tudodewinxx.blogspot.com Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tudodewinxx.blogspot.com/
Effective URL:
https://tudodewinxx.blogspot.com/
Submission: On September 15 via manual (September 15th 2022, 7:01:01 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 19 domains to perform 47 HTTP transactions. The main IP is 2a00:1450:4001:809::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is tudodewinxx.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on August 22nd 2022. Valid for: 3 months.

This is the only time tudodewinxx.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eafe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	192.99.8.34 192.99.8.34	16276 (OVH) (OVH)
1	142.0.204.220 142.0.204.220	7979 (SERVERS-COM) (SERVERS-COM)
10	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b48:8300::3 2a02:b48:8300::3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	35.157.30.157 35.157.30.157	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e6:... 2606:4700:e6::ac40:c902	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
47	19

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tudodewinxx.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

hamzah79.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eafe (United States)

ASN13335 (CLOUDFLARENET, US)

addresseepaper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

noticebroughtcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.34 (Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.204.220 (United States)

ASN7979 (SERVERS-COM, US)

clenchedyouthmatching.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

swellknife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b48:8300::3 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.barscreative1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.30.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-30-157.eu-central-1.compute.amazonaws.com

simplewebanalysis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:c902 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sb4you1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	swellknife.com swellknife.com	9 KB
5	sb4you1.com cdn.sb4you1.com — Cisco Umbrella Rank: 25033	46 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 98	148 KB
5	blogspot.com 1 redirects tudodewinxx.blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 12111	86 KB
4	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 67	67 KB
2	gstatic.com fonts.gstatic.com	88 KB
2	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 20879	850 B
2	noticebroughtcloud.com noticebroughtcloud.com	469 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17784 s4.histats.com — Cisco Umbrella Rank: 15390	5 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 8716	157 KB
2	github.io hamzah79.github.io	27 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	simplewebanalysis.com simplewebanalysis.com — Cisco Umbrella Rank: 15084	294 B
1	barscreative1.com cdn.barscreative1.com — Cisco Umbrella Rank: 26989	809 B
1	clenchedyouthmatching.com clenchedyouthmatching.com — Cisco Umbrella Rank: 280107	159 B
1	addresseepaper.com addresseepaper.com — Cisco Umbrella Rank: 19530	23 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	574 B
0	salutationcheerlessdemote.com Failed salutationcheerlessdemote.com Failed
0	venetrigni.com Failed venetrigni.com Failed
47	19

	Domain	Requested by
8	swellknife.com	hamzah79.github.io tudodewinxx.blogspot.com
5	cdn.sb4you1.com	hamzah79.github.io
5	apis.google.com	tudodewinxx.blogspot.com apis.google.com www.blogger.com
4	lh3.googleusercontent.com
4	tudodewinxx.blogspot.com	1 redirects tudodewinxx.blogspot.com
2	fonts.gstatic.com	fonts.googleapis.com
2	unseenreport.com
2	noticebroughtcloud.com	hamzah79.github.io
2	www.blogger.com	tudodewinxx.blogspot.com apis.google.com
2	hamzah79.github.io	tudodewinxx.blogspot.com
1	fonts.googleapis.com	hamzah79.github.io
1	simplewebanalysis.com	addresseepaper.com
1	cdn.barscreative1.com	hamzah79.github.io
1	clenchedyouthmatching.com	hamzah79.github.io
1	s4.histats.com	s10.histats.com
1	s10.histats.com	tudodewinxx.blogspot.com
1	addresseepaper.com	hamzah79.github.io
1	pagead2.googlesyndication.com	tudodewinxx.blogspot.com
1	4.bp.blogspot.com	tudodewinxx.blogspot.com
0	salutationcheerlessdemote.com Failed	hamzah79.github.io
0	venetrigni.com Failed	hamzah79.github.io
47	21

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
noticebroughtcloud.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.blogger.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.addresseepaper.com E1	`2022-08-23` - `2022-11-21`	3 months	crt.sh
histats.com R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
noticebroughtcloud.com R3	`2022-09-02` - `2022-12-01`	3 months	crt.sh
clenchedyouthmatching.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
swellknife.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
cdn.barscreative1.com R3	`2022-09-09` - `2022-12-08`	3 months	crt.sh
simplewebanalysis.com Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.sb4you1.com E1	`2022-08-28` - `2022-11-26`	3 months	crt.sh
unseenreport.com R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tudodewinxx.blogspot.com/
Frame ID: 9AD40CE7456F3C7BF3C75838757E489B
Requests: 39 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4027327676608952269&blogName=tudodewinxx&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://tudodewinxx.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://tudodewinxx.blogspot.com/&vt=5846758056267454099&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__
Frame ID: 11A6E6F918571A2B40AE3E8DE7EC0CA1
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Frame ID: E39CF87C62E89576161660CB82F87E5F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) New Message!

