URL: http://blogqpot.com/
Submission Tags: falconsandbox
Submission: On May 31 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 41 HTTP transactions. The main IP is 216.158.229.70, located in United States and belongs to IS-AS-1, US. The main domain is blogqpot.com.
This is the only time blogqpot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 216.158.229.70 19318 (IS-AS-1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 52.222.206.146 16509 (AMAZON-02)
1 3 139.45.197.236 9002 (RETN-AS)
10 20 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.64.199.35 13335 (CLOUDFLAR...)
1 52.222.236.53 16509 (AMAZON-02)
1 4 188.114.97.3 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.20.218.77 13335 (CLOUDFLAR...)
1 104.20.219.77 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
41 18
Apex Domain
Subdomains
Transfer
20 dwuser.com
www.dwuser.com
1 MB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 33
3 KB
4 ranopportunityt.com
ranopportunityt.com
2 KB
4 cloudfront.net
d2ghscazvn398x.cloudfront.net
117 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
21 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 13643
c.statcounter.com — Cisco Umbrella Rank: 9051
15 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 27873
101 KB
2 cobalten.com
cobalten.com — Cisco Umbrella Rank: 667348
27 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817
31 KB
2 googglet.com
googglet.com
www.googglet.com
2 KB
2 blogqpot.com
blogqpot.com
10 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
73 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11120
541 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 adthereissome.info
adthereissome.info
537 B
1 oclaserver.com
go.oclaserver.com — Cisco Umbrella Rank: 954106
305 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
33 KB
0 Failed
function sub() { [native code] }. Failed
41 18
Domain Requested by
20 www.dwuser.com 10 redirects blogqpot.com
6 accounts.google.com 4 redirects blogqpot.com
4 ranopportunityt.com 1 redirects blogqpot.com
4 d2ghscazvn398x.cloudfront.net blogqpot.com
d2ghscazvn398x.cloudfront.net
2 www.google-analytics.com blogqpot.com
www.google-analytics.com
2 pogothere.xyz d2ghscazvn398x.cloudfront.net
2 cobalten.com blogqpot.com
go.oclaserver.com
2 maxcdn.bootstrapcdn.com blogqpot.com
2 blogqpot.com blogqpot.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com blogqpot.com
1 www.googglet.com googglet.com
1 my.rtmark.net go.oclaserver.com
1 www.facebook.com blogqpot.com
1 adthereissome.info d2ghscazvn398x.cloudfront.net
1 go.oclaserver.com 1 redirects
1 code.jquery.com blogqpot.com
1 googglet.com blogqpot.com
0 null Failed d2ghscazvn398x.cloudfront.net
41 21

This site contains links to these domains. Also see Links.

Domain
driverlayer.com
Subject Issuer Validity Valid
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-28 -
2024-02-27
a year crt.sh
adthereissome.info
Amazon RSA 2048 M01
2023-05-05 -
2024-06-02
a year crt.sh
ranopportunityt.com
GTS CA 1P5
2023-05-30 -
2023-08-28
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-03-09 -
2023-06-07
3 months crt.sh
rtmark.net
R3
2023-05-06 -
2023-08-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-05-19 -
2023-08-11
3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-24 -
2023-12-24
a year crt.sh

This page contains 2 frames:

Primary Page: http://blogqpot.com/
Frame ID: 2C53EFA8AD920EBDF1EA4A41C5E9EEB7
Requests: 40 HTTP requests in this frame

Frame: http://null/TDU3Y2gtV1QOVzlHW15NfnMSUS4oB1ALGy9UTRUGfwwPG0YvWVgWDCpHWA0cYltSF01+c3MtIDxdeis6FHNmWj8fBXY3Kh0EdCc9fWB0Nh8fcHUpDgteZSsmHXQFNzt5ZGUiXQpkXy0jDQQPFjp8ZHg2LShncQsAGnN2OiYZWXI2KSsEcSYAP3NiCAMNbXUxOh9jXDUvfV5uNCo4cHYJIQ5jcSY+HlJlMC4gXlY2KhliZlItC2ZQWi0ZZG0oPQ13ViEudWZUDy0LZl85MgtSfSw6DXgFJj0kZ2QmIQ1gBzIrHnNiKC0aQmUyEHRxYBtZDW0GTiZ+ZGYHJhhCeSAtGV1lJCp1VnMEEC9gZjpdHnR9Jj8OeHw1PglyZAQyGnMGWz4fd2EkKg5efTIAOG9/UzkPeFA1JBldAiYvJwxvIVgVVGRSJQtgZjkjCVlyMD4dUn4lPRZMY1IhBGJQByUeBWEpTiZGWA0YcWEHIREYBEMZGXRHTRQDGA
Frame ID: 1C4BC5DDBA149DF1CA826ECC7A07A691
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

32 %
HTTPS

47 %
IPv6

18
Domains

21
Subdomains

18
IPs

5
Countries

1725 kB
Transfer

2370 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css HTTP 307
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Request Chain 3
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js HTTP 307
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Request Chain 6
  • http://go.oclaserver.com/apu.php?zoneid=1185183 HTTP 302
  • http://cobalten.com/apu.php?zoneid=1185183
Request Chain 7
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
Request Chain 8
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
Request Chain 9
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
Request Chain 10
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
Request Chain 11
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
Request Chain 12
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
Request Chain 13
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
Request Chain 14
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
Request Chain 15
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
Request Chain 16
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg HTTP 301
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
Request Chain 22
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneEMsBbBCa1eq8DLhqf6sNU83K7r1PRExxSLWWAFurH21x57x5N4iEIkSpd8Mn-B38kKWrC3 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S1879347311%3A1685497906283485&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFp2-_g34PDFC3SDkX-wdQIDODdeoOthW4E01PwJrdZKLx-MqtSoCGldgL3pzpy5LUBGzmmkg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 23
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGe9Zkc9IXixv6SXgLY11TaRWf6cGSC8aJ9PMQ9BWVJK6x7AK9fU0PXXyamsJEr3kHr16O8 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S34255739%3A1685497906322668&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGjYt90yla5sNYWfko3POE7FrR3N6ubNhP8n8yUHc4lCaEz6RikHvQ0CpgI6-EYxYOZdsJu1g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 24
  • http://ranopportunityt.com/popunder.gif HTTP 301
  • https://ranopportunityt.com/popunder.gif

