createmale-shift.blog Open in urlscan Pro
172.67.161.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://createmale-shift.blog/
Effective URL:
https://createmale-shift.blog/
Submission: On May 11 via api (May 11th 2024, 2:39:06 am UTC) from BE — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 172.67.161.199, located in United States and belongs to CLOUDFLARENET, US. The main domain is createmale-shift.blog.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.

This is the only time createmale-shift.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	172.67.161.199 172.67.161.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
23	8

15 172.67.161.199 (United States)

ASN13335 (CLOUDFLARENET, US)

createmale-shift.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	createmale-shift.blog createmale-shift.blog	21 MB
5	gstatic.com www.gstatic.com fonts.gstatic.com	38 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 translate.googleapis.com — Cisco Umbrella Rank: 866	72 KB
1	google.com translate.google.com — Cisco Umbrella Rank: 1182	31 KB
23	4

	Domain	Requested by
15	createmale-shift.blog	createmale-shift.blog
3	fonts.gstatic.com	fonts.googleapis.com createmale-shift.blog
2	www.gstatic.com	www.gstatic.com
1	translate.googleapis.com
1	fonts.googleapis.com	createmale-shift.blog
1	translate.google.com	createmale-shift.blog
23	6

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
createmale-shift.blog GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://createmale-shift.blog/
Frame ID: EB765BE3A998A97FFEE49A4B8E7B00B3
Requests: 23 HTTP requests in this frame

Frame: data://truncated
Frame ID: 18093D1B866574736E78AEA411817B71
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Olimpos Tanrıları

Page URL History Show full URLs

http://createmale-shift.blog/ HTTP 307
https://createmale-shift.blog/ Page URL

Page Statistics

23
Requests

100 %
HTTPS

71 %
IPv6

4
Domains

6
Subdomains

8
IPs

2
Countries

21846 kB
Transfer

22172 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.aegisinteractive.goo&hl=tr&gl=TR
Title: Başlayın

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://createmale-shift.blog/ HTTP 307
https://createmale-shift.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
createmale-shift.blog/
Redirect Chain

http://createmale-shift.blog/
https://createmale-shift.blog/

18 KB
4 KB

169ms
106ms

Document
text/html

172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://createmale-shift.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8db71b42f5a03639f75c81b59c4fdd02e5731cab335a12ddb545f91692f68de2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 881ecbce2a7c6aec-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 11 May 2024 02:39:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ruo4555Ulc1mqga%2BLoArSwKBYjHUoeDQiE57pmAygXyyMcC0KnwD7yQGKXZncWx7GXzLwKaxnpCSHPit4chpCD%2BVtsgcX0uP%2B%2BytC4vODQh5W57SdubdgIuxqwu6cjgPfyjk7%2FXuUjY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://createmale-shift.blog/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 script.js Show response
createmale-shift.blog/welp/45380/ 3 KB
960 B 51ms
51ms Script
application/javascript 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://createmale-shift.blog/welp/45380/script.js?v=1715395140
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2bf43ea17e7db6569ef243c7d35ba78bd57f34c50ab4dd23d7414d308a4bc0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6634eaed-a76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJA6XOyqPOuyS011BoF6B%2FyfND%2Frv89%2F%2BdyNN0Xu25OTDpAYCB1NeCLpZCsYJt1nDx4t3k%2B1chZhZHwYo1VkTF2%2F2lw6XMbuQ5mTv4LmrNNMLr7nWDBtIA103coGt1xTGgY%2Balui7QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 881ecbcedaad6aec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
createmale-shift.blog/welp/45380// 115 KB
7 KB 61ms
60ms Stylesheet
text/css 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18920118683a7194bc2298ffc85a2ea91d0165a8d8728889616ff8a9ec509023

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6634eaed-1ca5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdxjjorNo4BzrmMx5WwoLWo0fuFnKmr3TLeoNqow0GjuSAX0%2F1l11l%2FNhsj1Z4lHSzrFlE8cf9MOfbhpiPCacS5cZ0qILogzEC5O7u2R864wZsVBsInA4r9zgdYVpT77OFzX7tiXXTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 881ecbcedaae6aec-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 144ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=TranslateInit