Page URL History Show full URLs

http://tudodewinxx.blogspot.com/ HTTP 301
https://tudodewinxx.blogspot.com/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

21
Subdomains

19
IPs

6
Countries

662 kB
Transfer

1360 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: http://noticebroughtcloud.com/q1125m3v?gfgp=92&refer=https%3A%2F%2Ftudodewinxx.blogspot.com%2F&kw=%5B%22tudodewinxx%22%5D&key=fd17bf3904e0e065f8c8ef248e4b9d0a&scrWidth=1600&scrHeight=1200&tz=0&v=22.2.v.2&ship=&res=12.31&dev=r

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tudodewinxx.blogspot.com/ HTTP 301
https://tudodewinxx.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tudodewinxx.blogspot.com/
Redirect Chain

http://tudodewinxx.blogspot.com/
https://tudodewinxx.blogspot.com/

200 KB
59 KB

415ms
332ms

Document
text/html

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

886c1464adc081900777285dc67de4591e460e1e9be61958a48c16068583929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 60359
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 19:00:54 GMT
etag: W/"828cbc48cfc900a9635f6092a333eb08f32445fd5a1d1e92a3fc9d74557dfc01"
expires: Thu, 15 Sep 2022 19:00:54 GMT
last-modified: Wed, 14 Sep 2022 10:00:52 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 180
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Thu, 15 Sep 2022 19:00:54 GMT
Expires: Thu, 15 Sep 2022 19:00:54 GMT
Location: https://tudodewinxx.blogspot.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 coollogo_com-86663128.png
4.bp.blogspot.com/-8EJUgAtBUtQ/YErmMOvjXAI/AAAAAAAABUs/LntmW9ZuNbQ1pxHmf_8LYX1ZlX7WjGhtACK4BGAYYCw/w250/ 22 KB
23 KB 140ms
51ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-8EJUgAtBUtQ/YErmMOvjXAI/AAAAAAAABUs/LntmW9ZuNbQ1pxHmf_8LYX1ZlX7WjGhtACK4BGAYYCw/w250/coollogo_com-86663128.png

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2eb5fa52565bd3f4d988336a78b0ba5bacaf24ee4aabee0508f312bc81bddbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:55 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="coollogo_com-86663128.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22729
x-xss-protection: 0
server: fife
etag: "v54c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 16 Mar 2022 18:39:17 GMT

GET
DATA 200
OK truncated
/ 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28019169ef0f8ec43f159e819837d4482b9a4943c6d2a95e626e986f322958a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 130ms
45ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 15 Sep 2022 19:00:55 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "77de80bac492065f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:00:55 GMT

GET
H2 200 apotek.js Show response
hamzah79.github.io/kabehiklan/ 58 KB
18 KB 321ms
44ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hamzah79.github.io/kabehiklan/apotek.js

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

8e84403be58adf4b73aceccc922ad02cd1f534a9587b69b850e1113054cb6f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id: 5972cec8c47c83805147927f62d2f579756cd0a2
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"62da5730-e8cd"
age: 292
x-cache: HIT
content-length: 17520
x-served-by: cache-ams21051-AMS
access-control-allow-origin: *
last-modified: Fri, 22 Jul 2022 07:52:16 GMT
server: GitHub.com
x-github-request-id: 0809:9F7A:50DDE1:53CF3E:63232F77
x-timer: S1663268455.288496,VS0,VE1
date: Thu, 15 Sep 2022 19:00:55 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 15 Sep 2022 14:08:16 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 apotek2.js Show response
hamzah79.github.io/kabehiklan/ 33 KB
10 KB 325ms
48ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hamzah79.github.io/kabehiklan/apotek2.js

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

b46da9b21a04e6744e2c3a54ba8778e2598b1e135c69cfbf6c80539b9d9111a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id: 9379f5e63dcaa96b39e3eddfb45f7233588b6cae
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"62da5730-8415"
age: 292
x-cache: HIT
content-length: 9895
x-served-by: cache-ams21051-AMS
access-control-allow-origin: *
last-modified: Fri, 22 Jul 2022 07:52:16 GMT
server: GitHub.com
x-github-request-id: DB70:AC5C:6C96C8:704CC1:63236A86
x-timer: S1663268455.288462,VS0,VE1
date: Thu, 15 Sep 2022 19:00:55 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 15 Sep 2022 18:20:14 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 cookienotice.js Show response
tudodewinxx.blogspot.com/js/ 6 KB
2 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tudodewinxx.blogspot.com/js/cookienotice.js

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 17:55:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 22 Sep 2022 19:00:55 GMT

GET
H2 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
155 KB 325ms
47ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 16:23:35 GMT
x-content-type-options: nosniff
age: 9440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157917
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 15 Sep 2023 16:23:35 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 146 KB
50 KB 166ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51176
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 06:47:15 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 52 KB
16 KB 157ms
47ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf07c075da69c03b60f61f26c51893f539b263c10147c58668f3481eeda9827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16714
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 00:18:18 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
574 B 147ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 11:12:09 GMT

