dailylenglui.blogspot.com Open in urlscan Pro
2a00:1450:4001:801::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dailylenglui.blogspot.com/
Submission: On September 21 via manual (September 21st 2021, 12:54:25 am UTC) from US — Scanned from DE

Summary HTTP 212 Redirects Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 55 domains to perform 212 HTTP transactions. The main IP is 2a00:1450:4001:801::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is dailylenglui.blogspot.com.

This is the only time dailylenglui.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:82f::2009	15169 (GOOGLE) (GOOGLE)
10	2600:9000:225... 2600:9000:225e:e00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:7c00:16:876:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 11	192.0.123.247 192.0.123.247	2635 (AUTOMATTIC) (AUTOMATTIC)
19	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	192.0.77.36 192.0.77.36	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
17	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	3.124.181.115 3.124.181.115	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3035::6815:884	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::6815:a8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	192.0.123.248 192.0.123.248	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2a02:3d0:623:... 2a02:3d0:623:a000::8006	22822 (LLNW) (LLNW)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
16 18	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	192.99.13.63 192.99.13.63	16276 (OVH) (OVH)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3036::6815:4193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	51.161.15.92 51.161.15.92	16276 (OVH) (OVH)
1	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST)
2 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
4 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.30.185.188 52.30.185.188	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.159.118.206 18.159.118.206	16509 (AMAZON-02) (AMAZON-02)
2 2	38.27.122.126 38.27.122.126	174 (COGENT-174) (COGENT-174)
2 3	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	208.100.17.180 208.100.17.180	32748 (STEADFAST) (STEADFAST)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1 2	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1	51.89.24.70 51.89.24.70	16276 (OVH) (OVH)
5	2600:9000:225... 2600:9000:225e:8200:16:876:8540:93a1	() ()
212	56

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dailylenglui.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:225e:e00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:7c00:16:876:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.123.247 (Los Angeles, United States) 2 redirects

ASN2635 (AUTOMATTIC, US)
PTR: intensedebate.com

www.intensedebate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.36 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

i.polldaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.poll.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.181.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:884 (United States)

ASN13335 (CLOUDFLARENET, US)

gamesfromheaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:a8d (United States)

ASN13335 (CLOUDFLARENET, US)

suchenachmuschi.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.123.248 (Los Angeles, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)
PTR: polldaddy.com

polldaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

sites.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:3d0:623:a000::8006 (United States)

ASN22822 (LLNW, US)

s3t3d2y7.ackcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 16 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.13.63 (Ajax, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4193 (United States)

ASN13335 (CLOUDFLARENET, US)

iadoremakingpics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.15.92 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns570935.ip-51-161-15.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.185.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-185-188.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.118.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-206.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.27.122.126 (Chestertown, United States) 2 redirects

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.188 (Amsterdam, Netherlands) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.180 (United States)

ASN32748 (STEADFAST, US)
PTR: ip180.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.24.70 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip70.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:8200:16:876:8540:93a1 (None, )

ASN- ()

sd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	google.com 17 redirects apis.google.com sites.google.com accounts.google.com www.google.com	240 KB
21	ggpht.com lh6.ggpht.com lh4.ggpht.com lh5.ggpht.com lh3.ggpht.com yt3.ggpht.com	2 MB
19	googleusercontent.com lh6.googleusercontent.com lh3.googleusercontent.com	1 MB
18	infolinks.com resources.infolinks.com router.infolinks.com	280 KB
18	sharethis.com w.sharethis.com s.sharethis.com ws.sharethis.com l.sharethis.com sd.sharethis.com	103 KB
12	blogspot.com dailylenglui.blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 4.bp.blogspot.com	30 KB
11	facebook.com www.facebook.com	163 KB
11	intensedebate.com 2 redirects www.intensedebate.com	11 KB
10	exoclick.com syndication.exoclick.com main.exoclick.com	7 KB
9	youtube.com www.youtube.com	681 KB
8	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	8 KB
7	pubmatic.com 7 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	2 KB
7	blogger.com 1 redirects www.blogger.com	187 KB
6	doubleclick.net 4 redirects googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	3 KB
6	outbrain.com widgets.outbrain.com odb.outbrain.com	39 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
3	simpli.fi 2 redirects um.simpli.fi	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com sb.scorecardresearch.com	2 KB
3	dtscout.com 1 redirects e.dtscout.com t.dtscout.com	3 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	23 KB
3	histats.com s10.histats.com s4.histats.com	10 KB
3	google-analytics.com www.google-analytics.com	17 KB
3	googlesyndication.com pagead2.googlesyndication.com	133 KB
3	polldaddy.com 1 redirects i.polldaddy.com polldaddy.com	5 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	bnmla.com 2 redirects match.bnmla.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	poll.fm i0.poll.fm	7 KB
2	fbcdn.net scontent.xx.fbcdn.net	5 KB
2	realsrv.com main.realsrv.com	836 B
2	exdynsrv.com main.exdynsrv.com	838 B
2	suchenachmuschi.space suchenachmuschi.space	88 KB
2	gamesfromheaven.com gamesfromheaven.com	3 KB
2	paypalobjects.com www.paypalobjects.com	2 KB
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	dotomi.com 1 redirects casale-match.dotomi.com	186 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	33across.com ssc-cms.33across.com	72 B
1	rfihub.com 1 redirects p.rfihub.com	759 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	823 B
1	tynt.com de.tynt.com	289 B
1	iadoremakingpics.com iadoremakingpics.com	807 KB
1	ytimg.com i.ytimg.com	50 KB
1	ackcdn.net s3t3d2y7.ackcdn.net	21 KB
1	blogblog.com resources.blogblog.com	300 B
212	55