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blogqpot.com/
11 KB
4 KB
Document
General
Full URL
http://blogqpot.com/
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
4fd6e3b0ebf6f90a062b6ae7215ff9d3165ae74082f4c2c37e8934abb9d77dc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
Keep-Alive
content-encoding
gzip
content-length
3882
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 01:51:45 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
styleDesk.css
googglet.com/imgs/assets/
5 KB
2 KB
Stylesheet
General
Full URL
http://googglet.com/imgs/assets/styleDesk.css
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
91db94d2d3f0fefb1ed7f967eac612ce1b3490477b1c95d3a0510edd53b24fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:45 GMT
content-encoding
gzip
last-modified
Sat, 31 Oct 2015 14:41:58 GMT
server
LiteSpeed
etag
"136b-5634d336-2818b2;gz"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
1388
expires
Wed, 07 Jun 2023 01:51:45 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/
Redirect Chain
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
120 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
864
age
29524588
cdn-cachedat
02/24/2022 14:58:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fbe7e6fea753e22c4e1fd8ba1cf2b066
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cfb92d399401e18-FRA
cdn-requestpullsuccess
True

Redirect headers

Location
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jquery-1.8.2.min.js
code.jquery.com/
91 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.8.2.min.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:45 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-16cfb"
vary
Accept-Encoding
x-hw
1685497905.dop206.fr8.t,1685497905.cds215.fr8.hn,1685497905.cds201.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33384
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/
Redirect Chain
  • http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
  • https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718, 718
age
10864595
cdn-cachedat
2021-04-13 02:50:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f555eecc83d07422a81af3803a9b15cc
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7cfb92d399421e18-FRA
cdn-requestpullsuccess
True

Redirect headers

Location
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jquery.popupoverlay.js
blogqpot.com/assets/
29 KB
6 KB
Script
General
Full URL
http://blogqpot.com/assets/jquery.popupoverlay.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
04fb607d71bd2d670cb60d3b91ee53885340cd6581eed67e72056bd875bdcfa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:45 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2017 18:39:43 GMT
server
LiteSpeed
etag
"7496-590a23ef-1a010e;gz"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
5827
expires
Wed, 07 Jun 2023 01:51:45 GMT
/
d2ghscazvn398x.cloudfront.net/
326 KB
115 KB
Script
General
Full URL
http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
52.222.206.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-146.fra56.r.cloudfront.net
Software
/
Resource Hash
b246e11a2de9eafec3115fd163e61b64e9c8c7dfc242cee77cb3de84b93cb7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 May 2023 01:51:45 GMT
content-encoding
gzip
Via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
117310
X-Amz-Cf-Id
b3GIoxPpih22PvzLrVlQr8hCxk50okscdN411D1W543u_9V75gNvYA==
apu.php
cobalten.com/
Redirect Chain
  • http://go.oclaserver.com/apu.php?zoneid=1185183
  • http://cobalten.com/apu.php?zoneid=1185183
63 KB
25 KB
Script
General
Full URL
http://cobalten.com/apu.php?zoneid=1185183
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f7d5e7eacc65e52773fe07007d620df19cb82da74727c656863a9c9c2205a0a3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:51:45 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
95dfbb3280a3f6c83da701e01252af44
Pragma
no-cache
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires
Tue, 11 Jan 1994 10:00:00 GMT

Redirect headers

Date
Wed, 31 May 2023 01:51:45 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
http://cobalten.com/apu.php?zoneid=1185183
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
138
7.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
84 KB
85 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4282cd1cd6aeda3960f5a6dcfcf1b7e2e973c213291ff4c56f214bbf8da9bc71

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"151d6-58d61f8bf5ff7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq5CamD%2Fdfvt3QZBj6%2FvbpdL6C4Of65M0duR52ei9KiAeUa49oRFFqboSYkQNbrf4Y3beWAQNr%2BsRZNKImxc2ZH1EJsM%2Baon2WDqEClMHjDKkyzOtxokUNfRmzvxoPksBhLMyyaEFh2C9aewVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d90c0a9b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
86486

Redirect headers

Date
Wed, 31 May 2023 01:51:45 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6T0DzJFvzl3PUuemkVCFWNi9Y6xOj%2Ft%2BAnhwxgrOTPE5PduvN9zL7ogbhBrpM%2F7Akx%2Fua%2FabZlV274%2FUC2FEZVkMCG%2B4ePJV08IjpD96Sz%2FFDS6l7t4PylXZGvYKULug0s1VS%2B%2F6xT1RC8pN%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/7.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d65ab9036e-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:45 GMT
1.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
157 KB
157 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b0967706a16fe52d6db96de7e05ddbd0cfa72dcdaf3f164089def25d27e0d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"27323-58d61f8bf0237"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cw%2BAlF%2B2ZFoSD%2FUb35VIOsHTwn1BJAkpFeNzDagbwmOpdl5DhqSBPkXWONOp08nwXTmSyOflbt6yN%2FeBYp%2BqicqCM7KzJe3A4mpYJutHHR2%2Fy7rbLY3qrEonShfwQxnWT6i73J4kv4iiGlXp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d98c579b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
160547