GET
H2 200 sfp.js Show response
addresseepaper.com/ 79 KB
23 KB 509ms
399ms Script
application/javascript 2606:4700:3038::6815:eafe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://addresseepaper.com/sfp.js

Requested by

Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eafe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 62ca442ce4593c296375acf7bce45ea2
last-modified: Thu, 15 Sep 2022 19:00:55 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubdomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FryFtrYPMxPKSkKzzXpbxwWj%2FHvpIEtldHj3SVUxMsBXi9BJgR5ysnHs5zEAwwkGdH8xelbApVkPbUAbwPSgi%2BWsQDOX66HeEYne9jdYX59d9NYNUK6WCepKB80bhQWtMoatWZvPqXdMRhcxhPSPY2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 74b39ba6aeb5dc7b-LHR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET stats
venetrigni.com/ 0
0

GET sfp.js
salutationcheerlessdemote.com/ 0
0

GET stats
venetrigni.com/ 0
0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 267ms
40ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:51:12 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 906658072

POST
H/1.1 200
OK pure Show response
noticebroughtcloud.com/pixel/ 0
469 B 136ms
136ms XHR
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://noticebroughtcloud.com/pixel/pure
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tudodewinxx.blogspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 15 Sep 2022 19:00:56 GMT
Server: nginx/1.17.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H/1.1 204
No Content pure
noticebroughtcloud.com/pixel/ Frame 0
0 827ms
126ms Preflight
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://noticebroughtcloud.com/pixel/pure
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tudodewinxx.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 15 Sep 2022 19:00:56 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx/1.17.6

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 11A6 7 KB
3 KB 222ms
144ms Document
text/html 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=4027327676608952269&blogName=tudodewinxx&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://tudodewinxx.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://tudodewinxx.blogspot.com/&vt=5846758056267454099&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13ba5fb7245ba4e948118fe71238d060f5ba563b18a1c720ee38929224e24543

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tudodewinxx.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2581
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 19:00:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 476ms
124ms Script
text/html 192.99.8.34
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4525827&@f16&@g1&@h1&@i1&@j1663268455615&@k0&@l1&@mtudodewinxx&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-186360057&@b3:1663268456&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftudodewinxx.blogspot.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns501383.ip-192-99-8.net
Software: /
Resource Hash: 5639d7913493c7c2f33f5a20d69b703c52fa1165ba7d213f410c91c65fe94ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:56 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK advertisers.js Show response
clenchedyouthmatching.com/ 0
159 B 982ms
149ms Script
application/javascript 142.0.204.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://clenchedyouthmatching.com/advertisers.js
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.0.204.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:56 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Length: 0
Content-Type: application/javascript

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 11A6 52 KB
20 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=4027327676608952269&blogName=tudodewinxx&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://tudodewinxx.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://tudodewinxx.blogspot.com/&vt=5846758056267454099&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.s6oManI66bc.O%2Fd%3D1%2Frs%3DAHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

028afb4a5d6a68c0d13eaf91ec9e9e5d103b8be40aedac868798d472d375aa96

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 15 Sep 2022 19:00:55 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "31f52d39e8c831aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Sep 2022 19:00:55 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ Frame 11A6 128 KB
42 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 00:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42575
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 00:18:08 GMT

GET
H/1.1 200
OK sbar.json Show response
swellknife.com/ 6 KB
5 KB 675ms
207ms XHR
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://swellknife.com/sbar.json?key=c10a345a95c864bf7005c7d03e84b682