	Domain	Requested by
18	lh3.googleusercontent.com	www.blogger.com
18	www.google.com	16 redirects apis.google.com www.youtube.com
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
13	apis.google.com	dailylenglui.blogspot.com apis.google.com www.blogger.com accounts.google.com
11	www.facebook.com	dailylenglui.blogspot.com www.facebook.com
11	www.intensedebate.com	2 redirects dailylenglui.blogspot.com www.intensedebate.com
9	www.youtube.com	dailylenglui.blogspot.com www.youtube.com
9	ws.sharethis.com	w.sharethis.com ws.sharethis.com
8	syndication.exoclick.com	dailylenglui.blogspot.com syndication.exoclick.com
7	lh4.ggpht.com	dailylenglui.blogspot.com
7	lh6.ggpht.com	dailylenglui.blogspot.com
7	www.blogger.com	1 redirects dailylenglui.blogspot.com apis.google.com
5	sd.sharethis.com	s.sharethis.com sd.sharethis.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ib.adnxs.com	4 redirects
4	image8.pubmatic.com	4 redirects
4	3.bp.blogspot.com	dailylenglui.blogspot.com
4	widgets.outbrain.com	dailylenglui.blogspot.com widgets.outbrain.com
3	um.simpli.fi	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	www.google-analytics.com	dailylenglui.blogspot.com
3	resources.infolinks.com	dailylenglui.blogspot.com resources.infolinks.com
3	lh3.ggpht.com	dailylenglui.blogspot.com
3	pagead2.googlesyndication.com	dailylenglui.blogspot.com pagead2.googlesyndication.com
3	lh5.ggpht.com	dailylenglui.blogspot.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sb.scorecardresearch.com	1 redirects dailylenglui.blogspot.com
2	ap.lijit.com	2 redirects
2	match.bnmla.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
2	i0.poll.fm	dailylenglui.blogspot.com
2	e.dtscout.com	1 redirects dailylenglui.blogspot.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	platform.twitter.com	dailylenglui.blogspot.com platform.twitter.com
2	s10.histats.com	dailylenglui.blogspot.com s10.histats.com
2	accounts.google.com	1 redirects apis.google.com
2	odb.outbrain.com	widgets.outbrain.com
2	polldaddy.com	1 redirects dailylenglui.blogspot.com
2	main.realsrv.com	gamesfromheaven.com
2	main.exoclick.com	gamesfromheaven.com
2	main.exdynsrv.com	gamesfromheaven.com
2	suchenachmuschi.space	gamesfromheaven.com
2	gamesfromheaven.com	syndication.exoclick.com
2	4.bp.blogspot.com	dailylenglui.blogspot.com
2	2.bp.blogspot.com	dailylenglui.blogspot.com
2	1.bp.blogspot.com	dailylenglui.blogspot.com
2	l.sharethis.com	w.sharethis.com dailylenglui.blogspot.com
2	www.paypalobjects.com	dailylenglui.blogspot.com
2	dailylenglui.blogspot.com	dailylenglui.blogspot.com
1	t.dtscout.com	e.dtscout.com
1	sync.adotmob.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	b.scorecardresearch.com	widgets.outbrain.com
1	www.gstatic.com	www.youtube.com
1	iadoremakingpics.com	gamesfromheaven.com
1	ssl.gstatic.com	accounts.google.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	s4.histats.com	s10.histats.com
1	fonts.gstatic.com	www.youtube.com
1	s3t3d2y7.ackcdn.net	syndication.exoclick.com
1	sites.google.com	dailylenglui.blogspot.com
1	resources.blogblog.com	dailylenglui.blogspot.com
1	i.polldaddy.com	dailylenglui.blogspot.com
1	lh6.googleusercontent.com	dailylenglui.blogspot.com
1	s.sharethis.com	dailylenglui.blogspot.com
1	w.sharethis.com	dailylenglui.blogspot.com
212	87

This site contains no links.

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.intensedebate.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-13`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
exdynsrv.com R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
exoclick.com R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
realsrv.com R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.polldaddy.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh

This page contains 22 frames:

Primary Page: http://dailylenglui.blogspot.com/
Frame ID: 3A59D60E9F46067C13A316FEE7C78108
Requests: 102 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658224
Frame ID: E3E9623BD30394DE7732E619B59FF1DA
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Frame ID: 7E050604A249E513C1DD614DD2496721
Requests: 2 HTTP requests in this frame

Frame: https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
Frame ID: B87E604E37BE97E25680E5DF02CF3BB6
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Yl4ETw-TXos
Frame ID: 2A61A1B1FB21CA72865440153C4B397F
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
Frame ID: 1292F7C780867EC6630C0AD436D22E99
Requests: 1 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658792
Frame ID: 47585A66A3BD53B81538B14799EE3C5C
Requests: 2 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658794
Frame ID: 74A45A50376391876B3B3FC90E68FA6B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Frame ID: 32691623C5B9310AE7DBADCD81BA2F96
Requests: 11 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658816
Frame ID: AC32F687565495B5C0CEAC5F330DDD78
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Frame ID: 8DAAD0E4D9CB2A69383FD33EB697CA12
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&bpli=1
Frame ID: 86E18EA8BFB0FF69C033E67061D61BA6
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
Frame ID: 1AADFF98E6CCFD2D0AA7908248885BA5
Requests: 1 HTTP requests in this frame

Frame: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Frame ID: B41091D6D601283F499DD98FF51389A3
Requests: 6 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Frame ID: AD7E14357A33A3BDAA462A2CAF57BFF3
Requests: 3 HTTP requests in this frame

Frame: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Frame ID: 130638EE2C8114E9C57C66E99E773021
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fdailylenglui.blogspot.com
Frame ID: C43161ADA18BA67FC0E687CE23602D5A
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Frame ID: BCF65985908EFAA15198223A99338BDB
Requests: 16 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: BE9CAB388ADE6F207E3A0E831681C783
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 52088E9D11C704F2F1346C59FD4CBE43
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 36F322D72CD56000D9B9FDFEDC0B21A2
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 87AE4953DC42A5CCEF84DF05AE5B0C70
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

212
Requests

72 %
HTTPS

40 %
IPv6

55
Domains

87
Subdomains

56
IPs

8
Countries

6200 kB
Transfer

10387 kB
Size

76
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://apis.google.com/js/plusone.js HTTP 307
https://apis.google.com/js/plusone.js

Request Chain 7

http://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49 HTTP 301
https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49

Request Chain 35

http://www.intensedebate.com/widgets/acctComment/291108/10 HTTP 301
https://www.intensedebate.com/widgets/acctComment/291108/10

Request Chain 39

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 59

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1788447960&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185658365&utmac=UA-15433167-2&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1848245217&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1788447960&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185658365&utmac=UA-15433167-2&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1848245217&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 66

http://www.youtube.com/embed/Yl4ETw-TXos HTTP 307
https://www.youtube.com/embed/Yl4ETw-TXos

Request Chain 67

http://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light HTTP 307
https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light

Request Chain 70

http://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id= HTTP 301
https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=

Request Chain 79

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978 HTTP 307
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978

Request Chain 84

https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://dailylenglui.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D638100801402959337%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://dailylenglui.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.soliK2B9LKA.O/am%253DAQ/d%253D1/rs%253DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D638100801402959337%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://dailylenglui.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.de.soliK2B9LKA.O/am%253DAQ/d%253D1/rs%253DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/m%253D__features__%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&bpli=1

Request Chain 85

http://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light HTTP 307
https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light

Request Chain 103

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 135

http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j= HTTP 301
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j=

Request Chain 144

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 146

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTFDOTJDMDQtNDg3RS00MTEyLTg1QTktRkM0MkUxMTY0MjEz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA1C92C04-487E-4112-85A9-FC42E1164213 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=A1C92C04-487E-4112-85A9-FC42E1164213

Request Chain 147

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=9045594834743322627

Request Chain 148

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-AK_QAlpE2uHm9il.7fE27CbTzpg7xfC8iwCRINk-~A

Request Chain 149

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1272435918 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1272435918 HTTP 302
https://sync.1rx.io/usersync/tradedesk/8efae672-7fb7-4ab8-b6c8-2806de07fdf7 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-89f71766-a004-4bd7-9d3b-d292098aa710-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-89f71766-a004-4bd7-9d3b-d292098aa710-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-89f71766-a004-4bd7-9d3b-d292098aa710-003

Request Chain 150

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 152

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fdailylenglui.blogspot.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fdailylenglui.blogspot.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=9045594834743322627

Request Chain 154

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7436bc3c-1a76-11ec-93df-06d442bbc09c HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-iUoY8zhE2uH.ylk4CHbH9Prfk_7Jr4JQ~A~UP7436bc3c-1a76-11ec-93df-06d442bbc09c

