CrrkDubPqLcq&l=german

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c54f7e964fabefc31c2df4864777db262e62c3236a293fbd075deaf1d538c2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10368000
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx
ETag: "CrrkDubPqLcq"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=13669629
Connection: keep-alive
Content-Length: 3542
Expires: Sun, 16 Jun 2024 23:53:30 GMT

GET
H/1.1 200
OK store.css
store.akamai.steamstatic.com/public/css/v6/ Frame 575A 133 KB
25 KB 129ms
10ms Stylesheet
text/css 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/css/v6/store.css?v=7phVxkd1akuD&l=german

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ff548512b3096ae8062b4ecb74691941b0689ae162f94ee086eb0ed9727e1f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10368000
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx
ETag: "7phVxkd1akuD"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=15485588
Connection: keep-alive
Content-Length: 25536
Expires: Mon, 08 Jul 2024 00:19:29 GMT

GET
H/1.1 200
OK styles_widget.css
store.akamai.steamstatic.com/public/css/ Frame 575A 5 KB
2 KB 152ms
21ms Stylesheet
text/css 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/css/styles_widget.css?v=tDgjM59TcW-V&l=german

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9351f44c70e737af62552bdb63791ddecd40e303dafb406478bfcf0dcc44bef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx
ETag: "tDgjM59TcW-V"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=13171645
Connection: keep-alive
Content-Length: 1395
Expires: Tue, 11 Jun 2024 05:33:46 GMT

GET
H/1.1 200
OK game.css
store.akamai.steamstatic.com/public/css/v6/ Frame 575A 150 KB
31 KB 168ms
16ms Stylesheet
text/css 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/css/v6/game.css?v=SwuPAv6JujfB&l=german

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

78d6c24cca7ca3f573cb11e30f24577df4b64b94ed51a0f64449cfc12da9164e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10368000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10368000
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx
ETag: "SwuPAv6JujfB"
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=13557044
Connection: keep-alive
Content-Length: 31255
Expires: Sat, 15 Jun 2024 16:37:05 GMT

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
store.akamai.steamstatic.com/public/shared/javascript/ Frame 575A 91 KB
33 KB 229ms
8ms Script
text/javascript 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://store.akamai.steamstatic.com/public/shared/javascript/jquery-1.8.3.min.js?v=.TZ2NKhB-nliU

Requested by

Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Content-Encoding: gzip
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Fri, 05 Jan 2018 22:31:56 GMT
Server: nginx
ETag: ".TZ2NKhB-nliU"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=15213767
Connection: keep-alive
Content-Length: 33382
Expires: Thu, 04 Jul 2024 20:49:08 GMT

GET
H/1.1 200
OK capsule_184x69.jpg
cdn.akamai.steamstatic.com/steam/apps/457600/ Frame 575A 10 KB
10 KB 616ms
158ms Image
image/jpeg 95.101.54.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.akamai.steamstatic.com/steam/apps/457600/capsule_184x69.jpg?t=1532956039
Requested by: Host: store.steampowered.com
URL: https://store.steampowered.com/widget/457600/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-139.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d74b03eea6fda15b0cea1b086ac167c0a8a4d8046fd88376a077d7b72092161b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.steampowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Tue, 12 Apr 2016 21:52:31 GMT
Server: nginx
ETag: "570d6e1f-266b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=573069
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9835
Expires: Wed, 17 Jan 2024 09:57:30 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF13 45 KB
16 KB 444ms
442ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&h=600&slotname=8444344501&adk=2687467163&adf=612511006&pi=t.ma~as.8444344501&w=190&fwrn=4&fwrnh=100&lmt=1691751138&rafmt=1&format=190x600&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1704912380936&bpp=3&bdt=715&idt=187&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3811062847720&frm=20&pv=2&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1082&ady=678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&cms=1&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9171029009349482&plah=gleanerheights.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80dd37ecf8e1ff70b160e91048daa46a5f7636486d27f420af6c19a5093fd10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15775
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 18:46:21 GMT
expires: Wed, 10 Jan 2024 18:46:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55D8 0
180 B 40ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&adk=1812271804&adf=3025194257&lmt=1691751138&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.6&asamct=0.6&dt=1704912380952&bpp=1&bdt=732&idt=182&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=190x600&nras=1&correlator=3811062847720&pv_h_ch=L0001&frm=20&pv=1&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=189

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 18:46:21 GMT
expires: Wed, 10 Jan 2024 18:46:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 42ms
41ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=bg&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: gleanerheights.blogspot.com
URL: http://gleanerheights.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK steam_ico.png
store.akamai.steamstatic.com/public/images/v6/ Frame 575A 2 KB
2 KB 19ms
18ms Image
image/png 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://store.akamai.steamstatic.com/public/images/v6/steam_ico.png

Requested by

Host: store.akamai.steamstatic.com
URL: https://store.akamai.steamstatic.com/public/css/styles_widget.css?v=tDgjM59TcW-V&l=german