Requested by

Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

4328ec2dda5ce13ed25d84172041e9ee1bf7b286e8585bd528252d6eea07ae34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:56 GMT
Custom-Referer: https://tudodewinxx.blogspot.com
Content-Type: text/plain; charset=utf-8
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://tudodewinxx.blogspot.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Server: nginx/1.22.0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
X-Request-ID: 067d517043ca009432f147745c44e94e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 index.html Show response
cdn.barscreative1.com/sb/notifications/software/multi/flashplayer/top-line/1/ 2 KB
809 B 387ms
44ms XHR
text/html 2a02:b48:8300::3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.barscreative1.com/sb/notifications/software/multi/flashplayer/top-line/1/index.html
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8300::3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 2dff06a854c21e84c135e5c44b3dc0f665689d692af37f14e613c9c013bfcff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:56 GMT
content-encoding: gzip
expires: Thu, 15 Sep 2022 20:00:56 GMT
last-modified: Wed, 22 Dec 2021 11:50:47 GMT
server: nginx/1.17.6
etag: W/"61c31117-701"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK ren.gif
swellknife.com/ 7 B
738 B 131ms
131ms Image
image/gif 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swellknife.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTtZ4M6iXeFBavWwgmfT0dE%2FPkEPM5pchP4zJyop4qa6qnq1MdVdT1T29uwdZDEgOghPw4LH3m2QXTQQFj4oy621FcDzoIuwf4EnBCOJFZjOw%2BKB479X3Cr7vq%2FfBRrlHPJR0t7im16RS9FTY8Nz5JZlxXVn3%2BqLb9BreaXdJZu3gtLvSDo67Z%2FNciSURX5HFqbAVNVptd%2F7K64vXrp5wlewL95JgfX3cPbdsdCpONb2w4TXCZjdsNP3QvUUTauTsHWT%2BqOM1%2FDBsRI2m52PF%2FL%2B3pQNLHfDBHnkOkk%2Beevjxn5BsjCz94ryw%2FULnJy6kpaKFNhjwrbeyfqarDOlBmRgHSbY1m4a2E0I%2BOQSdbc1UQg%2FuT1UilhPi%2FFIizjafkEc8GDW9ELECF4j5UVSDMYQaQ9IxmL4DybtgHOcvIEu3LgmT0mwVkm6D0Sk4IUdevg1ZTciRzXeQpZ%2Bf00acXKCsH%2BtMYCWpIVfGkL0x8nIbxdohyGobrHgfkv9ITs4dRZZuLgijZAbJ633pUo4hkzGUGIJaB%2BX0SAdl4qDMHaR8141pGIuIRXHg86TrRYGfBJwFTdrtBNwPApRsym%2BIIh%2BCqSGYWUdu1tGXQ5jyO9jlGpY7sMWEOG%2BuY8BrVIKgsgQVJagkQVUQVIP6AVfWt%2FUmV7aMm7Psz3KrHumit0Ef6KInMrKR75Fnp8Y4hz%2F8AX2x67KmR1tBSLsh67SDOIk8L2QR91qiE8Ttjg8ra0h7aF%2FqmpyQY88sIpcTMnf9X8R0G1Ztg0kHtHwRtBpFvge6PAo6Htayr%2FJloVh%2FtREr3bO5LhpMp%2BC6Rl7MoVh1NtQeeWH%2Fo6LH9yDYDpkFmKmRmxq35fcEPXV3dFNX5P5NXVny5Rt5IVO5Rgups1sFLYTz2RWxWmnDL5%2B3w0%2FPsikwLR8tCltcpRmXWc%2BShwuSc2EuasME%2BeayXRLxjdIuL5QmK%2FOrN85dvJzmRlgrdTYGlT%2B9fRdMTsjTv8%2Fvr%2BaxVxxIM4Ypa6TlAVOpt8Hyddh857Xn%2F%2Fr69nv%2F%2FAar52DUwUycO6jKemT8%2BOBSSQIlDnoa17Bi58yvj8cfvTv%2FN2Kx8%2B0fT7ANexc98xJocQdZWmNgagxUDaqGsOXhUZGbnTM%2Ft%2FYDsXJGsTLO%2FVgZde%2BJtVbuuiFNmkk3Dv0kajXb3aDNW14UCdHtRNwXzTYKO2GvDpb%2FAwAA%2F%2F8BAAD%2F%2F7xjdUaWBAAA

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:56 GMT
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Server: nginx/1.22.0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 7
X-Request-ID: 8d2224801c7ae2627b25cbcc5bee80d4
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
simplewebanalysis.com/ 40 B
294 B 154ms
39ms XHR
text/html 35.157.30.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://simplewebanalysis.com/stats
Requested by: Host: addresseepaper.com
URL: https://addresseepaper.com/sfp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.30.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-30-157.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: feb631ad0783f46bdd25e3af9ef3a2befda7df044c54194015b0311b9dfa86f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://tudodewinxx.blogspot.com
date: Thu, 15 Sep 2022 19:00:56 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
content-type: text/html; charset=UTF-8

GET
H2 404 ANbyha2DECXALJIJ8fmLfZ95xOl6qB7N9DysDQOS-DqTRiAQ7wsKRqTMFAlUEn8uJTt_d8TW3xihL3kwIZeHBkoTJYitpTU=w288-h162-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 143ms
57ms Image
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2DECXALJIJ8fmLfZ95xOl6qB7N9DysDQOS-DqTRiAQ7wsKRqTMFAlUEn8uJTt_d8TW3xihL3kwIZeHBkoTJYitpTU=w288-h162-p-k-no-nu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 ANbyha1lWXPLcqy-TCvgZkHMLirI7aYmS-EWjBVVxgV3edCwxsGejRezG7fGlRg2EmD4_xtI0uv-yOvRdRyu-0JRucWohQHO2jkqbeZs1S7BweiYqikHMwNKXdIwY2DtTjD9zpTPt64rYQJXONTDA3ZWZvJpJOwVJqfJD_TduMrAk7l6uhGB6jaUkpnq3KrD2IjK1...
lh3.googleusercontent.com/blogger_img_proxy/ 25 KB
25 KB 1184ms
1099ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1lWXPLcqy-TCvgZkHMLirI7aYmS-EWjBVVxgV3edCwxsGejRezG7fGlRg2EmD4_xtI0uv-yOvRdRyu-0JRucWohQHO2jkqbeZs1S7BweiYqikHMwNKXdIwY2DtTjD9zpTPt64rYQJXONTDA3ZWZvJpJOwVJqfJD_TduMrAk7l6uhGB6jaUkpnq3KrD2IjK1nKCSn4RpY4mcNPwJj-F5J6e6QW3octWLWvvew=w288-h162-p-k-no-nu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