Request Chain 155

https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
https://match.bnmla.com/usersync?dspid=6&uuid=DE1DCA67951044358FA1B3DE40B1746F HTTP 302
https://router.infolinks.com/dyn/enbd-usync?uid=383240db-3ef4-4ea1-9198-d1372f2039d0

Request Chain 156

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=97d9aa7bf444392e74e0579d

Request Chain 157

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DA1C92C04-487E-4112-85A9-FC42E1164213 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=A1C92C04-487E-4112-85A9-FC42E1164213

Request Chain 159

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1870471598214004453

Request Chain 165

https://www.google.com/s2/photos/public/AIbEiAIAAABDCIau85TF6vWSciILdmNhcmRfcGhvdG8qKGIwMTFhZTNlOTg1MDg0YzgwMWFmYzViNjI4MzAyNThlMmE4M2NmOTEwAZ25UUqjo4OpXeCdbYLlx8I29U-k HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Gi0bUZZ2N61BtxpgWC6s32Z490905OUwPV_B6oafg=s96-p

Request Chain 166

https://www.google.com/s2/photos/public/AIbEiAIAAABECO7Sjonww9O22AEiC3ZjYXJkX3Bob3RvKigxMjk3OGI4ZmY3YzU5ZTg2MjFlYjljNTg1NDM4NjA2MWMyNzdhMzc1MAE8R14_PYIODceIGWXHSUEtA2Bj6A HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgKu15WENJtX5DGYEtbP7vpCgwLlkTmomF7Rfg6SQ=s96-p

Request Chain 167

https://www.google.com/s2/photos/public/AIbEiAIAAABDCNKr6dyd2Z6vAyILdmNhcmRfcGhvdG8qKGFlZGFhNGZiYTk2N2VmMTI1ZjEyZmY2NDFiNjA5NDc4YTczNjEyNjQwARsAtmYyNzKIO-d9F-wPZIqk-VzM HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Gikit-9vXmcuvQFRbuDfD_w8mPCMYs1FLufn1KWig=s96-p

Request Chain 168

https://www.google.com/s2/photos/public/AIbEiAIAAABECOD7n-jR0KCO-gEiC3ZjYXJkX3Bob3RvKihmYmM0ZWJkOTNkN2FhNzAzZTgwYjFiOTE5YzgyYTBjN2ZkYzkxNTdiMAEx9wlpjXOv8jgoMCEmTazIn6l6Sg HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgwkEibANL6Yd1jBphQA9I0vtS3HOL-Wlp-HUOnGQ=s96-p

Request Chain 169

https://www.google.com/s2/photos/public/AIbEiAIAAABDCOjH6P_3gvvlaCILdmNhcmRfcGhvdG8qKDM5YjM4NjgyNTU1NzE0OGJlMGIwMzkyYjJkYjUzMmRlZDU0N2M1MzYwAYov6nPH_DhhVegGYhz2c0YzH6Eh HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgmbrHm59j9KogCtoNG5Jexcs2_tL5FgPDLOmEWxw=s96-p

Request Chain 171

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPTfxN2ytNG2USILdmNhcmRfcGhvdG8qKDUyZGY0OWVjYzU1MjA3YTBlYWNhOGViNzkyM2I3MGNhMDAyMjYzNGYwAalM-KFTNrrQh2At4Hq2FWHaOn7v HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p

Request Chain 172

https://www.google.com/s2/photos/public/AIbEiAIAAABECIT1wKvS-M-coAEiC3ZjYXJkX3Bob3RvKihjN2JkOGE1OGU4NWUxMGMwNGUxNzM0MTBlMzJhOGMzNDIwZDg4YmVlMAGIqzklXoWOgLTfBpAc-KGbmLCkpw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p

Request Chain 173

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPrN553y89yjHSILdmNhcmRfcGhvdG8qKGM4NjdmZTUyMTE1YWUwYjIwM2I1YTFkMWNmZmJlN2Y5YmE5MTJhZDQwAaan0GVzhW0Did0RfJ7nuzWshzoD HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p

Request Chain 174

https://www.google.com/s2/photos/public/AIbEiAIAAABDCKmKkvXW-OiJLiILdmNhcmRfcGhvdG8qKGVhZDBhNDM1YTg5NDUxMDc2ZTk1MTM3YjZiYTQyYjZjOWU4ZjBiZWUwATeXwoRAgSIIC0apbQFKJDkmYC6C HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p

Request Chain 175

https://www.google.com/s2/photos/public/AIbEiAIAAABECOWDqenlro6o0wEiC3ZjYXJkX3Bob3RvKigzMzBiNmUzYzIxY2QxOTA3MjlmMTVjNDdlY2Y1YTRjMmQwNTBkOTE1MAFElQ11LAw06J7zOEX4na8akbh0qA HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p

Request Chain 176

https://www.google.com/s2/photos/public/AIbEiAIAAABECMCmoen17arb5QEiC3ZjYXJkX3Bob3RvKig3ZDgzOWRlNTYyMzIwNjE3ZWRlMDNiYjNhNDMxMjFhNDQ0MjFkYThlMAGxFfFpVoUpUk3adgn_-IVPguf5dA HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p

Request Chain 177

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJTRibz5iZn-FCILdmNhcmRfcGhvdG8qKGYzYjI5YWNkN2M3NWYxNjQzNzc5ZmE0ZmY5MWFlNTYwY2QwYzVjYTMwAfN-Y_ipFyu3hvrcnPc3lP8L2t8- HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p

Request Chain 178

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJLPr5P_m7iNKiILdmNhcmRfcGhvdG8qKDgzOTNjMzUzNGVhNTUxYWU5MzhjOTFlNjM3OGM3MDk4YTUxOTE4NGYwAcRofZD4JFPHcXA1UYGPk9lApMkF HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p

Request Chain 179

https://www.google.com/s2/photos/public/AIbEiAIAAABDCL7K7qre4IraJiILdmNhcmRfcGhvdG8qKGIwOTQzYjJlOWQ3NDMwN2E3YTA4ZGJmMWUwNDRmMDZkNWNhNGZhMjAwAUvRV2tjJ9Ad6RkI0lKInfuCn2ZG HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GiorMB8_FfJJwZ21MWgXRFxPgB5X7e8FMBg-59xLw=s96-p

Request Chain 180

https://www.google.com/s2/photos/public/AIbEiAIAAABDCK32zJe6gMqZPiILdmNhcmRfcGhvdG8qKDkwYTBlYWI4ZmE3MzhkNWIyMjE0ZGU2NzNmODg5ODY3MGNlOGMzOGYwAX-w7UZ1CCbx46_rjDB3upAOwuq8 HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p

Request Chain 181

https://www.google.com/s2/photos/public/AIbEiAIAAABECPrUiI-Vub29zQEiC3ZjYXJkX3Bob3RvKigxNzUwMzQzYjA4ZmQ0ZWE5ZjMzM2YwNzAzZjRkMTI2ZDM4NzIxOGQyMAEgaMkNCazF4JO2Q5vXoUmhcKxMpw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p

Request Chain 182

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=000&ns__t=1632185659961&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1632185659961&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F

Request Chain 183

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YUktO5yTjT97J1tzQmxUnAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ3B39OnO4Vot6kdR5N6j9I&google_cver=1&gdpr=1

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDlbmgLI9899oyBfk5AYKio&google_cver=1