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

44abc0a159ae3dbface6ecec68447d666168e623e1045a077574c160f256563b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.akamai.steamstatic.com/public/css/styles_widget.css?v=tDgjM59TcW-V&l=german
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Fri, 05 Jan 2018 22:32:03 GMT
Server: nginx
ETag: "5a4ffce3-820"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2080

GET
H/1.1 200
OK icon_platform_win.png
store.akamai.steamstatic.com/public/images/v6/ Frame 575A 1 KB
1 KB 36ms
17ms Image
image/png 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://store.akamai.steamstatic.com/public/images/v6/icon_platform_win.png?v=3

Requested by

Host: store.akamai.steamstatic.com
URL: https://store.akamai.steamstatic.com/public/css/v6/store.css?v=7phVxkd1akuD&l=german

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-217.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3735b1058c21031892c59d6b52d5f6acd0b3fc435f7dc0f0f8b586df29143624

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.akamai.steamstatic.com/public/css/v6/store.css?v=7phVxkd1akuD&l=german
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Fri, 05 Jan 2018 22:32:03 GMT
Server: nginx
ETag: "5a4ffce3-491"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1169

GET
H/1.1 200
OK MotivaSans-Regular.ttf
store.akamai.steamstatic.com/public/shared/fonts/ Frame 575A 120 KB
120 KB 617ms
166ms Font
application/octet-stream 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://store.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
Requested by: Host: store.akamai.steamstatic.com
URL: https://store.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=Rc2hpzg2Ex3T&l=german
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

Referer: https://store.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=Rc2hpzg2Ex3T&l=german
Origin: https://store.steampowered.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Tue, 28 Jul 2020 23:16:24 GMT
Server: nginx
ETag: "5f20b1c8-1df3c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122684

GET
H/1.1 200
OK MotivaSans-Light.ttf
store.akamai.steamstatic.com/public/shared/fonts/ Frame 575A 120 KB
120 KB 647ms
181ms Font
application/octet-stream 95.101.54.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://store.akamai.steamstatic.com/public/shared/fonts/MotivaSans-Light.ttf?v=4.015
Requested by: Host: store.akamai.steamstatic.com
URL: https://store.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=Rc2hpzg2Ex3T&l=german
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

Request headers

Referer: https://store.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=Rc2hpzg2Ex3T&l=german
Origin: https://store.steampowered.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 18:46:21 GMT
Last-Modified: Tue, 28 Jul 2020 23:16:24 GMT
Server: nginx
ETag: "5f20b1c8-1df24"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122660

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DC6C 39 KB
15 KB 50ms
17ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&h=600&slotname=8444344501&adk=2687467163&adf=612511006&pi=t.ma~as.8444344501&w=190&fwrn=4&fwrnh=100&lmt=1691751138&rafmt=1&format=190x600&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1704912380936&bpp=3&bdt=715&idt=187&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3811062847720&frm=20&pv=2&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1082&ady=678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&cms=1&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1757cf56098aea1e0dc85d700d9ea7445caf48eb888002c3001d5c63d6dedb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 18:46:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4cS0ZGk6F1OvJZrUxw4_wD6Wad5HWeRxmq9SelMW-y7YtvVoNAk5vq9kKnv4DqlW22vzPd6tn-3wJu4KqRa63F9W4FP5Uk4pa4ktPhvta0w7ijks4KiRwpt3cjO0Fhd7d87hHzYCEufBf6YbHjCeQny6OoBnnYrxmAgYmdYVDntWCFrIx25yvd2WICG2vAE936snD-wBtzcYbkz3wk6rfXhRltE4QTXLhQvHRLD2hhiyJEN1kYLw-Z1C0tQJPcSGqOKGhQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3814947
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0BF6 3 KB
1 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 23:09:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0BF6 20 KB
9 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BF6 205 KB
65 KB 67ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 18:46:21 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DC6C 2 KB
1 KB 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DC6C 2 KB
1 KB 40ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DC6C 308 B
636 B 42ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 04 Jan 2025 18:46:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DC6C 293 B
621 B 41ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 04 Jan 2025 18:46:21 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1278201/71854792/ Frame DC6C 59 KB
14 KB 310ms
97ms Script
application/javascript 54.196.26.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1278201/71854792/skeleton.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.196.26.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-26-165.compute-1.amazonaws.com
Software: /
Resource Hash: d3dbea4f605663f57a940291079e37391b79ce29d497a7da5b6d23e70508929b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame DC6C 43 B
348 B 70ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KJMLw0PS463qtM4HGf3AShdcidC7ZVnUDkvEqvvm8umJT5XFyfgninKQAjd9z3d-KUFsTW8xFXBLoM0v6J71M0TKfDZRNMLanoOmY4SpL3ZIyazDb-NslAtdu0HWEAYd35xrah71ygdNbNJDVPZm-Pj9xh2Uo4EyOnANkLjDhrLsfrvaXw25Ps3iSfkf-eUt-f5mk3n_HG-6ktbJDFOBtTB8OPj3bCdh1MYGicnZKOBhY11WZnyXq1oejaUy0K9ErH6l_naLhCupjpLUFHzrTICKYfXlKriHBGwp-nbmbCxRhr7fn8e6JKjgmS1MNU8bMyIhXZQJBaHpZmn9dhIZuwAKO7ih5CqZKsQowMQ0IdpBL-F7KfYRPLYKMMfgDb6sLyD-yoV5jpwhTEt__Gui6TolVEVpZdm5LMqaprXO4mgsEoxx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1588304
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/imp/2/227274;8046789;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMSkyscraperSZ1x1VLRTCPCMOSkiTSE18ReiseinteresseADSS1X1PDCriteoWSky160x600/ Frame DC6C 42 B
343 B 67ms
24ms Image
image/gif 23.57.20.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/imp/2/227274;8046789;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMSkyscraperSZ1x1VLRTCPCMOSkiTSE18ReiseinteresseADSS1X1PDCriteoWSky160x600/?gdpr=1&&cachebuster=1704912381