982ad1f55d3787aec44c81a524106f1f216c9d1962fab80fc6ee3a1588cf2e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25880
x-xss-protection: 0
expires: Fri, 16 Sep 2022 19:00:57 GMT

GET
H2 200 ANbyha1asnBrEhfkmp-HPF8xwaDdELeE4qcbEjMuCCLnrRr6vL5K3wLWqImQ8J7tnem0GbL7ZnFTQH20iAEMr3w3nSUvVWiBiVVS5hPBHQQEtWNRwmodzDd1ZJdHtcIMtc7l0470=w288-h162-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 17 KB
17 KB 215ms
131ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha1asnBrEhfkmp-HPF8xwaDdELeE4qcbEjMuCCLnrRr6vL5K3wLWqImQ8J7tnem0GbL7ZnFTQH20iAEMr3w3nSUvVWiBiVVS5hPBHQQEtWNRwmodzDd1ZJdHtcIMtc7l0470=w288-h162-p-k-no-nu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d852124de9705a749bc9a78093853e44ca325bdd857f652c91d6f356e1874651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:56 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17448
x-xss-protection: 0
expires: Fri, 16 Sep 2022 19:00:56 GMT

GET
H2 200 ANbyha0TBk8NRAG3D6meFZ7ql1LEQvBp-fcXcxKda6ZrByn3TpJPmSqGQu62XSgFaAY62rPNqCX8Ipub0-Aefamuem-HPryqbXInsJhuyj3t5SaDLqZoSqwLrotPW8IlIekI3PxSyrwcXNPBDuPmUhMEB5xiffyWQEU4E5mhpKuh2TW7IC_axuj4etnej5q6IY5wJ...
lh3.googleusercontent.com/blogger_img_proxy/ 24 KB
24 KB 573ms
490ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha0TBk8NRAG3D6meFZ7ql1LEQvBp-fcXcxKda6ZrByn3TpJPmSqGQu62XSgFaAY62rPNqCX8Ipub0-Aefamuem-HPryqbXInsJhuyj3t5SaDLqZoSqwLrotPW8IlIekI3PxSyrwcXNPBDuPmUhMEB5xiffyWQEU4E5mhpKuh2TW7IC_axuj4etnej5q6IY5wJHmQJkD81SEgvg_CqYGTCuZR9jUsfAxhlue-LxFxlq9aGDB1sRo7RfvnZ8g=w288-h162-p-k-no-nu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

24ccdc313d784770bb4aade0ce5b907460743ffc1c176f45620f05fbae44e7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24944
x-xss-protection: 0
expires: Fri, 16 Sep 2022 19:00:57 GMT

GET
H2 200 style.css Show response
cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/css/ 2 KB
1010 B 418ms
320ms XHR
text/css 2606:4700:e6::ac40:c902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/css/style.css
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a3ee8c8eee217e423e95df100674106a82bdb256427de54f019885e23f7268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 11:50:47 GMT
server: cloudflare
etag: W/"61c31117-822"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb59AvG5ZWYiIymha9NnTUuzt%2Bb0%2BwpNRiBnKG5%2B2tr9JHJS6lnJUWfiflQhzWUukav%2BO7luY78HzZCVCRZIqA2toeYdwgu5O4D71sgekhcHl1nxQL3bgZ2TXdm5GL5p44maPn7UEbbU6rGfg1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 74b39bb0c87a9c0a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.css Show response
cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/css/ 77 KB
5 KB 417ms
319ms XHR
text/css 2606:4700:e6::ac40:c902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/css/animate.css
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 11:50:47 GMT
server: cloudflare
etag: W/"61c31117-13591"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA5H0t1UKOt6v6KGE60qSAE%2Fnj%2FNeXQNIk2qChMXn6iy4Kb40CEsqxW7VIPSXNZipY0t7CXKTmD03aGRNAcKeSxATotdOmfqfm%2Bu4UCry0y3375OMk9SmVyPOFSbq262VVI%2BM6nTFhfk7Dh%2FLOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 74b39bb0c87d9c0a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
swellknife.com/pixel/ 0
469 B 471ms
471ms Image
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swellknife.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Ftop-line%2F1%2Findex.html&l=1793&fd=388.0999984741211
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:57 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 summary Show response
tudodewinxx.blogspot.com/feeds/posts/ 4 KB
1 KB 218ms
218ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tudodewinxx.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=totalcountdata