Request Chain 185

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB&dcc=t

Request Chain 187

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 188

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1634777660

Request Chain 189

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632272060&gdpr=1

Request Chain 190

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06bc220407d947a72b605d48&expiration=[EXPIRATION]&gdpr=1

Request Chain 204

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=890881783&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185664371&utmac=UA-1645146-14&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=890881783&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185664371&utmac=UA-1645146-14&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~

212 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dailylenglui.blogspot.com/ 78 KB
16 KB 372ms
369ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf41c412c49366090ba0b5a0751f6e026c12a7cf1e17e3f45ffc9609970c4991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: dailylenglui.blogspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Tue, 21 Sep 2021 00:54:17 GMT
Date: Tue, 21 Sep 2021 00:54:17 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 20 Sep 2021 21:53:20 GMT
ETag: W/"0e47d84eda50c0c285516b3b2ea86c0cad8cd14a8dc32234a0c971a9a52ac334"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16326
Server: GSE

GET
H2 200 1394523530-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
31 KB 112ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.css

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 02:21:53 GMT
vary: Accept-Encoding
last-modified: Tue, 14 Sep 2021 00:50:37 GMT
server: sffe
x-content-type-options: nosniff
age: 599544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/blogger-tech
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30801
x-xss-protection: 0
expires: Wed, 14 Sep 2022 02:21:53 GMT

GET
H/1.1 200
OK buttons.js Show response
w.sharethis.com/button/ 58 KB
17 KB 51ms
11ms Script
application/javascript 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/buttons.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 307a78514afff091b8497deeccd07003f864099b4b184edbcfa6b3a640be639a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 22:02:15 GMT
Content-Encoding: gzip
Age: 183122
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16417
Server: nginx/1.20.1
ETag: W/"612ef1bd-e72a"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 dd4531988f4862a3b186f9d3356a6a75.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: FRA60-P4
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: -ISMIcOnp3B-J4ASM-bO3aon14Xu6KVY6LpOLXUbaaA6ERSE-LIaew==
Expires: Tue, 21 Sep 2021 22:02:15 GMT

GET
H/1.1 200
OK loader.js Show response
s.sharethis.com/ 19 KB
5 KB 95ms
12ms Script
application/javascript 2600:9000:225e:7c00:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s.sharethis.com/loader.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2600:9000:225e:7c00:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:49:22 GMT
Content-Encoding: gzip
Age: 473
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 20 Aug 2019 17:22:04 GMT
Server: AmazonS3
ETag: W/"a637698b696964cb3a292f5482138425"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 a5a8e743f28968822c126102a78bb7c7.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: FRA60-P4
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: aW7diXgi3NHFPodI-32j81r-BkeME4GrUNmQdRDAQdKKa62CPgDn5Q==

GET
H2

403

plusone.js
apis.google.com/js/
Redirect Chain

http://apis.google.com/js/plusone.js
https://apis.google.com/js/plusone.js

0
0

849ms
796ms

Script
text/html

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/plusone.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Location: https://apis.google.com/js/plusone.js
Non-Authoritative-Reason: HSTS

GET
H2 403 plusone.js
apis.google.com/js/ 0
0 443ms
385ms Script
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/plusone.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK dl.png
lh6.ggpht.com/-SGcVHS8GL6g/TtKOmuClfWI/AAAAAAAAZow/RGjArUs37AM/s800/ 26 KB
27 KB 61ms
26ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-SGcVHS8GL6g/TtKOmuClfWI/AAAAAAAAZow/RGjArUs37AM/s800/dl.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95c77ee03fdb1491a7a5d5bdd29c1f91b8673390a6a478bf6683e57ff0107266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vc6bf"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dl.png"
Timing-Allow-Origin: *
Content-Length: 26704
X-XSS-Protection: 0
Expires: Thu, 09 Sep 2021 18:16:54 GMT

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 642 B
617 B 62ms
24ms Script
application/javascript 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1e0f23734c4968f14513447b96a6aa1303434786a8e821d870b5d96584b12b43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:17 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2

200

bloggerTemplateLinkWrapper.php Show response
www.intensedebate.com/js/
Redirect Chain

http://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49

5 KB
1 KB

534ms
178ms

Script
text/javascript

192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 384aa3fb477ed1640ab5b28b263de9a3ab459bf631d1772033389e12098eafd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

Redirect headers

Location: https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
Date: Tue, 21 Sep 2021 00:54:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK jessica_chen_jieshi.jpg
lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/s800/ 45 KB
46 KB 78ms
57ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/s800/jessica_chen_jieshi.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e97fab623507015813482c6e4038d77b6e605b4beec0316fc763d3ae26d7e257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb0f2"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi.jpg"
Timing-Allow-Origin: *
Content-Length: 46495
X-XSS-Protection: 0
Expires: Mon, 20 Sep 2021 10:01:56 GMT

GET
H/1.1 200
OK cny_chinese_girl_red_owl.gif
lh6.ggpht.com/-zc7iXmu0IVE/UuInrW2mWmI/AAAAAAAAr-o/yiYNlmeDHUY/s800/ 2 MB
2 MB 46ms
37ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-zc7iXmu0IVE/UuInrW2mWmI/AAAAAAAAr-o/yiYNlmeDHUY/s800/cny_chinese_girl_red_owl.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

364a9f26140813151990539bc23bb8fa5248675084f5465540c6b3d6ebcded98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vafea"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cny_chinese_girl_red_owl.gif"
Timing-Allow-Origin: *
Content-Length: 1623559
X-XSS-Protection: 0
Expires: Wed, 22 Sep 2021 00:54:18 GMT

GET
H2 200 cny_singapore_girl_in_red.gif
lh6.googleusercontent.com/-q6eU464vRWo/UuInlznQP1I/AAAAAAAAr-A/FXYqmccyjfk/s800/ 1 MB
1 MB 85ms
33ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-q6eU464vRWo/UuInlznQP1I/AAAAAAAAr-A/FXYqmccyjfk/s800/cny_singapore_girl_in_red.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac5979e2cc0e74af50ffc664f5412dbf1e6a28253c835d3b974ff82772cf4d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
x-content-type-options: nosniff
server: fife
etag: "vafe0"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cny_singapore_girl_in_red.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137327
x-xss-protection: 0
expires: Wed, 22 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-001.jpg
lh6.ggpht.com/-D6D8kbCRVN8/UuInMqmNTtI/AAAAAAAAr9I/tV1FlSqbSzI/s800/ 41 KB
42 KB 29ms
26ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-D6D8kbCRVN8/UuInMqmNTtI/AAAAAAAAr9I/tV1FlSqbSzI/s800/jessica_chen_jieshi-001.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7eb77b674a3d3a00e997e449c9899437a41a185cc5bc2fcf1c03f3d863a20019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb116"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-001.jpg"
Timing-Allow-Origin: *
Content-Length: 42361
X-XSS-Protection: 0
Expires: Mon, 20 Sep 2021 10:01:56 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-002.jpg
lh6.ggpht.com/-z_1SfmK6Mcs/UuInQ5PwN1I/AAAAAAAAr9Q/utWf-YG4yEc/s800/ 40 KB
40 KB 28ms
25ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-z_1SfmK6Mcs/UuInQ5PwN1I/AAAAAAAAr9Q/utWf-YG4yEc/s800/jessica_chen_jieshi-002.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