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.57.20.29 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-57-20-29.deploy.static.akamaitechnologies.com

Software

prod-xre-app17.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 18:46:21 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app17.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Wed, 10 Jan 2024 18:46:21 GMT

GET
DATA 200
OK truncated
/ Frame 0BF6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50c75f6a6228157157e3711b73785087cc20594f2d31d560a8e10bdb812e6ac7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.19.8.471.js Show response
static.adsafeprotected.com/ Frame DC6C 213 KB
66 KB 62ms
15ms Script
application/javascript 2600:9000:20ab:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.471.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1278201/71854792/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:00:17 GMT
x-amz-version-id: X9sw1Zr8bAUw7F7sDeuDh.4SKpCYb.Kd
content-encoding: gzip
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 161166
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jan 2024 20:21:44 GMT
server: AmazonS3
etag: W/"daac96423996349da2447fd453e5f6ab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: cbonbIUE_bvrJkMT5TVIv7Yk_uMu3newV90bH0n0wrOIdHTzlyaqSw==

GET
H2 200 main.html Show response
static.criteo.net/html5/germanwingsde/jan04/160x600/ Frame 5294 7 KB
2 KB 13ms
13ms Document
text/html 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bff6350020e25ae445d47e539562b28ab76ee29fd59ea727fca3a69284e31794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=31104000 public
content-encoding: gzip
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 18:46:22 GMT
etag: W/"659670d0-1c79"
expires: Sat, 04 Jan 2025 18:46:22 GMT
last-modified: Thu, 04 Jan 2024 08:48:16 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 all
csm.eu.criteo.net/ Frame DC6C 0
128 B 40ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=4cS0ZGk6F1OvJZrUxw4_wD6Wad5HWeRxmq9SelMW-y7YtvVoNAk5vq9kKnv4DqlW22vzPd6tn-3wJu4KqRa63F9W4FP5Uk4pa4ktPhvta0w7ijks4KiRwpt3cjO0Fhd7d87hHzYCEufBf6YbHjCeQny6OoBnnYrxmAgYmdYVDntWCFrIx25yvd2WICG2vAE936snD-wBtzcYbkz3wk6rfXhRltE4QTXLhQvHRLD2hhiyJEN1kYLw-Z1C0tQJPcSGqOKGhQ&sds=2&rev=90025&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 18:46:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DC6C 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DC6C 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 style.css
static.criteo.net/html5/germanwingsde/jan04/160x600/css/ Frame 5294 4 KB
1 KB 19ms
18ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee50d5094a0b330e90d608a5116f889d8e573c33767c912fcba546eb5690dd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:44 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670ec-fc4"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 5294 70 KB
25 KB 32ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2856410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25247
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-629f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUMgksCfUzJuzkt9ETEqfZ43%2BkukkzWMFvZBbwZFsh1KzuF%2B%2Fo4%2FOK9tQbVzjzITCCwcrzCJ3%2Bd7ixyvxmYVjvKvf8hq33EpxSNUd0tCAd9aIl2ew8vbXCaoO%2B89zurV764OrPwOnWeBVlNZDZHT2v3S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 843715140dad5c4a-FRA
expires: Mon, 30 Dec 2024 18:46:22 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 5294 2 KB
1 KB 33ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/EasePack.min.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5064176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1193
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftxUoBuQAXrMf62nz0VFsdrtAWjJGBGms8mv4MlZz6ZIvYBsOcarXz3QNKySPNrE5kksloWB1HT4IvXsLwX5da%2BAFNf%2FLsRQXCI6Iy3ni8v2N67D%2FT%2FQRN3QqJY8rL58gOFZMhbXfyrDMfZ9oDfRPss%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 843715140dac5c4a-FRA
expires: Mon, 30 Dec 2024 18:46:22 GMT

GET
H2 200 TextPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 5294 10 KB
4 KB 30ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/TextPlugin.min.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/main.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3594158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2961
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-b91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvh8A%2FiIHcRWT9iM3xTyuvTNtLxqU35CDLnkHY5WlTB6rgISBHvPJDh4HbrZ9FxLmbhDjRFnDDDGxp0x%2FqSLUzkBn98sCl8rdUmxz7mGVCHer%2FJnZKBNHJtAy2bX20LwWelLswRBsXLU4KST4X0%2BljXh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 843715140dab5c4a-FRA
expires: Mon, 30 Dec 2024 18:46:22 GMT