Requested by

Host: createmale-shift.blog
URL: https://createmale-shift.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee322774ebb9e4aa49bed80e2305bb178471e0e1c3e283c118baf7661498314d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 02:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1002 B 135ms
49ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swap

Requested by

Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 May 2024 02:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 May 2024 01:08:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 May 2024 02:39:01 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/ 22 KB
5 KB 126ms
39ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ChebGfhJ1jM.O/am=BgM/d=1/rs=AN8SPfqI-snFePz9zYy63bG0airIqjBU9Q/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 May 2025 22:18:09 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ChebGfhJ1jM.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfowCUD8eQLNWELkpoboJ3JoLmCevg/ 206 KB
71 KB 154ms
39ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ChebGfhJ1jM.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfowCUD8eQLNWELkpoboJ3JoLmCevg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ChebGfhJ1jM.O/am=BgM/d=1/rs=AN8SPfqI-snFePz9zYy63bG0airIqjBU9Q/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72582
x-xss-protection: 0
last-modified: Wed, 08 May 2024 17:11:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 May 2025 02:38:01 GMT

GET
H3 200 201-64.svg
createmale-shift.blog/welp/45380//img/ 225 B
626 B 51ms
51ms Image
image/svg+xml 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/201-64.svg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a3fc4fb769e7444dc6b34b08df8f318f8187c9ba4d39fb714e274b3d8055f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6634eaed-e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Eo646L1atko8F3B8NCAXBOZz%2F9c1pvcLD1jgkmAIjwr35F2GwDanIEr1aBNjyQwx1RNqdGkYVRzMDYA0HjPbTIpWJurdJqLu6wOqMa2doxro%2Fq8NkPMGOyz2iSwUk7I1FGQgkjJX2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 881ecbd01b146aec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 201-76.svg
createmale-shift.blog/welp/45380//img/ 323 B
667 B 52ms
52ms Image
image/svg+xml 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/201-76.svg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8a84950aec3b3e77d0741cac7f8addf0490a76979fb46bbc710f79256382e5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6634eaed-143"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBw4hq1C1E2kTmsby6Wp3LvklHNTNIZ5TsQhj6ONiQVLht%2FblwOnpDWlwzFcYk8CbrgWZpK2FI35vxfsEKwU%2BQoMx8NdwKED1k4qjezOpLPcH4RnfHiigVsRMppqa46eQAQIyeK7aqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 881ecbd01b156aec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 64-2368.svg
createmale-shift.blog/welp/45380//img/ 2 KB
1 KB 90ms
90ms Image
image/svg+xml 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/64-2368.svg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddb3b7f09e8267abec6f8fd70948ee8f716e9d7fd0ab8ed2fc226f345a633c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6634eaed-64e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4A6954LIkv3xNJSrHa%2BmmPtnRTP%2BtZ6Pjdq%2FMG2KgTAGordszsgpVqy9IaX4Jf8FV%2BWDimNRl9ur4KtX246244p57mjNbigZSrvYnx4MFNN86Ib3G5bs%2FQUZeibutrI2AMbTJDqfaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 881ecbd01b166aec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_38-1954.jpg
createmale-shift.blog/welp/45380//img/ 2 MB
2 MB 91ms
91ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_38-1954.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8cfd341b93232e49215d08a1f8f4079735243dd5601eeb715e0661c061f38dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-1e506c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFcpkiH7HeJm0jBbLumEjjeRt3Obr%2FqlpK3e4cel09HZFAOgYRHZZ8jjVBrikfUKoPC%2F3UWqFVcV73aQmrrQA44gIs5mamHgDs3h7VxdquTu8Go1xgHKuIr8MIDb56QaQOqDWQ7g1MQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b176aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1986668

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_38-1956.jpg
createmale-shift.blog/welp/45380//img/ 3 MB
3 MB 336ms
336ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_38-1956.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff7426cf9bb821c3897b14f435aac59ec9015d101c540d8f79735d0f3b5a243