38b516c9246e0a9a7e2ffc1c9eca4865046baa8985fc13c53aa1a6e8ac0a0db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb0d2"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-002.jpg"
Timing-Allow-Origin: *
Content-Length: 40939
X-XSS-Protection: 0
Expires: Mon, 20 Sep 2021 10:01:56 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-003.jpg
lh4.ggpht.com/--wiLMyFNCPU/UuInUqu7RsI/AAAAAAAAr9Y/e13xtMgwcJA/s800/ 55 KB
56 KB 72ms
27ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/--wiLMyFNCPU/UuInUqu7RsI/AAAAAAAAr9Y/e13xtMgwcJA/s800/jessica_chen_jieshi-003.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

452a5ac7b950e6c6705c03a66e6dcb9609c7c3178439e0b416df1548df2c8f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb0e4"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-003.jpg"
Timing-Allow-Origin: *
Content-Length: 56401
X-XSS-Protection: 0
Expires: Wed, 22 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-004.jpg
lh4.ggpht.com/-DIEosLzib1o/UuInYMil5gI/AAAAAAAAr9g/Wdn5-B08iJM/s800/ 47 KB
48 KB 67ms
26ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-DIEosLzib1o/UuInYMil5gI/AAAAAAAAr9g/Wdn5-B08iJM/s800/jessica_chen_jieshi-004.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f34901c768ab9c7505777a0fede86ccce6b12d4dcbdad84abdfad5e3683e6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb114"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-004.jpg"
Timing-Allow-Origin: *
Content-Length: 48314
X-XSS-Protection: 0
Expires: Wed, 22 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-005.jpg
lh5.ggpht.com/-4Rntfu1mLhA/UuInbk4gQNI/AAAAAAAAr9o/1tU15jEqMfg/s800/ 39 KB
39 KB 65ms
26ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh5.ggpht.com/-4Rntfu1mLhA/UuInbk4gQNI/AAAAAAAAr9o/1tU15jEqMfg/s800/jessica_chen_jieshi-005.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

294369c82d831799b4e873a82f34e42fb00de5d1dd73032494efb9914df6d245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb113"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-005.jpg"
Timing-Allow-Origin: *
Content-Length: 39888
X-XSS-Protection: 0
Expires: Wed, 22 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK rating.js Show response
i.polldaddy.com/ratings/ 15 KB
5 KB 35ms
10ms Script
application/javascript 192.0.77.36
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: http://i.polldaddy.com/ratings/rating.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 192.0.77.36 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 753317c58e485fe930390c7d2b9a30e6609a274456a37384506950283004664b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-nc: HIT hhn 1
Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2020 17:20:34 GMT
Server: nginx
ETag: W/"5e4c1ce2-3b42"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 01 Oct 2021 08:16:29 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
300 B 9ms
7ms Image
image/gif 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:41:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 13:53:03 GMT
server: sffe
age: 457990
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 22 Sep 2021 17:41:08 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 109 KB
38 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d236eed9587f12322a00882066264ef4fe0648dae4f50dc397fa9020446b3acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8932238401452743236
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 38605
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 645 B
619 B 16ms
14ms Script
application/javascript 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e438f51b474134f435f788639f800142905b92f92c2c1532fda26dfdd75ae4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/ 2 KB
2 KB 112ms
8ms Image
image/gif 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a289c9f71fb1bb1e08de0f61000167d7824e87ad441c0a0dd8a9c68d0346252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=1597 idim=92x26 ifmt=gif ofsz=1582 odim=92x26 ofmt=gif
paypal-debug-id: 44d77cad08269
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1582
x-served-by: cache-sjc10050-SJC, cache-fra19144-FRA
x-timer: S1632185658.331360,VS0,VE0
etag: "U3pl0/XCujlHacl+n45I4YfostqG/gKwMB9VmB+OaEg"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 5817, 9

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
434 B 110ms
8ms Image
image/gif 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 6387cc407fa7c
fastly-stats: io=1
dc: phx-origin-www-3.paypal.com
content-length: 42
x-served-by: cache-sjc10081-SJC, cache-fra19144-FRA
x-timer: S1632185658.331418,VS0,VE0
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 16952, 4

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 645 B
619 B 28ms
20ms Script
application/javascript 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 98333f20bc1a03ce8fa68b0b8cb1bdc3ecd5af33b6a3548b398604b413f4d19f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK OutbrainRater.js Show response
widgets.outbrain.com/ 114 KB
30 KB 56ms
17ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/OutbrainRater.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 553f29d085717e2a47e26c32b3f8bb0e9691e5287c30f1270fa78597070965e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 01:43:26 GMT
Server: AkamaiNetStorage
ETag: "c1cf63691b92d21272762c5104a797f8:1566138647"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 30328

GET
H/1.1 200
OK claim.js Show response
widgets.outbrain.com/ 1 KB
1 KB 50ms
12ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/claim.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: af67ea2f6471994fe966d2d72642ee2f3ca0533e0020fb15a36c33e647ee737f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Aug 2019 14:30:48 GMT
Server: AkamaiNetStorage
ETag: "09608c20f0e8d380577a6d25941c2cf5:1566138648"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 614

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 645 B
615 B 27ms
20ms Script
application/javascript 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1e73f89046548162918d0907470e29b3c891ee2f716ec1ac3e22fceac16572b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK oh%252520in%252520hye%252520sexy%252520slip.jpg
lh6.ggpht.com/-rf-BKXCDhAI/TvOUewdTh_I/AAAAAAAAaZs/VeArQef6IFQ/w72-h72-p-k-no-nu/ 4 KB
4 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-rf-BKXCDhAI/TvOUewdTh_I/AAAAAAAAaZs/VeArQef6IFQ/w72-h72-p-k-no-nu/oh%252520in%252520hye%252520sexy%252520slip.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7b0997742aba2828495b20e8ec9edf8f5455bdfdfff2bf4c5a8d30a09d3408d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb534"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="oh in hye sexy slip.jpg"
Timing-Allow-Origin: *
Content-Length: 3584
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 12:47:52 GMT

GET
H/1.1 200
OK yoyo%252520xu%252520xiangting.jpg
lh5.ggpht.com/-VNruHz_f3vQ/TvOLQweqSgI/AAAAAAAAaJY/n2Q7QtnPorc/w72-h72-p-k-no-nu/ 3 KB
3 KB 28ms
24ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh5.ggpht.com/-VNruHz_f3vQ/TvOLQweqSgI/AAAAAAAAaJY/n2Q7QtnPorc/w72-h72-p-k-no-nu/yoyo%252520xu%252520xiangting.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f74a13feeaca39d6e906eac613825aab32f45edcf45558d3177b85ff18f7c257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vd064"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yoyo xu xiangting.jpg"
Timing-Allow-Origin: *
Content-Length: 2784
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 08:30:38 GMT

GET
H/1.1 200
OK zhang%20xinyu27.jpg
lh5.ggpht.com/_j56sqgz-BSs/TBnPonB91ZI/AAAAAAAAEr4/LqzOST8bqcU/w72-h72-p-k-no-nu/ 3 KB
4 KB 27ms
23ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh5.ggpht.com/_j56sqgz-BSs/TBnPonB91ZI/AAAAAAAAEr4/LqzOST8bqcU/w72-h72-p-k-no-nu/zhang%20xinyu27.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d0029c61be0ce611bd58fd85a0a04a8b4c663a03416f34b92922f7d198ec1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb7d3"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="zhang xinyu27.jpg"
Timing-Allow-Origin: *
Content-Length: 3494
X-XSS-Protection: 0
Expires: Fri, 10 Sep 2021 12:42:38 GMT