GET
H2 200 hg1.jpg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 43 KB
43 KB 20ms
18ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/hg1.jpg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

35d30e5d02388380776c79d3df9a3ff9de1dfdca8ad351a53173ec34a38671ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:47 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "659670ef-aa87"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43655
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 hg2.jpg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 104 KB
104 KB 43ms
42ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/hg2.jpg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0d58315755ae766647fec32b23d5ce5b100921b7f4d2908eff5cf89c4bd0eb66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "659670f1-19f0e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 106254
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 hg3.jpg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 26 KB
26 KB 37ms
35ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/hg3.jpg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

10f61aef77c0737775deac396d9974ebf4940dda3d4102ec003df00a8f7ccff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "659670f1-66c7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 26311
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 logo.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 7 KB
3 KB 42ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/logo.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

215c1270027360f25eb9e81c6c35166f11ff43ac0348832adf5566f873933da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670f2-1ddf"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 copyphase1.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 4 KB
2 KB 33ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/copyphase1.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

92f379053bb29b33613347baa2969e84cde27d11ba52637c04d11d6f64e9bb4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:44 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670ec-f6c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 copyphase2.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 6 KB
2 KB 32ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/copyphase2.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d91ef100d1876a07f19d3f76ebc1733c9e72b709ad66bac56af08f1e55aa0552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:46 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670ee-1663"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 copyphase3.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 9 KB
3 KB 31ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/copyphase3.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

21fdc883aaf59ad2d38b8e0b573c973d825b8ab46a017215d7282444ce6f20fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:46 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670ee-254a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 cta.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 3 KB
2 KB 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/cta.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

368e46f32f8110386256907d8c1a79d09c466f648367b5333c824eca09641bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:47 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670ef-da0"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 pb.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 7 KB
3 KB 41ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/pb.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

57d03b93eb6d214ffdd202eebf943b2f1884af9e91a951a25b91623a065a1036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670f2-1c5c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 pb2.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 3 KB
2 KB 40ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/pb2.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90fa35861340b438cf49e3604c5727cc07b0e40339697c64dca02dd466892807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:51 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670f3-ddc"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2 200 tag.svg
static.criteo.net/html5/germanwingsde/jan04/160x600/images/ Frame 5294 20 KB
8 KB 53ms
53ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/html5/germanwingsde/jan04/160x600/images/tag.svg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c8dc953524338d79da56810b655fc9442e7cab172ac9c547103c4d4d23562388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.criteo.net/html5/germanwingsde/jan04/160x600/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 08:48:51 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"659670f3-4f72"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:46:22 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame DC6C
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1278201/71854792/skeleton.js?adsafe_url=http%3A%2F%2Fgleanerheights.blogspot.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2F&adsafe_type=f&a...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

13ms
13ms

Script
application/javascript

2600:9000:20ab:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Server: 2600:9000:20ab:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 01:45:55 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 15958828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 2NaRdbkvqTqZFKIBZ5im0K4bQCJa41gNtsD9nNX3fQjb3aDsv8fcAg==