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYiqfd4OOTA3BL3ifzFeVRBsmOlzUs4hGM2iY6di8gHj6Tpql2XvnnXoYdKSJ9VdzrgSPY%2FHeDPlkcVseAZjmwMjDoPDBDBKVwuBIlvyq7V4de1%2Bsk%2BgkcKMHqaSD6UI52AijKDsetdXep9Dtw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/1.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d8dc83036e-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
2.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
97 KB
98 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ba4b3d465cc0c1b1f7ea418006776dc57bbbf0da5df975749e65399009a931

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18564-58d61f8bf2177"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpdpW2wTKb62dnbl6elAD4Z%2BFZlRWa%2Beo1cHzq1TdP%2F9Om4%2BgpTioIKsXymOVrhkYrQ88SyttQSGCOTOHbtgTH7EK3r6G3vyQZIDU9%2BMHpLW1onNsv8su7NiASpE9HhphI8MsZ65JEu2eXlq8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9bc809b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
99684

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Lhy9x9u48WQa2mb4d8H7iJ2wolTw18byWr2N26pfKvXy9mKqpjpp7dMwlxTxnWtJqwYTb5kI69OTyy2jQrf%2FYSix6nef3%2FdvPfhEc5FkeqEjKBYlToXwu%2BqUpamCQq55HdybKLNjXzl9qsH1g%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/2.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d97cda036e-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
3.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
171 KB
172 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d057014ad14f9d6ed7a6f13651e1c69f1607c72853ff4697a3b644fa2705e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2ac29-58d61f8beb417"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjTh4dl7jImk3AoGAVacZNwz3atCetgPpfkH7QDBO0wRrrMgFFyQ6a6TgYQWTw7DngygwPbNq0N6ZGf00WP%2FCNuBiDqZX%2FpiWMN5ss8Dw35StH0t7Z%2FvXp%2FqtjQO5ilqc0JNewCH9CgkROeibg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9bc839b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
175145

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbBOrKYU9nbahajLarvRbpMr5SaNE9BKOLfWEaYWvfqIFddVgTsfiyolrifQeOime%2FBMRjhoQAGwl94w3g9HcPDU9ckzdDEFBhkG%2BGNGMQD0JwqGwbZ4RSkl2XFSU6lY%2BLHeP7lXPQlxqqFb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/3.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d98d995c56-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
10.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
69 KB
69 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d94731bd0ff2965f0ec51f2e8c4f84c93ac4b241eb1c499ee17c06548c7875

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"112ca-58d61f8bf40b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxG4tNxuEaWVo8NKKyS5Kyj3in2odRnUOhQredZYUwJFgwacpgV4DoB7lhRdlRs6AgJr5b2zH1Q%2BgLJUGcQfoeLR%2FjqdUyLhyP4z%2BW1oF8h8fIAw42z8xTWjeaJPB1D%2Bk6n8K4%2B2j%2FwM2IoSlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9bc819b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
70346

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28T68lhUSEZIUXe%2B%2FZegJNpGRdjI7SC%2BsQCNG257HF3%2FZd7plO%2F%2FpUOj7QdIj0%2Bo6vI8cR8u4TNKWJegfQRyb9bW4Mr3nxvbtP5rSifXgC%2B726QL9cP9JbZIjoj7BG4leS0y3eZO6dBqB%2FpKqw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/10.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d98f992c37-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
4.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
151 KB
152 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd20cc8d121d6d0cd3d435fde61e650b9a4a06b49d658999d54fbdce32c3aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"25c92-58d61f8bee2f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXaQloUBJQhsCqNQnAMqNfMmh7S%2B9uoswI07h0SdtLy1326bFLsUafUOTZ14PXhyKSuK0IpixlOE%2FO%2Fdfxra%2BMFySmMfcPyvE8bTuyWuJXUvbiFsog%2B4JijjuG3XCBDrsGll19Rss5SaTIEQwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9bc829b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
154770

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQH0RI0C1UWhcLxVYSy1UKma4Bw1uJyrUTjjdd%2F1aTfWQl7ZH7ng0CQ7lZeq5xrDmm3cwYlhi8J720p27RhW9k7hqiT8416VsBdwc%2BP2srPpabY7dthPPs4rh59MyCHS2JvBJSZuOU7DVr2K6g%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/4.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d98b9f0368-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
5.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
154 KB
154 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473bd7e311ce56491d5babd8f60bb6800c89bb662af6b35837ad1d22d007c051

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"267dd-58d61f8bf8ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvGWwcdBZY5Iki%2FHsOO%2BFyq4Rs54012YKNMecfk2auZiDAPyQRfrwviVbpVot0Tz2tWucbtSegd7jNbVP8q1DV8johlVo%2FvL55gVX0qWTc9gjDxsaMQWfnx6KFqqTUVUsgRk3X1WBErMHkrakg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9ec979b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
157661

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62JCgq7Vq7YWX1Gy9ies9Kg6yIQ5FtZpCOx7E0uwbi3v5f8mQC66GtXrDy2CGLwdSRf%2BT4qo0rf8jBtuzAOJCeKaDdoJCxVuot3Ve3JZyU4%2FXRp45A8P7lgL%2Bb7kuaUW%2B78HoVP6UIg3lv%2BZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/5.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d9dd0c036e-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
6.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
172 KB
172 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4208a6ed7f0866df21c15943e708bf729a21555999394d563d307171972012

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2aeff-58d61f8bf5057"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZVFzgIqOMte8fd6iyefIDjHyh8f6hvhkXeDxerHFqlySA6HnvIOYZXY8Onl5sAhBZ5vNsM9LvNgYtYMUjiGMR7dw4sDh%2BEa79C01nhmVti%2FaUBuAFRZs7S1A%2FRcdjMnTVkqcBxk%2BctM%2FjAkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9dc939b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
175871