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-2ccbfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBxqb4zvjvv7FODwOn2%2FknzpI%2BVxagMwTrq0O2td3WUSMUBrb1WNJ9gV1bYKBsjlRedTuSLcssylkdUW6wWSovWsJq1q%2BPkdVnBzJq1eIX8AezPXxOaqP1ANiTtKHy3VAMDQ24ehwb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b186aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2935806

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_39-27.jpg
createmale-shift.blog/welp/45380//img/ 3 MB
3 MB 447ms
446ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_39-27.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f68ff579efcce27494ef027b1c0cf8377d8c6eabb40db5d65240c230cd48e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-2fce30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7mi7vhEQcPJIbSGm0z%2FFJR9ASQzGDubV7p9yEZ9YECLShR7dp04LmU2ptjY0jyo9TX5zDs32HOvWUK6RdmdV2XKNkCdAW4OJdYgFwDl7YEK8EnIfhNqnhKBTXVjpT%2BxLDOJG9UCYK7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b196aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3132976

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_39-29.jpg
createmale-shift.blog/welp/45380//img/ 3 MB
3 MB 542ms
542ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_39-29.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c769ace8699c35565144c8b61601243095babcd50885e9cb2697db0836aa31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-2e7974"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8OLPjXniCqDDrfJwp9cIaFwmg3YScXDaHqjSa%2FpukcCyFbxHjyJDoQ6tGL9J1dxW%2F652T57tW63qi96R3EgW1BQ%2B%2FK%2F%2Bpxk4XtcnE7F%2F34wYBM44cr%2FHHaZzYA3KWEwuqeYLZzzwfCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b1a6aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3045748

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_39-32.jpg
createmale-shift.blog/welp/45380//img/ 2 MB
2 MB 667ms
667ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_39-32.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8cfd341b93232e49215d08a1f8f4079735243dd5601eeb715e0661c061f38dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-1e506c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6paFBytij8Xtzuu6eTETA8i5JRyJxmInz%2Ffs7I08eN4W0n8P03WfvhDx0nmX%2BkW2D5l11u415%2BeofhzV0KUdXieTq5ZiL9G9d2fmO%2BSZpRWen%2FkvmuvOF41tse0pEMQt3H7Q0dAbGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b1b6aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1986668

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_39-34.jpg
createmale-shift.blog/welp/45380//img/ 3 MB
3 MB 52ms
51ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_39-34.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff7426cf9bb821c3897b14f435aac59ec9015d101c540d8f79735d0f3b5a243

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-2ccbfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SZGPfQ74dI4MWWIodCDEpt%2Bgu1T3HzTxsLWWGWGcq9C4GgquubSK0b81rzYXRK8wMwhPQOXDPiAh82NNX%2F%2Fu71KYiKDQvJPuaoH245c17DS4mcI56vZqQFYCaAnDELtRZj9Rn4p9p7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b1c6aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2935806

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_46-4193.jpg
createmale-shift.blog/welp/45380//img/ 3 MB
3 MB 858ms
857ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_46-4193.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f68ff579efcce27494ef027b1c0cf8377d8c6eabb40db5d65240c230cd48e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-2fce30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCAFDo7Rv10f5WGw5F5JpEe%2BBITK8pXPlW4zw8TDth0%2B0aMY11cv9F7iSIaPCPkUmcHUajLjUPjjPxORAW4lI8WfQmzzBdT3uX%2Bk7R%2FP%2FNitFyi6tSRfCXAc%2FFSnG9e%2FUKl6NZvc478%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b1d6aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3132976

GET
H3 200 ac2649d16e08df1b375db272781021e368d1c4cc_61-326.jpg
createmale-shift.blog/welp/45380//img/ 3 MB
3 MB 998ms
998ms Image
image/jpeg 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://createmale-shift.blog/welp/45380//img/ac2649d16e08df1b375db272781021e368d1c4cc_61-326.jpg
Requested by: Host: createmale-shift.blog
URL: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c769ace8699c35565144c8b61601243095babcd50885e9cb2697db0836aa31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/welp/45380//style.css?v=1715395140
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:01 GMT
cf-cache-status: MISS
last-modified: Fri, 03 May 2024 13:47:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6634eaed-2e7974"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7U53VyexUjFgyxY0mXC%2FHq%2BtLOP4J6Kdg9CSlixJasYa4OXtnJ1HEgiGYtmsGdeTGTA9XfQ%2BQiXhnbmKdPla%2BWv%2F%2ByZlf0%2BIkr5KOqyUISSCF0gBcwHeGomuYC05CWHs35ac5538gU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 881ecbd01b1e6aec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3045748