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
server: nginx
x-server-name: app27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8EC8 91 KB
23 KB 14ms
13ms Script
application/javascript 2600:9000:20ab:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 11702354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: F3uXCz4FR_h-APaJ3z9qHXNMUD0GKiYz-gq_cgIXN7ET0go4HpeKmA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
215 B 574ms
188ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrp1f,pingTime:-3,time:138,type:v,im:%7Bpci:%7Btdr:35%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:106%7D,%7Bpiv:-1,vs:n,r:,t:137%7D,%7Bpiv:0,vs:o,r:l,t:137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D,%7Bsl:n,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~1,0~0%5D,as:%5B1~160.600%5D%7D%7D,%7Bsl:o,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:107%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
215 B 754ms
370ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrp1g,pingTime:-6,time:139,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D,%7Bsl:n,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~1,0~0%5D,as:%5B1~160.600%5D%7D%7D,%7Bsl:o,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:107%7D&tpiLookup=ao:gleanerheights.blogspot.com%2Cgoogleads.g.doubleclick.net*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
216 B 566ms
186ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrp1l,pingTime:-2,time:144,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:53,bdZ:451,beA:453,beZ:454,mfA:540,cmA:542,inA:542,inZ:546,prA:546,prZ:553,si:559,poA:560,poZ:576,cmZ:576,mfZ:576,loA:591,loZ:592,ltA:596,ltZ:596,mdA:454,mdZ:531%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:106%7D,%7Bpiv:-1,vs:n,r:,t:137%7D,%7Bpiv:0,vs:o,r:l,t:137%7D,%7Bpiv:87,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:2,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D,%7Bsl:n,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~1,0~0%5D,as:%5B1~160.600%5D%7D%7D,%7Bsl:o,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~160.600%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:87,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~75%5D,as:%5B2~160.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:107,sinceFw:36,readyFired:true%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
215 B 451ms
187ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrp3d,time:260,type:e,im:%7Bimprf:%7Bttecl:635,ecd:127,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:118,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D,%7Bsl:n,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~1,0~0%5D,as:%5B1~160.600%5D%7D%7D,%7Bsl:o,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~160.600%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:87,obst:0,th:0,reas:,bkn:%7Bpiv:%5B118~75%5D,as:%5B118~160.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:107,sis:235%7D&br=c
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
215 B 285ms
189ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrp5U,pingTime:-10,time:427,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1704912382474%7C%7C241a9aacd13b1981167f5e2c5f31205c%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7C1a4bdf5ecc5ea73dda718bcae1b33fd5%7C%7C15818cebc75f86de83018a227e37f398%7C%7C4042c30d26f21be0d3930d1a8ce0c97b%7C%7C607d215cb4ef26d5203cbec9cb60fa32%7C%7Cd248d720429f7e6555a53e845d1f22b6%7C%7C1663701684%7D
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&u=%7ChzftkSzMWjA8xjyI4sDBOTKbj4ZOX3FGoNVBMx0j9fs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKUtNbmQ-Q3qLIH9FYzIPbuK-vP8SIvPltTdK1BuArUlQB-XpbYbyx2JW35JrS8p09sWv5NS1Ens7vkZXgLaXK5wxmBDMInlCGdTcYzsdjt4hTJk_mRBMZQGnUmdMzvMsj-zO5WCF27bylgpucZQlFqfOvDosetww6nmEb4nyJ17LCW_6KxzJHtmyRxJktlJh1gEo7E7fs_q2iZpmor1CYZ2kNJcnYyj8tXV7iBFsuEfeBZtQnwya3tvYCSRmA658w0jfPs3mgKlWBzJI9f0QY4caPOglvsfTyv1YUJpIdCDwT-Ew1Dy5uY9Kq5U5ugOxo548XmON1iznpG6gIZ3JACoREC83iOS7U-wy_Tg2EvXBD3s09eWKzOd0mQrFyv00f9Y_90rSyyAuwiZSGE2hbCCot3IBZSp3OeHAZnpG17dUhBpYDP6-BeTitQbcWGamtGveQPFCh-sgPGVG7LvAyxaouZXWQNpF_WCmS4o3CzNYY3JOzgjrtjXIogWxvpyvjDdyvcfPFQpFyVfHANDNEqbCxx1OW8j0tuipX7g90G1jukVOKaQzH34&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLutw_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSNAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpOXQzeHUCmeY21egX9ogQ_4whJTC_ORfSfPJLOFiQ_-ZjIEP_3z0YLcQgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_21OjI8r94o756M8vFw_M2d_ziJwg%26client%3Dca-pub-9171029009349482%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0BF6 42 B
64 B 72ms
48ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuulfV2RPcpQM2HJ4n0UMY210WnhfoZ3V-j3nqGQBcvIDD4v6KPeisv9eir4gdy8sus5PtYUmQoeL9VZjjQlyWu1BkLOYJx4zaTFP88ctyQH8x15-yb&sig=Cg0ArKJSzC02ZGoDzAeMEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&vu=1&app=0&itpl=20&adk=2687467163&rs=2&la=0&cr=0&vs=4&r=v&rst=1704912381585&rpt=131&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BF6 0
23 B 48ms
48ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_IsT_eWeZdq0DtnZ5LcPhMi94AHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTkxNzEwMjkwMDkzNDk0ODLIAQmpAqGvPffUWrI-qAMByAMCqgSKAk_QU9YDx8pCKKUyc1ozF1FBWlR6RiH3KeSCra3px0sIpeZXG9ZsC91j7qAdyusm5TV-GT4pwjOOiC6w2FMzVG1q98CbzkJ0DdXIS43qWopa192SoJhjhJAb2tbknkIFl_nIJ7Gzd6UxSGTbP6Ehsof7UFtqRuJG3yk4_MctWj_Uq2PYLUpRtYv9N1qUwSqV3rGJJR9LQux6v2zjkjCwgucuY_vmOYuSTsnDUbiv1d7YkHTjOfFXWnrA5R1xCassisxviXZT2Xc7abt048xGORfNX4X0J-GhlJgC_1WztLDnarXdpKfS7HNUmbelfYeHhVYAqlo-o5509spHy0cBEUeQ_OG1lBnFa1wdgAb-7rj86ava1pwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YBwEAEyAusCOgKAQEi9_cE6WNL16Ma904MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNzEwMjkwMDkzNDk0ODIYAA&sigh=gaKm5nCvTlE&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_kwEWepI45oNaomrCa-VPXWTzF-SA32N4Rf6Lk_f5TziQ-Knc33T2JdcT_6ppcxw0oGAUgb1CYwItMmcZgHJLcd4DoreDNYbY2LwYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&h=600&slotname=8444344501&adk=2687467163&adf=612511006&pi=t.ma~as.8444344501&w=190&fwrn=4&fwrnh=100&lmt=1691751138&rafmt=1&format=190x600&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1704912380936&bpp=3&bdt=715&idt=187&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3811062847720&frm=20&pv=2&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1082&ady=678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&cms=1&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 18:46:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 18:46:22 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 0BF6 0
126 B 119ms
34ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKKXFNyBMKAB2ASdg2ICAgAAAH0NxkQ5uATKEP3lnmUqmqrjklZHGo9dAAASAAAKCkFRVUJBUUVCQVE&wp=ZZ7l_QADmloA-SzZAA9kBKJDH9g_iWgEmFLEtA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:22 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 153309
server: Kestrel
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame DC6C 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 18:46:22 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 3268905543-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/577263412-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6501
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 20:06:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 08 Jan 2025 08:53:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
58ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240108&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35e9d9e4b0eed749b2f5cdff677d95702afb0b9a6c4aca8ba9253c876e4faed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12374
x-xss-protection: 0