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6VgAq3eUoDBuORnWbvVcWfdTbI8IzSdTLIbIEwH2S5Kw6nRFB3KYEaDE48cLcQOA1Neg0B9nZkCihJySFcSET1xGb3CjB7u%2Fc%2FJ9MOxMl3XuNRQtJ1VwuYHs8vbcnrG1dKYPLkqsG%2B2N5U6Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/6.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d9cdd55c56-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
8.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
112 KB
113 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e4125e895980c68684b37e4f5ca8b79eb69131d0f99f0d26af48809f7ea9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:47 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1c190-58d61f8bed357"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oknLfZcs0qj%2BeUU65T8jLUmwbN5Gnm2KeJVYWZBF2rtQ48VHQw%2BIYrbhGMlmYZ%2FGaLvJzT7crhj3OArRJxWZtTq2JOsQrP29OUAFyxcf%2F8N%2F7tXlG9bqGTmxtvJ9HzHS53Qq8%2Bbh4XzDXWZvgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9eca39b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
115088

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5mhzsnw3jMvI4Md2yIVPsBSCzBIvE6%2FudAyZIdGtuDyep316UVnnVWnNgb6Kl7rYNtKyCeBsSy5D8igBpwfV8Pt1DkBuyqMpd%2FVUz0MKlTS5KPaCJxkxOBvvrT%2F0D56H6%2BBeuMmAy2ohPIlCw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/8.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d9dbcd0368-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
9.jpg
www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/
Redirect Chain
  • http://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
  • https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
120 KB
120 KB
Image
General
Full URL
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
2606:4700:3034::6815:3209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af6cb5865c4910485c6b9a21adec0f6ce502847dde490c6042b6eed0245bf81

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:47 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 11 Jul 2019 06:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1de4e-58d61f8bf11d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZGxbkiphBxUDiZixJNC%2FP%2BIIVvWAIgjhUwB8UevgcjpImz80K9eZhXha8bvXmW84zL47mi027Fvg6JrhE3uUWobRZOXF1dssFsWAVKWymc4iuiS4yk5wLu4z%2FcSZDOhllZlffS%2Bhh0BSuTOiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cfb92d9eca49b67-FRA
alt-svc
h3=":443"; ma=86400
content-length
122446