GET
H/1.1 200
OK ganlulu.jpg
lh4.ggpht.com/-HNHXMfK9uak/TvOc-HBMRyI/AAAAAAAAaZ0/4RBJv_giiPs/w72-h72-p-k-no-nu/ 2 KB
3 KB 27ms
23ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-HNHXMfK9uak/TvOc-HBMRyI/AAAAAAAAaZ0/4RBJv_giiPs/w72-h72-p-k-no-nu/ganlulu.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7756fae3c6a927a182b1ec142a40727e680551670cd621ec7f0ca7f83ee73feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vcad0"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ganlulu.jpg"
Timing-Allow-Origin: *
Content-Length: 2428
X-XSS-Protection: 0
Expires: Fri, 17 Sep 2021 16:57:44 GMT

GET
H/1.1 404
Not Found daniella_wang_lidan.jpg
lh4.ggpht.com/-L9TBMMJZO_U/UTOZQy29ckI/AAAAAAAANMM/LM87RlR5OVA/w72-h72-p-k-no-nu/ 2 KB
2 KB 119ms
117ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-L9TBMMJZO_U/UTOZQy29ckI/AAAAAAAANMM/LM87RlR5OVA/w72-h72-p-k-no-nu/daniella_wang_lidan.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Content-Type: image/png
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 1742
X-XSS-Protection: 0

GET
H/1.1 200
OK elly%252520tran%252520ha%252520bikini%2525202011-14.jpg
lh4.ggpht.com/-VuqqPX2KlgQ/ToNf0jlO1nI/AAAAAAAAVv8/XI3bhGeesNE/w72-h72-p-k-no-nu/ 3 KB
3 KB 24ms
21ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-VuqqPX2KlgQ/ToNf0jlO1nI/AAAAAAAAVv8/XI3bhGeesNE/w72-h72-p-k-no-nu/elly%252520tran%252520ha%252520bikini%2525202011-14.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d5b561226b0765b7374720bdc23f141008acb91a0a9fc51515c4003ff74fae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vd065"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="elly tran ha bikini 2011-14.jpg"
Timing-Allow-Origin: *
Content-Length: 2932
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 08:30:37 GMT

GET
H/1.1 404
Not Found cica_zhou.jpg
lh3.ggpht.com/-f-JScgODXbw/UQViFA8lLOI/AAAAAAAAE2U/RCfgpPwNUug/w72-h72-p-k-no-nu/ 2 KB
2 KB 124ms
120ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/-f-JScgODXbw/UQViFA8lLOI/AAAAAAAAE2U/RCfgpPwNUug/w72-h72-p-k-no-nu/cica_zhou.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Content-Type: image/png
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 1742
X-XSS-Protection: 0

GET
H/1.1 200
OK jessica_chen_jieshi.jpg
lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/w72-h72-p-k-no-nu/ 4 KB
5 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/w72-h72-p-k-no-nu/jessica_chen_jieshi.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb7afa901c39ea37f645de98e2b0a6e0cae1015e34479e2a662b3ac863b214a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb0f2"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi.jpg"
Timing-Allow-Origin: *
Content-Length: 4506
X-XSS-Protection: 0
Expires: Wed, 15 Sep 2021 01:16:52 GMT

GET
H/1.1 404
Not Found celia_kwok.jpg
lh4.ggpht.com/-MJYdSE1wJBc/UQDktfm-z_I/AAAAAAAAALk/7UtMv0EgLuM/w72-h72-p-k-no-nu/ 2 KB
2 KB 118ms
117ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-MJYdSE1wJBc/UQDktfm-z_I/AAAAAAAAALk/7UtMv0EgLuM/w72-h72-p-k-no-nu/celia_kwok.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Content-Type: image/png
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 1742
X-XSS-Protection: 0

GET
H2

200

10 Show response
www.intensedebate.com/widgets/acctComment/291108/
Redirect Chain

http://www.intensedebate.com/widgets/acctComment/291108/10
https://www.intensedebate.com/widgets/acctComment/291108/10

20 KB
5 KB

265ms
187ms

Script
text/javascript

192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/widgets/acctComment/291108/10
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 979b0069a9bb5e16b8f32806717226a7a378dbd4d176093dbe7053a5138a213d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

Redirect headers

Location: https://www.intensedebate.com/widgets/acctComment/291108/10
Date: Tue, 21 Sep 2021 00:54:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 54ms
26ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee161ee902daab76ff7bb03b1de4537ec1a5e3e515ed174879a7c60d7d621bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

CF-RAY: 691f524baef94ab6-FRA
Date: Tue, 21 Sep 2021 00:54:18 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Sat, 18 Sep 2021 18:06:08 GMT
Server: cloudflare
Age: 10053
ETag: W/"d79-5cc48e6f4caa7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 20 Sep 2021 23:06:45 GMT

GET
H/1.1 200
OK cookienotice.js Show response
dailylenglui.blogspot.com/js/ 6 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://dailylenglui.blogspot.com/js/cookienotice.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dailylenglui.blogspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://dailylenglui.blogspot.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 14 Sep 2021 10:37:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Sep 2021 09:51:26 GMT
Server: sffe
Age: 569830
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 6513
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 10:37:08 GMT

GET
H2 200 4164007864-widgets.js Show response
www.blogger.com/static/v1/widgets/ 148 KB
148 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4164007864-widgets.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eb3e91feaaaca56adff166c577ee601723567c131b25d281d772aece750e100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 19:57:49 GMT
x-content-type-options: nosniff
age: 363389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151306
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 06:49:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 16 Sep 2022 19:57:49 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

31ms
8ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6390
date: Mon, 20 Sep 2021 23:07:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 21 Sep 2021 01:07:48 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 51ms
8ms Script
application/javascript 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:41:46 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 226121
etag: W/"612ef1fd-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
content-length: 18813
x-amz-cf-id: jVxkCs4d4m7xPZJSJUstfpFRhmZea3To5jqYdAkKVk8faglD7oFeyQ==
expires: Tue, 21 Sep 2021 10:05:37 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
346 B 57ms
8ms XHR
text/plain 3.124.181.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1632185657418.82072&hostname=dailylenglui.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fdailylenglui.blogspot.com%2F&title=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&sop=false&description=Daily%20Lenglui%20is%20a%20website%20aimed%20at%20promoting%20beautiful%20Asian%20women%20to%20its%20viewers%20around%20the%20world.%20No%20girls%20were%20harmed%20during%20the%20making%20of%20this%20site.
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:17 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://dailylenglui.blogspot.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
688 B 112ms
110ms Stylesheet
text/css 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=638100801402959337&zx=ee2eb5e0-21fd-4038-b66d-7bf60a9066f8