GET
H3 200 730298499-lbx.js Show response
www.blogger.com/static/v1/jsbin/ 376 KB
376 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/730298499-lbx.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/577263412-widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

528b554dd1622450b3e536b476487a6955af4425b6143f48480e7c55b3f7b7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:57 GMT
x-content-type-options: nosniff
age: 122246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384524
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 20:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 08 Jan 2025 08:48:57 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 18:46:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDE7 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 14:59:04 GMT
expires: Thu, 09 Jan 2025 14:59:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 02BE 829 B
1 KB 39ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af39a3a4ab611903b658fa643a676d78301a88672b327f2cac7dba5bbf275b86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WJwWGokFT1oXFzFwsZfa-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://gleanerheights.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WJwWGokFT1oXFzFwsZfa-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 18:46:23 GMT
expires: Wed, 10 Jan 2024 18:46:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame BDE7 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 14:50:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 14:50:55 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
215 B 196ms
195ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrpht,pingTime:1,time:1144,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:106%7D,%7Bpiv:-1,vs:n,r:,t:137%7D,%7Bpiv:0,vs:o,r:l,t:137%7D,%7Bpiv:87,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D,%7Bsl:n,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~1,0~0%5D,as:%5B1~160.600%5D%7D%7D,%7Bsl:o,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~160.600%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:87,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~75%5D,as:%5B1002~160.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:756,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:107,sis:235%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:23 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DC6C 43 B
215 B 187ms
187ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278201&asId=a1027dc5-8d05-1477-fd5c-8bf69d2a3041&tv=%7Bc:Vrphu,pingTime:1,time:1145,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:106%7D,%7Bpiv:-1,vs:n,r:,t:137%7D,%7Bpiv:0,vs:o,r:l,t:137%7D,%7Bpiv:87,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1003,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~160.600%5D%7D%7D,%7Bsl:n,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~1,0~0%5D,as:%5B1~160.600%5D%7D%7D,%7Bsl:o,t:137,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~160.600%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:87,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~75%5D,as:%5B1003~160.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:756,fm:u0ZgBFd+11%7C12%7C13%7C1411*.1278201-71854792%7C14111%7C15,idMap:1411*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:107,sis:235,metricId:sky1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 18:46:23 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 02BE 0
0 44ms
44ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240108&jk=1844360786172898&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BDE7 