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swapfamily=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://createmale-shift.blog
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 13:27:43 GMT
x-content-type-options: nosniff
age: 306678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 13:27:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 136ms
50ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://createmale-shift.blog
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 03:29:55 GMT
x-content-type-options: nosniff
age: 342546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 03:29:55 GMT

GET
DATA 200
OK truncated Show response
/ Frame 1809 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 86ms
40ms Image
image/svg+xml 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: createmale-shift.blog
URL: https://createmale-shift.blog/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 18:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 May 2025 18:38:33 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 15:16:04 GMT
x-content-type-options: nosniff
age: 40977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 May 2025 15:16:04 GMT

GET
H3 404 favicon.ico
createmale-shift.blog/ 16 B
455 B 51ms
51ms Other
text/html 172.67.161.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://createmale-shift.blog/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://createmale-shift.blog/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 02:39:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqLJZTG9sTwdhv7fEyOKlPnviNd9jX%2F5KOJZFDJrsO4ZRrFByz%2Ff6yejotjHO5gZ0nrI8oJTmFbGaiP9wxgkqVJYcJkZO00Qrb%2BJkewiowIbJSHvigXoElGkLzuMGxyU4DQERi5zCHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 881ecbd75df06aec-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
createmale-shift.blog/	1970-01-20 20:31:43	Name: url Value: https%3A%2F%2Fcreatemale-shift.blog%2F
createmale-shift.blog/	1970-01-20 20:31:43	Name: v_params Value: %5B%5D
.createmale-shift.blog/	1970-01-21 05:15:31	Name: googtrans Value: %2Fru%2Fde

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://createmale-shift.blog/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

createmale-shift.blog
fonts.googleapis.com
fonts.gstatic.com
translate.google.com
translate.googleapis.com
www.gstatic.com
172.217.16.131
172.67.161.199
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::200e
02a3fc4fb769e7444dc6b34b08df8f318f8187c9ba4d39fb714e274b3d8055f9
18920118683a7194bc2298ffc85a2ea91d0165a8d8728889616ff8a9ec509023
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3ddb3b7f09e8267abec6f8fd70948ee8f716e9d7fd0ab8ed2fc226f345a633c9
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
8db71b42f5a03639f75c81b59c4fdd02e5731cab335a12ddb545f91692f68de2
8ff7426cf9bb821c3897b14f435aac59ec9015d101c540d8f79735d0f3b5a243
aa8a84950aec3b3e77d0741cac7f8addf0490a76979fb46bbc710f79256382e5
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
c3c769ace8699c35565144c8b61601243095babcd50885e9cb2697db0836aa31
c8cfd341b93232e49215d08a1f8f4079735243dd5601eeb715e0661c061f38dd
d3f68ff579efcce27494ef027b1c0cf8377d8c6eabb40db5d65240c230cd48e1
de2bf43ea17e7db6569ef243c7d35ba78bd57f34c50ab4dd23d7414d308a4bc0
ee322774ebb9e4aa49bed80e2305bb178471e0e1c3e283c118baf7661498314d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

createmale-shift.blog Open in urlscan Pro 172.67.161.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

23 Requests

100 %HTTPS

71 %IPv6

4 Domains

6 Subdomains

8 IPs

2 Countries

21846 kBTransfer

22172 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

createmale-shift.blog Open in urlscan Pro
172.67.161.199 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

71 %
IPv6

4
Domains

6
Subdomains

8
IPs

2
Countries

21846 kB
Transfer

22172 kB
Size

3
Cookies

23 HTTP transactions
1 data transactions