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 00:54:18 GMT
server: GSE
date: Tue, 21 Sep 2021 00:54:18 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 9ms
8ms Image
text/plain 3.124.181.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1632185657418.82072&hostname=dailylenglui.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fdailylenglui.blogspot.com%2F&title=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&sop=false&description=Daily%20Lenglui%20is%20a%20website%20aimed%20at%20promoting%20beautiful%20Asian%20women%20to%20its%20viewers%20around%20the%20world.%20No%20girls%20were%20harmed%20during%20the%20making%20of%20this%20site.&description=Daily%20Lenglui%20is%20a%20website%20aimed%20at%20promoting%20beautiful%20Asian%20women%20to%20its%20viewers%20around%20the%20world.%20No%20girls%20were%20harmed%20during%20the%20making%20of%20this%20site.&img_pview=true
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdc432b7e6db805df28ba7ecf921326edc8059fa90ebe3ea3a68d637253d4f2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UKuV+L+kO1KjNuBuLezOKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "eac6a2c819f6270ea5095bed57405fa1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-UKuV+L+kO1KjNuBuLezOKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 21 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK bg.gif
1.bp.blogspot.com/_qJFbsMHBJNg/Spoijyw9xAI/AAAAAAAAAOQ/eSz2lk30ij0/s1600/ 378 B
826 B 59ms
26ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_qJFbsMHBJNg/Spoijyw9xAI/AAAAAAAAAOQ/eSz2lk30ij0/s1600/bg.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2b1fe21c6d3074fa4f3e3a22fc8608d1877bfe8b6e34aeb03a8eef12da34a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1eb"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bg.gif"
Timing-Allow-Origin: *
Content-Length: 378
X-XSS-Protection: 0
Expires: Mon, 20 Sep 2021 21:52:04 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 149 KB
52 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d1dab25380ba1420d2c35bfff5bc1b7801a2810445709e6fcae0371b81b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52477
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sat, 17 Sep 2022 19:11:23 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 52 KB
17 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539800129e81d097537e3ae13a9258716734fc7071a351ac9385b83c22649d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16936
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Tue, 20 Sep 2022 07:30:46 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 08:57:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 57409
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Mon, 04 Oct 2021 08:57:29 GMT

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame E3E9 391 B
1 KB 22ms
21ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658224
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 191d47fb80e2b88bad931569933ab6bb8fe36c813c4a072381793fe9aa9fa784

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261492d3a3956c6.819594753058317595%22%3B%7D; expires=Thu, 21 Sep 2023 00:54:18 GMT; path=; domain=.exoclick.com; impressions=x%9C%05%C1%C1%09%00+%0C%03%C0%5D%FAV0%26%0D%C5U%C4I%C4%DD%BD%BBA%C32%BBR%04Y%B16%1A%CC%89Jg%B5%804%E2%BC%0F%C0L%09%0B; expires=Wed, 22 Sep 2021 00:54:18 GMT; path=/; domain=.exoclick.com;
Content-Encoding: gzip

GET
H/1.1 200
OK fld.gif
3.bp.blogspot.com/_qJFbsMHBJNg/SpokIyKnpbI/AAAAAAAAAPo/h1AUPk8j94U/s400/ 564 B
1013 B 35ms
31ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/SpokIyKnpbI/AAAAAAAAAPo/h1AUPk8j94U/s400/fld.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d4a8b6b96a1dca75c633779df58e6bbb05380bbbc3f052cb08aeb71fe59ef5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1e7"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fld.gif"
Timing-Allow-Origin: *
Content-Length: 564
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 08:30:37 GMT

GET
H/1.1 200
OK go.gif
2.bp.blogspot.com/_qJFbsMHBJNg/SpokBKDl0tI/AAAAAAAAAPg/eIHbrHAAA98/s400/ 442 B
890 B 60ms
24ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/_qJFbsMHBJNg/SpokBKDl0tI/AAAAAAAAAPg/eIHbrHAAA98/s400/go.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91563af678cd860504972452b008a3d18595de97b147a5734335df31485a8cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1ad"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="go.gif"
Timing-Allow-Origin: *
Content-Length: 442
X-XSS-Protection: 0
Expires: Sat, 18 Sep 2021 13:36:27 GMT

GET
H/1.1 200
OK pink-right.gif
4.bp.blogspot.com/_qJFbsMHBJNg/SpojIITjclI/AAAAAAAAAOw/j1ouDFMQR9c/s400/ 313 B
769 B 52ms
24ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_qJFbsMHBJNg/SpojIITjclI/AAAAAAAAAOw/j1ouDFMQR9c/s400/pink-right.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

796066ce92d05ec134b324f69c0eeb68d0388d78e28b5ddaa2a8a2308409dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1a5"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pink-right.gif"
Timing-Allow-Origin: *
Content-Length: 313
X-XSS-Protection: 0
Expires: Sat, 18 Sep 2021 13:36:27 GMT

GET
H/1.1 200
OK pink-rep.gif
4.bp.blogspot.com/_qJFbsMHBJNg/SpojSU7W0dI/AAAAAAAAAO4/z8Z4rYjhVMY/s400/ 154 B
608 B 51ms
23ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_qJFbsMHBJNg/SpojSU7W0dI/AAAAAAAAAO4/z8Z4rYjhVMY/s400/pink-rep.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d985648b31dd5d6de7c01f3400b8e8b81c38168d385bf133a6357ea5a9220629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1c9"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pink-rep.gif"
Timing-Allow-Origin: *
Content-Length: 154
X-XSS-Protection: 0
Expires: Mon, 20 Sep 2021 21:52:04 GMT

GET
H/1.1 200
OK li-bg.gif
2.bp.blogspot.com/_qJFbsMHBJNg/Spojclu_osI/AAAAAAAAAPA/X1zrkpEVuLI/s400/ 45 B
495 B 59ms
23ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/_qJFbsMHBJNg/Spojclu_osI/AAAAAAAAAPA/X1zrkpEVuLI/s400/li-bg.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d610cd6aa5e508062ed1da5af6b9d106791efdfede822a06ec3101d00be961b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1f5"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="li-bg.gif"
Timing-Allow-Origin: *
Content-Length: 45
X-XSS-Protection: 0
Expires: Sat, 18 Sep 2021 13:36:27 GMT

GET
H/1.1 200
OK active.gif
3.bp.blogspot.com/_qJFbsMHBJNg/Spoju2STS5I/AAAAAAAAAPQ/lZzES_ejEFE/s400/ 181 B
633 B 34ms
31ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/Spoju2STS5I/AAAAAAAAAPQ/lZzES_ejEFE/s400/active.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecfcc8810e08d1313ad57015b6a2f141beda5cd9dcde99d29ae3b243edb4d9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1fb"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="active.gif"
Timing-Allow-Origin: *
Content-Length: 181
X-XSS-Protection: 0
Expires: Sat, 18 Sep 2021 13:36:27 GMT

GET
H2 200 navbar.g Show response
www.blogger.com/ Frame 7E05 7 KB
3 KB 428ms
427ms Document
text/html 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0cc2a9c5cd23e63594391b3425c5fbcd461b92306d9d5cbf7674e60cfe1710c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Sep 2021 00:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2611
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
88 B 558ms
558ms Stylesheet
text/css 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=638100801402959337&zx=ee2eb5e0-21fd-4038-b66d-7bf60a9066f8