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hFednw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:46:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240108&jk=1844360786172898&bg=!k5ClkN_NAAaumcC-jpk7ADQBe5WfOOhNExy4trUzxzXtvHadTCb_XUYZZgfMHL2f0p4GnItfI4iSONiNXE-RdYxDSqN8AgAAAEVSAAAAAmgBB5kCvZDAVXSbzoyhyVe7RGT1JFqOUGuwCyRyRHRe387bl1cstuzLjUuIA1YjAFTOukdajGGfQ4S7j7lNUTGUJrfrbul6WGqFkqom_iLHWeKrSGND790jpnpZjoyziIttIqn4IRYIPrvuSi9Dpgk-IylcF7prfkf_GtDvGP2KGkto_dIXgOPmQvSijt3L3qUa59lKJqu7hxc8N_5JxxRSrOPUR7_jv9-8KSxTkAxNwqdYFqdB3d_pRXzpHrnWKCqE7iWQdASFcubIGTNixZmOpROrinOzbFIeJaXIeRFOcQKH50zTm7KQ6r-pwwRBQQulYsqFsPeeA6dAesvhvFQgnOdnUekUCM28KCOsSv4QfNoPzIuZE7Qr-10Kf5Y5Fo6eMAUBpMhnz8w0DX0mPa_XPGYPc20TaeS1mvScTWPXIgazKXUf1ZPJPVtrF4FrFWiB2pYV9aZ3-unSNZc81o78H3D8OzSU7jcFm-MUknyiaOl7A9KpYoMkVC1g9Xlh1m_3iQAdFLyZ4eNFhvxsIweEACtwXlnd9_XfHGrzPiaX9I-RDRIXubKJJOKsIs6J6XR77cdQuB1u7p2SlPx-K7rjn4VH6XcwY_cmmDXDJMOqzWoNt9JK7LpyXcYuo9lye6V7iMjSYDJECpZ6hRaw7jolgEM1DNVLRB-LzI5AFDM4kmc4YdFbVM0RowbuQG3KdxDh0OqVny_C1YgeKeYdyZ_Mci1LuKmSqxwQ23Y26HYxroElmP1XZa_Q-oJ_hbqq04PKJosMWFtyvDxPMEa9XJPjm5xt-CAe-1zha7elpFWBO6MXmPIpy6dXjknKZj3YnQ-sOU1YNBwAjUVN_dzKTRW6x9--9wMfMRr2X3KkfBYlKbD7X2SaREvfoXYCWpatuXPsJfUYtvQ_YvLgRwlCHVUvp-ttkQq6QIjfq5mmK90fGnGy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gleanerheights.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 21:58:43	Name: NID Value: 511=K08qg7XWPmjGCx8Lk_7OGnlITsmHucnrMxLKQoDlw0zqjmHOdbV9p9QMU91rM5pHIFDiM1QPkuLckFf4PRCV4YAfLspl4AutP3DcW19zVz1jRHmleQsMWgaTdM3gru1fQw2n00cI4yQ2Ky-1ojVT7SopbnTRe-YGYPik17q-W3Y
store.steampowered.com/	1969-12-31 23:59:59	Name: sessionid Value: fcab041ee512bd58dda6c2e6
.doubleclick.net/	1970-01-21 02:56:48	Name: IDE Value: AHWqTUn2aOSDqz_B9VSOiyyH5dkmV7twnuNo1Y17dWzwFstWeEanqEWt7RqVzn9EiP8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9171029009349482&output=html&h=600&slotname=8444344501&adk=2687467163&adf=612511006&pi=t.ma~as.8444344501&w=190&fwrn=4&fwrnh=100&lmt=1691751138&rafmt=1&format=190x600&url=http%3A%2F%2Fgleanerheights.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1704912380936&bpp=3&bdt=715&idt=187&shv=r20240108&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3811062847720&frm=20&pv=2&ga_vid=222093323.1704912381&ga_sid=1704912381&ga_hid=1301861873&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1082&ady=678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080261%2C42532523%2C44785294%2C95320869%2C95320891&oid=2&pvsid=1844360786172898&tmod=1436713104&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&cms=1&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ads.eu.criteo.com
apis.google.com
blogger.googleusercontent.com
cat.nl3.eu.criteo.com
cdn.akamai.steamstatic.com
cdnjs.cloudflare.com
csm.eu.criteo.net
dt.adsafeprotected.com
gleanerheights.blogspot.com
googleads.g.doubleclick.net
i.imgur.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
resources.blogblog.com
rtb.nl3.eu.criteo.com
servedby.flashtalking.com
static.adsafeprotected.com
static.criteo.net
store.akamai.steamstatic.com
store.steampowered.com
tpc.googlesyndication.com
www.blogblog.com
www.blogger.com
www.google.com
www.googletagservices.com
146.75.116.193
178.250.1.6
184.30.20.74
23.57.20.29
2600:1f13:800:7782:857d:d048:5cf8:98f7
2600:9000:20ab:4c00:8:48e:53c0:93a1
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2009
2a00:1450:4001:829::2001
2a00:1450:4001:830::2001
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
54.196.26.165
95.101.54.139
95.101.54.217
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03364f3ef15a617035aaef56f224be2a774f25ce8f315ce854bfcbd37100141b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0d58315755ae766647fec32b23d5ce5b100921b7f4d2908eff5cf89c4bd0eb66
0e21e2dd6b4a531745c478aabe367ce8b100a0035fa2a9b58a7a2f56e90de3cc
10f61aef77c0737775deac396d9974ebf4940dda3d4102ec003df00a8f7ccff8
1757cf56098aea1e0dc85d700d9ea7445caf48eb888002c3001d5c63d6dedb9b
17e7ad263c17f9fe54d8f4f85ef7a875465618003b8e57f9e7fd1bbef8c39973
18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e
1900ed37b2f031f35d3aa5d765b7c71026e7a111bcbdcd1591f8d031c28be739
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
215c1270027360f25eb9e81c6c35166f11ff43ac0348832adf5566f873933da8
218bedd2a2817dfde5f3a900b6204c7e378e1b747ff98ae89aedff2391e4429c
21fdc883aaf59ad2d38b8e0b573c973d825b8ab46a017215d7282444ce6f20fa
26246d2800c87085eeaa0a0e48b7ac5a853c8542ae53d3f8197eb8301f59663a
2856c201455e5e44d7c6162dc45debd3d9e76408eff5ccb069ff2880ba179308
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35d30e5d02388380776c79d3df9a3ff9de1dfdca8ad351a53173ec34a38671ca
35e9d9e4b0eed749b2f5cdff677d95702afb0b9a6c4aca8ba9253c876e4faed5
368e46f32f8110386256907d8c1a79d09c466f648367b5333c824eca09641bc5
3735b1058c21031892c59d6b52d5f6acd0b3fc435f7dc0f0f8b586df29143624