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY04cL2UW2a9cGO9DayBIrCHv1xRALCF2YBbY%2FK%2BRcWEVDRicPoDrd75e0n%2BaXlMwNYNIYKhalTKL1udLCVMd1mDd4FYvZN4qO%2B7TaDgBxjZcKUXYRQp20YKjR7TqIu6lS7kxWJTquaTa%2F0f6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.dwuser.com/education/content/creating-responsive-tiled-layout-with-pure-css/images/demo/9.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d9dfc12c37-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
asd100.bin
pogothere.xyz/
100 KB
100 KB
Fetch
General
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 30 May 2023 18:17:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://blogqpot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmZ1OPyJluRfzsMdpThBOXsQsFGPh2acl%2FqtRy1%2B7Z33x3ZNZByMz2IL08nSwmE73kLB4S1leO9DzFawoT0s4RlZsicu6WUnbyGA8XL6Ws9qHNGE%2BoCWQlFNs9BbCqst"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7cfb92d92bc69201-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/
27 B
615 B
Fetch
General
Full URL
https://pogothere.xyz/
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da734df922c621d7138e8e6740e2925b3fafa2502f4d41dd7233e2710d2f6b9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTxUi2ze5bAnS0f2E1l%2F0IKQ%2Bm0JEHMsEeDCc8joOGN9W0PndNXAlpuZqxaRlxEIuC6mXwSobMLpGrHP3ZP4rgioczMBvPBd6gmZckwscBo9ifOeE%2B5WwR%2FRlm7dfGqV"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://blogqpot.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7cfb92d92bc79201-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
adthereissome.info/
0
537 B
XHR
General
Full URL
https://adthereissome.info/utx?cb=OBwfejUCsQ71&top=blogqpot.com&tid=622295
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-53.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:51:46 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://blogqpot.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
JCXr4PqpZ56ZSXoUnalNIc9X4r68JblDprnsFTDMjj6CZSGR0MRC-w==
AQwXSHpXHQQBJ0xcRk1+RVRHTHtHXUZC
ranopportunityt.com/dUtxbXBadBIeTRcxGTsiRCMmKSc3eCgrGzoSKVQALRo3ARMYe1cZGRF2R19CR3JESwAcL0xcVgY/EBkFBnZASxkbLR5QVgN2QENDQWVCX15HbQRQQVM/
0
258 B
Image
General
Full URL
https://ranopportunityt.com/dUtxbXBadBIeTRcxGTsiRCMmKSc3eCgrGzoSKVQALRo3ARMYe1cZGRF2R19CR3JESwAcL0xcVgY/EBkFBnZASxkbLR5QVgN2QENDQWVCX15HbQRQQVM/AQwXSHpXHQQBJ0xcRk1+RVRHTHtHXUZC
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp0fzjHHt%2BC9gQLuYnuXmBzyqXABWVgL25udZW98hrxnl2lgRp9P0zqboikGvY9JHsdpeFaf5ZhLbmx5AAGId0Bh3IBP0urLXFXMqCiAt82Yt%2Bw%2F%2F1a5HKY1QF%2FCYZoQ4MdCQjwk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cfb92d9bbc137ec-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneEMsBbBCa1eq8DLhqf6sNU83K7r1PRExxSLWWAFurH21x57x5N4iEIkSpd...
  • https://accounts.google.com/v3/signin/identifier?dsh=S1879347311%3A1685497906283485&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFp2-_g34PDFC3SDkX-wdQIDODdeoOthW4E01PwJrdZKL...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S1879347311%3A1685497906283485&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFp2-_g34PDFC3SDkX-wdQIDODdeoOthW4E01PwJrdZKLx-MqtSoCGldgL3pzpy5LUBGzmmkg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Wed, 31 May 2023 01:51:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-T9cOIKHgXMu6SQW8wvm0VQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
397
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S1879347311%3A1685497906283485&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFp2-_g34PDFC3SDkX-wdQIDODdeoOthW4E01PwJrdZKLx-MqtSoCGldgL3pzpy5LUBGzmmkg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGe9Zkc9IXixv6SXgLY11TaRWf6cGSC8aJ9PMQ9BWVJK6x7AK9fU0P...
  • https://accounts.google.com/v3/signin/identifier?dsh=S34255739%3A1685497906322668&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGjYt90yla5sNYWfko3POE7FrR3N6ubNhP8n8yUHc4lCaE...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S34255739%3A1685497906322668&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGjYt90yla5sNYWfko3POE7FrR3N6ubNhP8n8yUHc4lCaEz6RikHvQ0CpgI6-EYxYOZdsJu1g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H3
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date
Wed, 31 May 2023 01:51:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RzW75iggOkxbqqo0Nzqfgw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
399
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S34255739%3A1685497906322668&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGjYt90yla5sNYWfko3POE7FrR3N6ubNhP8n8yUHc4lCaEz6RikHvQ0CpgI6-EYxYOZdsJu1g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
ranopportunityt.com/
Redirect Chain
  • http://ranopportunityt.com/popunder.gif
  • https://ranopportunityt.com/popunder.gif
35 B
533 B
Image
General
Full URL
https://ranopportunityt.com/popunder.gif
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 15:06:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38701
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJfJc5tNEVSjAJIS4W%2FxLOY24nhIpOh6m3FfZuXw8uOY8OqUDx0PIGjZBiU1SMBwEUcsdhry2Z2O3pI7dpLV3ME76v2I%2FA5OukyYLm3TRySkZ8zD%2FXSXmWpP6clv0OOEmL2i2nWD"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7cfb92d9fbf237ec-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 31 May 2023 01:51:46 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpnkEoOVq%2FogY%2FIwlBpe61qrDwgsXyG3q6FH5%2Fg%2FBARtWZKopmir%2BbfA76m3iLDq05aRn%2F7aqKNgmwRkng3TQglPL%2BOlfnJFAvQfhNQwUpEKJLTl20QTSoqLZ6p5ObZpACZX9M1L"}],"group":"cf-nel","max_age":604800}
Location
https://ranopportunityt.com/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
7cfb92d9ddd99188-FRA
alt-svc
h3=":443"; ma=86400
Expires
Wed, 31 May 2023 02:51:46 GMT
V0pRQm54dTIxUwAmCzsMAyYjIAUFHBAFFiEbYDUnNngTBTgWenc2BzN3Z3VbYXJpZB4+LmxzVnE5JSMaIjlsc0g+JDctU3E8bHNAZ2RjbF1xP2xzSCM6MCVTZmwhNho7d2B0VmJ+aHVXZ3xhelc
ranopportunityt.com/
0
248 B
Image
General
Full URL
https://ranopportunityt.com/V0pRQm54dTIxUwAmCzsMAyYjIAUFHBAFFiEbYDUnNngTBTgWenc2BzN3Z3VbYXJpZB4+LmxzVnE5JSMaIjlsc0g+JDctU3E8bHNAZ2RjbF1xP2xzSCM6MCVTZmwhNho7d2B0VmJ+aHVXZ3xhelc
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiNJy4ioyVTHJGUPFMANTtXcS0qu3ozt1xS7usCxBUG%2FBvTtoOREPn1wL5N07ND5R6JSj7tcb8zT2FpmR3nJpF6bjTUYNm%2Br6Bzpba5Do3X4PnJj9obstWw9niQj2NGyzIY%2FkK%2BN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cfb92d9dbd537ec-FRA
alt-svc
h3=":443"; ma=86400
gid.js
my.rtmark.net/
65 B
541 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=34d52d30772d4af1924e19802a85becd
Requested by
Host: go.oclaserver.com
URL: http://go.oclaserver.com/apu.php?zoneid=1185183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9b35694eab8296ff473ed83c7cb8fcdb3be6f89bc6a2e279661fdfaaead6dd04
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://blogqpot.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
search.png
www.googglet.com/img/
378 B
702 B
Image
General
Full URL
http://www.googglet.com/img/search.png
Requested by
Host: googglet.com
URL: http://googglet.com/imgs/assets/styleDesk.css
Protocol
HTTP/1.1
Server
216.158.229.70 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
blogqpot.com
Software
LiteSpeed /
Resource Hash
e098299739463998895c7f2bf91fd9c73faa9cd5524b100d11fa3c9f5e79684e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://googglet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
last-modified
Wed, 02 Sep 2015 04:50:14 GMT
server
LiteSpeed
etag
"17a-55e68006-240ec3;;;"
content-type
image/png
cache-control
public, max-age=604800
connection
Keep-Alive
accept-ranges
bytes
content-length
378
expires
Wed, 07 Jun 2023 01:51:46 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 May 2023 00:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4572
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 31 May 2023 02:35:34 GMT
counter.js
www.statcounter.com/counter/
44 KB
15 KB
Script
General
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: blogqpot.com
URL: http://blogqpot.com/
Protocol
HTTP/1.1
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd

Request headers

Referer
http://blogqpot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 31 May 2023 01:51:46 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
User-Cache-Control
max-age=43200
Age
35763
Transfer-Encoding
chunked
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection
keep-alive
Last-Modified
Mon, 29 May 2023 17:16:25 GMT
Server
cloudflare
ETag
W/"ae4f-5fcd83f17bc30"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43200
CF-RAY
7cfb92d9ded13665-FRA
Expires
Wed, 31 May 2023 03:55:43 GMT
/
cobalten.com/
2 KB
2 KB
Fetch
General
Full URL
http://cobalten.com/?rb=VhGoMli2TRKHhWr8fK-JeYKj6HN4iV-ChKt1DegufgZswr9v0viTR2s6rQHsAomgJ2DzeR5BQVK7kksiXL1nofDd4y-RAVDpWpoF-rTSNaz96cTiIjgIQ-_-rdsXMFYmjlUowxGj0Gm-iK-sKwmk7gKXSeXBCRdR6AF6oOIRK3ZBSJFpFKGBdMF5lQjBh7O_CZsCJtTrj0H290Wn-5NWzYENYslfbGKhUcEV_EvGS-vaGnPi7Dc2R06IO__lNUa1YB_lFdq2OXdZanJiwb3dLzmWUYw%3D&request_ab2=0&zoneid=1185183&js_build=iclick-1.548.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Fblogqpot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-1.548.0&bs=8041f8d6-81c5-45f2-ac0a-c3c6b4e30eec&userId=34d52d30772d4af1924e19802a85becd&m=link
Requested by
Host: go.oclaserver.com
URL: http://go.oclaserver.com/apu.php?zoneid=1185183
Protocol
HTTP/1.1
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
68dc4192b701208fb7209afc9747331396547cdb18e6fb6eb19afd050388a8cf
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:51:46 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
bc8e69edf425d03435e199dc251449d5
Pragma
no-cache
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://blogqpot.com
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires
Tue, 11 Jan 1994 10:00:00 GMT
t.php
c.statcounter.com/
192 B
618 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=11106452&u1=3C32611066414F00AFFA657EFE5E2486&java=1&security=fd67f294&sc_snum=1&sess=c61bc8&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//blogqpot.com/&t=&invisible=1&sc_rum_e_s=1565&sc_rum_e_e=1583&sc_rum_f_s=0&sc_rum_f_e=1558&get_config=true
Requested by
Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
http://blogqpot.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
7cfb92da5b18bc01-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
mR2hiRzUkBwwhCjMBBnoDdVpQfgBhAhEoWzdVEBJRcQoUPV8vMCUqEzMSBnoFYQQDKVJ6TgcpVnpZRCZRJVVSYUE3Bwl6VzIEEzVTJQ8aNxMyCV8qWj0BDitUYlokcht3TVB3HTABDCNaMBtHdQUpHEd1BXZYTHcQdCpHdQUwAQxxAWJbIGIHdxBUcxxiWl-ImRTc...
d2ghscazvn398x.cloudfront.net/
676 B
884 B
Script
General
Full URL
http://d2ghscazvn398x.cloudfront.net/mR2hiRzUkBwwhCjMBBnoDdVpQfgBhAhEoWzdVEBJRcQoUPV8vMCUqEzMSBnoFYQQDKVJ6TgcpVnpZRCZRJVVSYUE3Bwl6VzIEEzVTJQ8aNxMyCV8qWj0BDitUYlokcht3TVB3HTABDCNaMBtHdQUpHEd1BXZYTHcQdCpHdQUwAQxxAWJbIGIHdxBUcxxiWl-ImRTcEBzBQJQMLMxB1Lld0AmlbVGIHd0AJL0EqBEd1dmJaUitcLA1HdQUgDQEsWm5NUHdWLxoNKlBiWiR2BHRGUmkAcV9QaQR1Xkd1BTQJBCZHLk1QAQB0X0x0A2EdX3YHcF1RdQF+XFp3DHNdV3Y
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
HTTP/1.1
Server
52.222.206.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-146.fra56.r.cloudfront.net
Software
/
Resource Hash
ad0b0a9d4066f0e0bd3b01963fb5f2ec9ab497b98c4efbabcb22dd7aa48d2bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:51:46 GMT
content-encoding
gzip
Via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
497
X-Amz-Cf-Id
W_XXtotVd0TBXKYXYA5ncteSaBuU5oJndVWkyH1cQ9v_d7kvojE_1w==
UzkPeFA1JBldAiYvJwxvIVgVVGRSJQtgZjkjCVlyMD4dUn4lPRZMY1IhBGJQByUeBWEpTiZGWA0YcWEHIREYBEMZGXRHTRQDGA
null/TDU3Y2gtV1QOVzlHW15NfnMSUS4oB1ALGy9UTRUGfwwPG0YvWVgWDCpHWA0cYltSF01+c3MtIDxdeis6FHNmWj8fBXY3Kh0EdCc9fWB0Nh8fcHUpDgteZSsmHXQFNzt5ZGUiXQpkXy0jDQQPFjp8ZHg2LShncQsAGnN2OiYZWXI2KSsEcSYAP3NiCAMNbXUx... Frame 1C4B
0
0