Requested by

Host: tudodewinxx.blogspot.com
URL: https://tudodewinxx.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

0162a1509d1c67494f86024dd7629dc2f6742ea838f7ff57194c26faf976e8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Sep 2022 10:00:52 GMT
server: blogger-renderd
etag: W/"a7da90eb323a0a815d02aa69f62af511abc1c2bc0a3de38d2f2d6ac8d4b8c590"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1256
x-xss-protection: 0
expires: Thu, 15 Sep 2022 19:00:58 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 570ms
130ms Image
image/gif 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=7075a2e5-433b-4b31-ac32-c819aa678a9c&eb=4059bbb3f5cf963a862e338d64bca7c5&te=3393fd00403fc5dd53bb6f1edb4679e9&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=fd17bf3904e0e065f8c8ef248e4b9d0a&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=19

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:57 GMT
Server: nginx/1.22.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 433c9157aa7bb7d447101e92f065489e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 573ms
133ms Image
image/gif 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=7075a2e5-433b-4b31-ac32-c819aa678a9c&eb=4059bbb3f5cf963a862e338d64bca7c5&te=3393fd00403fc5dd53bb6f1edb4679e9&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=c10a345a95c864bf7005c7d03e84b682&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=19

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:57 GMT
Server: nginx/1.22.0
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 5bdc61d8f72af01dbf3135e24c8d2f89
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E39C 14 KB
1 KB 133ms
47ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Requested by

Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 17:17:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 15 Sep 2022 19:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Sep 2022 19:00:57 GMT