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3af1d554275cf577ae8ad54153bdffbfb475ced9d994e7866cbcbd1cb3e52d62
42a2274a1c8d8429e60f07a4a2c4775b90ea509845a09aba2c286c4116922165
44abc0a159ae3dbface6ecec68447d666168e623e1045a077574c160f256563b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e12a8866a76b17aa0723ddb6ffb6bae200141086d221131c4a609225d81c741
4efdacc9720912de56c91a926425f6209c256790a0c5d0f93ad6d6052f9a55d6
50c75f6a6228157157e3711b73785087cc20594f2d31d560a8e10bdb812e6ac7
5265d282e43171fd5b8f221773ab2058e167fe33aef564cc08492eb50b3d9345
528b554dd1622450b3e536b476487a6955af4425b6143f48480e7c55b3f7b7ab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d03b93eb6d214ffdd202eebf943b2f1884af9e91a951a25b91623a065a1036
58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
5f7076f60df8c0785a9c134c293a21b8bd9cde04263cffbb8f5e83bafd9422b2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653580135391fdad15c54171bfb61cf1e29b292ec872576e903f77c085b49539
68bd7b1446a46abccd09e9f0195357beadc2a4eeab9c420af71ad2665b19469b
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc
6f4f9a419630f920109cb9d93016161203feb67a6e1e68b5f5d068e7eb1bb9df
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
7345fbbe274fe7b80d8acd7ef0b6e521113c80ccd757ef373ff62c9e608345a8
78d6c24cca7ca3f573cb11e30f24577df4b64b94ed51a0f64449cfc12da9164e
7b7a6093c108a67db62e51e2ee17dfad0888220f47cfc7f3845c6a9835349880
80dd37ecf8e1ff70b160e91048daa46a5f7636486d27f420af6c19a5093fd10e
821724b079c9b5cc96b2e57dd19e59c28d591c430f7a42cbc8169e7f74cceac4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90fa35861340b438cf49e3604c5727cc07b0e40339697c64dca02dd466892807
92f379053bb29b33613347baa2969e84cde27d11ba52637c04d11d6f64e9bb4c
9351f44c70e737af62552bdb63791ddecd40e303dafb406478bfcf0dcc44bef3
95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a
976d9f2d8673ed0ae85422a34eb72e4ca2a17c65dfd9ce5ba7a6f9ed2507ce86
9b82a4b812d7037b21e8612bcd86e2ec2c0373dc32030382914f37c3fd6de85d
9fba97eb8920d6a89bf0576db418a9369a56a94b5d55e8add37d92ad5c9f6c3e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a705dde67414439918b881fba457b42e292b4a95d7779ba6aecbb565fb7d9097
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
ae17e106b4eabbac72b12ad02732bf19ec871983c3ead7ff9e956c07961c63f6
af39a3a4ab611903b658fa643a676d78301a88672b327f2cac7dba5bbf275b86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25bf90cae233590154c33f5efa8c17c4fb9763908d6a8f54ec7b20cdfb6fbc4
b49464fb4f3728910571942e734434eb181f72dac6ca84fc4a5ada893579bcad
b49531ac2fcc973750ab78465204dc586850dba6063c19ee1a73bf96ec557783
b7b1ce83c9dd97cc02e41747ca249670957b6af2bc274a5423cf2877996ed547
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bff6350020e25ae445d47e539562b28ab76ee29fd59ea727fca3a69284e31794
c54f7e964fabefc31c2df4864777db262e62c3236a293fbd075deaf1d538c2ed
c797114b172c5c485cb93528971496e0d00ffeec1a6825b6bb82d267e3156d82
c8dc953524338d79da56810b655fc9442e7cab172ac9c547103c4d4d23562388
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d3dbea4f605663f57a940291079e37391b79ce29d497a7da5b6d23e70508929b
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6a90f79f134cc5eb020a3f52b46a9a1fbae0c015d85e09fafc7e379ab7adcf6
d74b03eea6fda15b0cea1b086ac167c0a8a4d8046fd88376a077d7b72092161b
d91ef100d1876a07f19d3f76ebc1733c9e72b709ad66bac56af08f1e55aa0552
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
ee50d5094a0b330e90d608a5116f889d8e573c33767c912fcba546eb5690dd2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5630c5418950823903ee3fbd0e92c6ba6d20e047ef89d97c6c3b51bd6a9e6e4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
ff548512b3096ae8062b4ecb74691941b0689ae162f94ee086eb0ed9727e1f55

gleanerheights.blogspot.com Open in urlscan Pro 2a00:1450:4001:828::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

90 %HTTPS

71 %IPv6

16 Domains

29 Subdomains

25 IPs

3 Countries

5215 kBTransfer

6968 kBSize

3 Cookies

63 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gleanerheights.blogspot.com Open in urlscan Pro
2a00:1450:4001:828::2001 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

90 %
HTTPS

71 %
IPv6

16
Domains

29
Subdomains

25
IPs

3
Countries

5215 kB
Transfer

6968 kB
Size

3
Cookies

112 HTTP transactions
1 data transactions