b0sKEnl6AH4DYm9KeFY7OhQtQC4oEyFDbng+fQR8ZE-t+Enl6UCNfPycUbQUIb0p4WyIhHW0Fey0dK1wkY116BygiCidaLm9KDgZ6eVZ4GX58T3oZenhObQV7ORkuVjkjXXpxfnlPZgR9bA11Bnl9TXsFf3NMcAdyfk19Bg
d2ghscazvn398x.cloudfront.net/cS0p4SDcoJRYuCD8jHHUBfH9OcA9tIAsnWTt3Mi5ZIyY1O2QsbAwyU3Z6XiRWJS1FblIlKUV5ESouGnUHbT8ZdVokMBEkWypvSg4CZXpdegdjPREmUyQ9C20FeyQMbQV7e0hmB255Om0Fez0RJgF/
197 B
579 B
Script
General
Full URL
http://d2ghscazvn398x.cloudfront.net/cS0p4SDcoJRYuCD8jHHUBfH9OcA9tIAsnWTt3Mi5ZIyY1O2QsbAwyU3Z6XiRWJS1FblIlKUV5ESouGnUHbT8ZdVokMBEkWypvSg4CZXpdegdjPREmUyQ9C20FeyQMbQV7e0hmB255Om0Fez0RJgF/b0sKEnl6AH4DYm9KeFY7OhQtQC4oEyFDbng+fQR8ZE-t+Enl6UCNfPycUbQUIb0p4WyIhHW0Fey0dK1wkY116BygiCidaLm9KDgZ6eVZ4GX58T3oZenhObQV7ORkuVjkjXXpxfnlPZgR9bA11Bnl9TXsFf3NMcAdyfk19Bg
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
HTTP/1.1
Server
52.222.206.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-146.fra56.r.cloudfront.net
Software
/
Resource Hash
8cb83dc84765470cfef3c43f576ebaf82be605075852536ca9d5e490daac5fdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:51:46 GMT
content-encoding
gzip
Via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
192
X-Amz-Cf-Id
CoUOjUKGKBQg60Tbp9hMu1j2Y3n-4Ctb_-A4HJv5LUakD-rrXIGCqA==
dGIYC3xiZwYQIS8hW1RvdRYTCnorPF1db3VlUV0pLDofHXh3Nl5KJSowEwoMdmQFFnppYAAPeGlkBA5vdWVFWSwmJ18deAFgBQ9kdGMQTXc
d2ghscazvn398x.cloudfront.net/oVTY4Skc2WVYseCFfXHdxYgMOcn5zXEslKSULaS0AAmxwLiMUXkkgMQ8QTDAjaAYeJiY7UQVsIjtVBXthNFJad3dzQ1l3KjpMUSYrNBMKDHJ7Bh14d31BUSQjOkFLb3VlWExvdWUHCGR3cAV6b3VlQVEkcWETCwhiZwZAfH...
290 B
638 B
Script
General
Full URL
http://d2ghscazvn398x.cloudfront.net/oVTY4Skc2WVYseCFfXHdxYgMOcn5zXEslKSULaS0AAmxwLiMUXkkgMQ8QTDAjaAYeJiY7UQVsIjtVBXthNFJad3dzQ1l3KjpMUSYrNBMKDHJ7Bh14d31BUSQjOkFLb3VlWExvdWUHCGR3cAV6b3VlQVEkcWETCwhiZwZAfHN8Ewp6JiVGVC8wMFRTIzNwBH-5/dGIYC3xiZwYQIS8hW1RvdRYTCnorPF1db3VlUV0pLDofHXh3Nl5KJSowEwoMdmQFFnppYAAPeGlkBA5vdWVFWSwmJ18deAFgBQ9kdGMQTXc
Requested by
Host: d2ghscazvn398x.cloudfront.net
URL: http://d2ghscazvn398x.cloudfront.net/?cshgd=622295
Protocol
HTTP/1.1
Server
52.222.206.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-146.fra56.r.cloudfront.net
Software
/
Resource Hash
39a90dc90e2b59eeda4f9d163a575f902907fe554712347a9a2436b167b4ee55

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 31 May 2023 01:51:46 GMT
content-encoding
gzip
Via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
251
X-Amz-Cf-Id
m5hZSyIlP9RfGGqKA8bWT6UXc9X4WgONVa1JhgdqBJ9haFW9pRwfMA==
collect
www.google-analytics.com/j/
15 B
218 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=164670029&t=pageview&_s=1&dl=http%3A%2F%2Fblogqpot.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1164377030&gjid=263901062&cid=172856878.1685497906&tid=UA-85219586-1&_gid=623576159.1685497906&_r=1&_slc=1&z=1791495566
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9eb9993a5fe5aff724a591032dea5feacbf29f35020f675d1ceda6857b0479cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://blogqpot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:51:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://blogqpot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
203 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XG3M1RYT42&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93a027c50a0182592712ffdd14329e57f220008f1b3b6eaf27583d982f2337bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:51:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74669
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 May 2023 01:51:46 GMT
collect
region1.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XG3M1RYT42&gtm=45je35o0&_p=164670029&cid=172856878.1685497906&ul=en-us&sr=1600x1200&ir=1&_eu=EBA&ngs=1&_s=1&sid=1685497906&sct=1&seg=0&dl=http%3A%2F%2Fblogqpot.com%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XG3M1RYT42&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://blogqpot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 01:51:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://blogqpot.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dHAzSUZbT1A6eyA0WxASGCoKESsfAX4wNhApe3grEhdfJiBGKRU9LxBNBXBxQUkLbzYdFA57d1IDRygyAQMOfXVSGV0vKUlWRXR3WkAdemhEVkc5JxNNAm8ZSUEFcXNASQRwd0VCC3k
null/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
null
URL
http://null/TDU3Y2gtV1QOVzlHW15NfnMSUS4oB1ALGy9UTRUGfwwPG0YvWVgWDCpHWA0cYltSF01+c3MtIDxdeis6FHNmWj8fBXY3Kh0EdCc9fWB0Nh8fcHUpDgteZSsmHXQFNzt5ZGUiXQpkXy0jDQQPFjp8ZHg2LShncQsAGnN2OiYZWXI2KSsEcSYAP3NiCAMNbXUxOh9jXDUvfV5uNCo4cHYJIQ5jcSY+HlJlMC4gXlY2KhliZlItC2ZQWi0ZZG0oPQ13ViEudWZUDy0LZl85MgtSfSw6DXgFJj0kZ2QmIQ1gBzIrHnNiKC0aQmUyEHRxYBtZDW0GTiZ+ZGYHJhhCeSAtGV1lJCp1VnMEEC9gZjpdHnR9Jj8OeHw1PglyZAQyGnMGWz4fd2EkKg5efTIAOG9/UzkPeFA1JBldAiYvJwxvIVgVVGRSJQtgZjkjCVlyMD4dUn4lPRZMY1IhBGJQByUeBWEpTiZGWA0YcWEHIREYBEMZGXRHTRQDGA
Domain
null
URL
http://null/dHAzSUZbT1A6eyA0WxASGCoKESsfAX4wNhApe3grEhdfJiBGKRU9LxBNBXBxQUkLbzYdFA57d1IDRygyAQMOfXVSGV0vKUlWRXR3WkAdemhEVkc5JxNNAm8ZSUEFcXNASQRwd0VCC3k