GET
H2 200 icon.png
cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/img/ Frame E39C 4 KB
5 KB 137ms
61ms Image
image/png 2606:4700:e6::ac40:c902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/img/icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36faf80518d14d1a3e4b6e8f57de96671a1c03e4913a2a7363e2c969f322b8cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3747363
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4380
last-modified: Wed, 22 Dec 2021 11:50:48 GMT
server: cloudflare
etag: "61c31118-111c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=658OgFmZxql8lbqCpHTIhv3jlnofrONqZP3is7PLhtBn9Z5wk%2FMyBxYSQ9vIdHe5TkjMrgBw7Mm8P4WW%2Bmm48cc9RQr4hCt8A2d8aRgg%2Fmc6DgNDcgNTA2%2FaaHErDIksY%2BOjUSNmx3VfiTTBrzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 74b39bb1480a9136-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/js/ Frame E39C 87 KB
32 KB 127ms
51ms Script
application/javascript 2606:4700:e6::ac40:c902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/js/jquery.min.js
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3747363
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 11:50:49 GMT
server: cloudflare
etag: W/"61c31119-15d94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Byzna%2Bwa3mHsKXxLwZ27WGCwto%2FHtX%2FIorFGenXD%2FJQTuw4Qfk6xhWGdCCSuBQEXjX9iZgUYw0CJ5YOaHZtro26v38yYzWqZbjT9%2FYkM0aGSogGPCVcxXaHiFxuOq6LdXbFmlmbg620xP1cWQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 74b39bb1480d9136-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/js/ 8 KB
4 KB 492ms
191ms XHR
application/javascript 2606:4700:e6::ac40:c902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sb4you1.com/sb/notifications/software/multi/flashplayer/top-line/1/js/script.js
Requested by: Host: hamzah79.github.io
URL: https://hamzah79.github.io/kabehiklan/apotek2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953ff42ffad1a55d6bac81081163c2e207938ca24e6975a333e937158d994e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:00:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 22 Dec 2021 12:38:30 GMT
server: cloudflare
etag: W/"61c31c46-2004"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZIXxw9QNwoHIIAl7ZOeAQ8TqOTK1SaRtvgciXPTYMDWal9N7rUXBo0Eenzw4ogGuOVxzhJcgyYi1pNL22q4AsGMnbSSJvfX6xgEex2TDP%2Bt4F0ApVrWVhJVYoxIQxLp6lV9YXwk6BI7Vpd8B04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 74b39bb39fec9c0a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
swellknife.com/pixel/ 0
469 B 206ms
205ms Image
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swellknife.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Ftop-line%2F1%2Fcss%2Fanimate.css&l=79249&fd=419.20000076293945
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:57 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
swellknife.com/pixel/ 0
469 B 343ms
294ms Image
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swellknife.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Ftop-line%2F1%2Fcss%2Fstyle.css&l=2082&fd=419.3000011444092
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:57 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
swellknife.com/pixel/ 0
469 B 155ms
155ms Image
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swellknife.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Ftop-line%2F1%2Fjs%2Fscript.js&l=7360&fd=493.3999996185303
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:57 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
swellknife.com/ 7 B
738 B 135ms
134ms Image
image/gif 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swellknife.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTtZ4M6iXeFBavWwgmfTMdM8PcojZ%2FDLkhzFZWREv9atnK1Pd1VR1T%2B%2FuQRYDkoPgBDx47P0m2UUTQcGjosx6WxEcD7oI%2Bwd4UjCCeJHZDCw%2BKN579b2C7%2FvqfbBR7JEABd3Nr5k1pTU9FdUCf35JpcKUzr%2B%2B6NeDWnDaX1JpKzztr7TC4%2F7ZLNNySbIrKj8VNdu1Zsufv%2FL64rWrJ3yt%2BtK%2FJHnfHPfPLVuTyFP1IKoFtajejWr1RuTfojG1avYOKnvUCWqNKKq1a%2FWggRX7%2F94VHhz1IAZ75DkoMXnq4cd%2FQvEx0uSL89L1c5OduJAUmubGYiC23kr7qSlTJAdlbD3E6dZsGsZNCPnkEEy6NVMJM7g%2FVQmmJsT7pQBLN5%2BQBxuM6kEEpiEkmDiKcjCG1GMoOgY3d6BEF1zg%2FAWkydYlaROarkLRbXA6BSfkyMu3ocoJObL5DtLk83PGypMLlPeZSSVW4gpqZQzVGyMrtpGvHYIqt8Hz96HEj%2BTk3FGkyeaCtFqlUKLal67UGCoeQ8shqPNQTI%2FyUMQeisxDInZ9RiMm27zNwoaIu0E7bMSh4GGddjuhaIQhCj7lN0SeDcH1ENyuI7Pr6KshbPEd3HIFJzy4fEK8N9cxEBVKSVA6gpISlIqgzAnKQfVAaNdw1abQrmD1WW7McrMamby3QR%2BYvCdTspHtkWenxniHP%2FwBfbnr83pAm2FEuxHvtEIWt4Mg4m0RNGUnZK1OA05VUO7QvtQ1NSHHnllEpiZk7vq%2FYHQbTm%2BDKw%2B0eBG0HLUbAejyKOwEWEu%2Fypal5v3VGtOm5zKT17hJIEyFLJ9Dvupt6D3ywv5HtR%2Ffg%2BQ7ZBbgtkJmK9xW3xP09N3RTVOS%2BzdN6ciXb2S5StQazZVJb%2BU0l95nV%2BRqaay4fN4NPz3Lp8C0fLQoXX6VpkKlPUceLighpL1oLJfkm8tuSbIbhVteKGxaZFdvnLt4OcmsdE6ZdAyqfnr7LriakKd%2Fn99fzWOveFB2DFtUSIoDpspsg2frcNnOa8%2F%2F9fXt9%2F75Dc7MweqDGZZ5KItqZBvs4FIrAi0PesoqOLlz5tfH44%2Fenf8bTO58%2B8cTbMPdRc%2B%2BBJrfQZpUGNgKA12B6iFccXiUZ3bnzM%2FN%2FQDT3ohp691n2up7T6x1atfvBHFLdDtxM5KNIGw1myGPmyxohlHYjTo8Qu4m%2FNXB8n8AAAD%2F%2FwEAAP%2F%2FFYNqfZYEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:58 GMT
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Server: nginx/1.22.0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 7
X-Request-ID: 53dddf68137e03a203c423775c97a59e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbs
swellknife.com/pixel/ 0
469 B 128ms
128ms Image
text/plain 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swellknife.com/pixel/sbs?c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tudodewinxx.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 19:00:58 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame E39C 44 KB
44 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tudodewinxx.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 259824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame E39C 44 KB
44 KB 184ms
101ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tudodewinxx.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 259824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: venetrigni.com
URL: https://venetrigni.com/stats

Domain: salutationcheerlessdemote.com
URL: https://salutationcheerlessdemote.com/sfp.js