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery number| LAST_CORRECT_EVENT_TIME object| utr_622295 number| userTrackingInterval number| _3648961283 number| _448764338 object| win object| zfgstorage object| em1vf3nz99a object| zfgformats function| onClickTrigger boolean| zfgonclickfirst object| syncCallbacks boolean| zfgloadedpopup string| GoogleAnalyticsObject function| ga number| sc_project number| sc_invisible string| sc_security string| scJsHost function| _statcounter function| rUd6bvzjhXGm function| JfnhlMsSg function| QgGWZHddAhqjvZ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager number| iinf

10 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 1275324948094551@1@1685497906
my.rtmark.net/ Name: ID
Value: 34d52d30772d4af1924e19802a85becd
blogqpot.com/ Name: prefetchAd_1185183
Value: true
.blogqpot.com/ Name: sc_is_visitor_unique
Value: rx11106452.1685497906.3C32611066414F00AFFA657EFE5E2486.1.1.1.1.1.1.1.1.1
.blogqpot.com/ Name: _gid
Value: GA1.2.623576159.1685497906
.blogqpot.com/ Name: _gat
Value: 1
.blogqpot.com/ Name: _ga_XG3M1RYT42
Value: GS1.1.1685497906.1.0.1685497906.0.0.0
.blogqpot.com/ Name: _ga
Value: GA1.1.172856878.1685497906
.statcounter.com/ Name: is_unique
Value: sc11106452.1685497906.0
.statcounter.com/ Name: is_visitor_unique
Value: 1685497906646755355

5 Console Messages

Source Level URL
Text
javascript warning URL: http://blogqpot.com/(Line 311)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://blogqpot.com/(Line 311)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S1879347311%3A1685497906283485&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFp2-_g34PDFC3SDkX-wdQIDODdeoOthW4E01PwJrdZKLx-MqtSoCGldgL3pzpy5LUBGzmmkg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S34255739%3A1685497906322668&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGjYt90yla5sNYWfko3POE7FrR3N6ubNhP8n8yUHc4lCaEz6RikHvQ0CpgI6-EYxYOZdsJu1g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: http://null/dHAzSUZbT1A6eyA0WxASGCoKESsfAX4wNhApe3grEhdfJiBGKRU9LxBNBXBxQUkLbzYdFA57d1IDRygyAQMOfXVSGV0vKUlWRXR3WkAdemhEVkc5JxNNAm8ZSUEFcXNASQRwd0VCC3k
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adthereissome.info
blogqpot.com
c.statcounter.com
cobalten.com
code.jquery.com
d2ghscazvn398x.cloudfront.net
go.oclaserver.com
googglet.com
maxcdn.bootstrapcdn.com
my.rtmark.net
null
pogothere.xyz
ranopportunityt.com
region1.google-analytics.com
www.dwuser.com
www.facebook.com
www.googglet.com
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
null
104.20.218.77
104.20.219.77
139.45.195.8
139.45.197.236
172.64.199.35
188.114.97.3
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
216.158.229.70
2606:4700:3034::6815:3209
2606:4700::6812:acf
2a00:1450:4001:80f::200d
2a00:1450:4001:811::200e
2a00:1450:4001:830::2008
2a03:2880:f176:84:face:b00c:0:25de
52.222.206.146
52.222.236.53
04fb607d71bd2d670cb60d3b91ee53885340cd6581eed67e72056bd875bdcfa3
1a4208a6ed7f0866df21c15943e708bf729a21555999394d563d307171972012
29ba4b3d465cc0c1b1f7ea418006776dc57bbbf0da5df975749e65399009a931
2af6cb5865c4910485c6b9a21adec0f6ce502847dde490c6042b6eed0245bf81
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
39a90dc90e2b59eeda4f9d163a575f902907fe554712347a9a2436b167b4ee55
4282cd1cd6aeda3960f5a6dcfcf1b7e2e973c213291ff4c56f214bbf8da9bc71
473bd7e311ce56491d5babd8f60bb6800c89bb662af6b35837ad1d22d007c051
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4fd6e3b0ebf6f90a062b6ae7215ff9d3165ae74082f4c2c37e8934abb9d77dc4
68dc4192b701208fb7209afc9747331396547cdb18e6fb6eb19afd050388a8cf
6d057014ad14f9d6ed7a6f13651e1c69f1607c72853ff4697a3b644fa2705e75
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cb83dc84765470cfef3c43f576ebaf82be605075852536ca9d5e490daac5fdb
91db94d2d3f0fefb1ed7f967eac612ce1b3490477b1c95d3a0510edd53b24fb3
93a027c50a0182592712ffdd14329e57f220008f1b3b6eaf27583d982f2337bf
9b35694eab8296ff473ed83c7cb8fcdb3be6f89bc6a2e279661fdfaaead6dd04
9eb9993a5fe5aff724a591032dea5feacbf29f35020f675d1ceda6857b0479cc
ad0b0a9d4066f0e0bd3b01963fb5f2ec9ab497b98c4efbabcb22dd7aa48d2bf4
b246e11a2de9eafec3115fd163e61b64e9c8c7dfc242cee77cb3de84b93cb7aa
b4e4125e895980c68684b37e4f5ca8b79eb69131d0f99f0d26af48809f7ea9fd
c2b0967706a16fe52d6db96de7e05ddbd0cfa72dcdaf3f164089def25d27e0d1
da734df922c621d7138e8e6740e2925b3fafa2502f4d41dd7233e2710d2f6b9a
e098299739463998895c7f2bf91fd9c73faa9cd5524b100d11fa3c9f5e79684e
e1d94731bd0ff2965f0ec51f2e8c4f84c93ac4b241eb1c499ee17c06548c7875
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7d5e7eacc65e52773fe07007d620df19cb82da74727c656863a9c9c2205a0a3
fbd20cc8d121d6d0cd3d435fde61e650b9a4a06b49d658999d54fbdce32c3aaf