Domain: venetrigni.com
URL: https://venetrigni.com/stats

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstCfa4525827 Value: 1663268455615
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstCla4525827 Value: 1663268455615
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstCmu4525827 Value: 1663268455615
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstPn4525827 Value: 1
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstPt4525827 Value: 1
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstCnv4525827 Value: 1
tudodewinxx.blogspot.com/	1970-01-20 14:46:44	Name: HstCns4525827 Value: 1
tudodewinxx.blogspot.com/	1970-01-20 06:01:15	Name: ppu_main_fd17bf3904e0e065f8c8ef248e4b9d0a Value: 1
tudodewinxx.blogspot.com/	1970-01-20 06:01:15	Name: sb_main_c10a345a95c864bf7005c7d03e84b682 Value: 1
tudodewinxx.blogspot.com/	1970-01-20 06:01:15	Name: sb_count_c10a345a95c864bf7005c7d03e84b682 Value: 1
swellknife.com/	1970-01-20 06:02:34	Name: u_pl Value: 17009868
swellknife.com/	1970-01-20 06:02:34	Name: pdhtkv Value: true
swellknife.com/	1970-01-20 06:02:34	Name: uncs Value: 1
swellknife.com/	1970-01-20 06:02:34	Name: pdhtkv29 Value: true
swellknife.com/	1970-01-20 06:02:34	Name: uncs29 Value: 1
swellknife.com/	1970-01-20 06:01:08	Name: slecc10a345a95c864bf7005c7d03e84b682 Value: [3667345]
tudodewinxx.blogspot.com/	1970-01-20 06:01:08	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: swellknife.com
simplewebanalysis.com/	1970-01-20 15:37:08	Name: uid_id2 Value: 7075a2e5-433b-4b31-ac32-c819aa678a9c:1:1
tudodewinxx.blogspot.com/	1970-01-20 06:11:13	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 7075a2e5-433b-4b31-ac32-c819aa678a9c%3A1%3A1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://venetrigni.com/stats Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://venetrigni.com/stats Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://salutationcheerlessdemote.com/sfp.js Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ANbyha2DECXALJIJ8fmLfZ95xOl6qB7N9DysDQOS-DqTRiAQ7wsKRqTMFAlUEn8uJTt_d8TW3xihL3kwIZeHBkoTJYitpTU=w288-h162-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
addresseepaper.com
apis.google.com
cdn.barscreative1.com
cdn.sb4you1.com
clenchedyouthmatching.com
fonts.googleapis.com
fonts.gstatic.com
hamzah79.github.io
lh3.googleusercontent.com
noticebroughtcloud.com
pagead2.googlesyndication.com
s10.histats.com
s4.histats.com
salutationcheerlessdemote.com
simplewebanalysis.com
swellknife.com
tudodewinxx.blogspot.com
unseenreport.com
venetrigni.com
www.blogger.com
salutationcheerlessdemote.com
venetrigni.com
142.0.204.220
192.243.59.12
192.243.61.225
192.99.8.34
2606:4700:3038::6815:eafe
2606:4700:e6::ac40:c902
2606:50c0:8002::153
2a00:1450:4001:800::2001
2a00:1450:4001:803::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::200e
2a00:1450:4001:830::2009
2a00:1450:400e:801::200a
2a02:b48:8300::3
35.157.30.157
46.105.201.240
0162a1509d1c67494f86024dd7629dc2f6742ea838f7ff57194c26faf976e8d7
028afb4a5d6a68c0d13eaf91ec9e9e5d103b8be40aedac868798d472d375aa96
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
13ba5fb7245ba4e948118fe71238d060f5ba563b18a1c720ee38929224e24543
15a3ee8c8eee217e423e95df100674106a82bdb256427de54f019885e23f7268
24ccdc313d784770bb4aade0ce5b907460743ffc1c176f45620f05fbae44e7a3
28019169ef0f8ec43f159e819837d4482b9a4943c6d2a95e626e986f322958a0
2d94a090aaa1d4e8ff711a478d0c1bc1a91f0d196503683ead7308f88c048b1e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dff06a854c21e84c135e5c44b3dc0f665689d692af37f14e613c9c013bfcff7
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
36faf80518d14d1a3e4b6e8f57de96671a1c03e4913a2a7363e2c969f322b8cf
4328ec2dda5ce13ed25d84172041e9ee1bf7b286e8585bd528252d6eea07ae34
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
5639d7913493c7c2f33f5a20d69b703c52fa1165ba7d213f410c91c65fe94ac0
807de58ce538b776affdf91fc91c0cd04f8abb59f0fb46b2774979efd3df1fad
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
886c1464adc081900777285dc67de4591e460e1e9be61958a48c16068583929c
88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b
8e84403be58adf4b73aceccc922ad02cd1f534a9587b69b850e1113054cb6f56
953ff42ffad1a55d6bac81081163c2e207938ca24e6975a333e937158d994e5d
982ad1f55d3787aec44c81a524106f1f216c9d1962fab80fc6ee3a1588cf2e00
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
a877d18de61f68a6bf3f8240fa730e23e2d80ffbc4b5e1293e5697dc6a585d96
b2eb5fa52565bd3f4d988336a78b0ba5bacaf24ee4aabee0508f312bc81bddbc
b46da9b21a04e6744e2c3a54ba8778e2598b1e135c69cfbf6c80539b9d9111a8
caf07c075da69c03b60f61f26c51893f539b263c10147c58668f3481eeda9827
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d852124de9705a749bc9a78093853e44ca325bdd857f652c91d6f356e1874651
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
feb631ad0783f46bdd25e3af9ef3a2befda7df044c54194015b0311b9dfa86f5

tudodewinxx.blogspot.com Open in urlscan Pro 2a00:1450:4001:809::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

94 %HTTPS

67 %IPv6

19 Domains

21 Subdomains

19 IPs

6 Countries

662 kBTransfer

1360 kBSize

19 Cookies

2 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tudodewinxx.blogspot.com Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

94 %
HTTPS

67 %
IPv6

19
Domains

21
Subdomains

19
IPs

6
Countries

662 kB
Transfer

1360 kB
Size

19
Cookies

47 HTTP transactions
1 data transactions