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 00:54:18 GMT
server: GSE
date: Tue, 21 Sep 2021 00:54:18 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5dd3cd3e6656e Show response
gamesfromheaven.com/iframe/ Frame B87E 1 KB
1 KB 157ms
109ms Document
text/html 2606:4700:3035::6815:884
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:884 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90807636accc5caa49ee5b6b009276b04ad883d189ec56013ab9f52632dae6e2

Request headers

:method: GET
:authority: gamesfromheaven.com
:scheme: https
:path: /iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://syndication.exoclick.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://syndication.exoclick.com/

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
content-type: text/html
set-cookie: showed_15095_95811=[2490878]; Expires=Wed, 22-Sep-21 00:54:18 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None c_b18258c67e8265c130ff17d1036090b1=1; Expires=Wed, 22-Sep-21 00:54:18 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None z_2d67a167f87c7e3abb66f14b3c153382=1; Expires=Wed, 22-Sep-21 00:54:18 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stzWXM2bbC8ViK4QofKTZQrYj9aS47maa5bG9LsL5oUNw0wb0Jsg1naYwJRln2DZp%2B1ZPD6ncM1YYM3LcSTXRwH6lU8%2BUVj%2F3qXtj1K3%2BQBKUmfjTtm5P5Q99%2F7k9A6OkfVp8dem31I8nzb%2FiH5XRobo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 691f524cdd552c3e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1788447960&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1788447960&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...

35 B
197 B

16ms
14ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1788447960&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185658365&utmac=UA-15433167-2&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1848245217&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1788447960&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185658365&utmac=UA-15433167-2&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1848245217&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 8ms
7ms Stylesheet
text/css 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:26:55 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 03:22:38 GMT
server: nginx/1.20.1
age: 12444
etag: W/"612ef1fe-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: eRcJ3wxIgUOYKkR-puGkNvFNdD0xlGgzEDqEfz0IzE3UcnKDSma_2g==

GET
H2 200 d152df60ba51874b39e0e82662fa66da.png
suchenachmuschi.space/bnr/4/d15/2df60b/ Frame B87E 69 KB
70 KB 61ms
16ms Image
image/png 2606:4700:3031::6815:a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suchenachmuschi.space/bnr/4/d15/2df60b/d152df60ba51874b39e0e82662fa66da.png
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0802fb46da904ec68bf20de8ada26cfdee6c5e95d397763181aba4340f6e7d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29498
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71037
last-modified: Thu, 05 Aug 2021 13:40:57 GMT
server: cloudflare
etag: "610bea69-1157d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7ANTDBOwuJzGRVcn75Tkx%2FNqSQvWjs%2BsrvfT657r0Ux1u0OaY3daiS3cL9%2Bz2oa%2FfV3N%2BXDspqkoQwybuJVqfHIDzOvMciE2NLonkkAa6xUMpCrCFbRCdMwL6g3OlmKfOZ8qNvmoLMaEklEDCKx7315QPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 691f524df9265c14-FRA
expires: Tue, 21 Sep 2021 16:42:40 GMT

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame B87E 0
419 B 77ms
14ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame B87E 0
419 B 60ms
17ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame B87E 0
418 B 63ms
14ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd3e6656e?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 remoteVisit.php
www.intensedebate.com/ 58 B
102 B 178ms
177ms Image
image/gif 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/remoteVisit.php?acct=0&time=1632185658738
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
server: nginx
content-type: image/gif
content-length: 58
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2

200

Yl4ETw-TXos Show response
www.youtube.com/embed/ Frame 2A61
Redirect Chain

http://www.youtube.com/embed/Yl4ETw-TXos
https://www.youtube.com/embed/Yl4ETw-TXos

56 KB
25 KB

128ms
77ms

Document
text/html

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Yl4ETw-TXos

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

298de217877c9e598561f4d9019bbda55c10754b1d51fe725268707796420d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Yl4ETw-TXos
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Sep 2021 00:54:18 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=CPRz8Pv3UTg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=eYCzYteVyu4; Domain=.youtube.com; Expires=Sun, 20-Mar-2022 00:54:18 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+336; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/Yl4ETw-TXos
Non-Authoritative-Reason: HSTS

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 1292
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&c...
https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&...

0
2 KB

68ms
26ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: h+sliI5eMzmqGKmR06o8ssDKcHpcsCvX3Hd2Mn33TqawpTa2a6+VzBl6rW+ZAnVt6VBvtSbhXIfFC6ysNaXulw==
content-length: 0
date: Tue, 21 Sep 2021 00:54:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK box-rep.gif
lh4.ggpht.com/-ub9MH2wHXXA/TmC1yVCS68I/AAAAAAAAUs8/x4ncRkME3yM/s800/ 59 B
512 B 28ms
27ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-ub9MH2wHXXA/TmC1yVCS68I/AAAAAAAAUs8/x4ncRkME3yM/s800/box-rep.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

96140c2860e42f2db32cd8526d27deed771002ce86cab070e1a975fb1448c077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vaf02"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="box-rep.gif"
Timing-Allow-Origin: *
Content-Length: 59
X-XSS-Protection: 0
Expires: Fri, 17 Sep 2021 16:57:40 GMT

GET
H/1.1 200
OK box-top.gif
lh3.ggpht.com/-klnMj_zGDk8/TmCz07oTA_I/AAAAAAAAUso/lCPtdE7ThPw/s800/ 193 B
647 B 27ms
27ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/-klnMj_zGDk8/TmCz07oTA_I/AAAAAAAAUso/lCPtdE7ThPw/s800/box-top.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d8d022bfafc5db3e38832ef2f4ce66f82b62f41dcf4be93195f7174fb91d26a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vaf83"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="box-top.gif"
Timing-Allow-Origin: *
Content-Length: 193
X-XSS-Protection: 0
Expires: Fri, 17 Sep 2021 16:57:40 GMT

GET
H2

200

rate.php Show response
polldaddy.com/ratings/
Redirect Chain

http://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=
https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=

1 KB
485 B

541ms
185ms

Script
application/javascript

192.0.123.248
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.248 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: polldaddy.com
Software: nginx /
Resource Hash: 68ad418315427557d2453034932128de66cc1aec679bade5018644d1d63dec9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: br
server: nginx
content-type: application/javascript
vary: Accept-Encoding
content-language: en

Redirect headers

Location: https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=
Date: Tue, 21 Sep 2021 00:54:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 2ueii3t.png
sites.google.com/site/eatlahsite/Home/ 7 KB
8 KB 271ms
218ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sites.google.com/site/eatlahsite/Home/2ueii3t.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2c2b5467d76098a4dbd6a22597ee2f8bdbdf44de1b7ad3484729b49430e3ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Oct 2010 05:47:54 GMT
server: GSE
etag: "1286603274116"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noarchive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7329
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sexysprite.png
lh3.ggpht.com/_j56sqgz-BSs/SvkWDafMV5I/AAAAAAAAAm8/Spuupx_jRc8/s800/ 40 KB
41 KB 22ms
22ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/_j56sqgz-BSs/SvkWDafMV5I/AAAAAAAAAm8/Spuupx_jRc8/s800/sexysprite.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7531b01031d70b3232e4301e7f2dafb57c5d6393c6c7b265882a452134b6f973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v4b88"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sexysprite.png"
Timing-Allow-Origin: *
Content-Length: 41231
X-XSS-Protection: 0
Expires: Fri, 10 Sep 2021 17:44:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 253 KB
94 KB 60ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=pub-3836567914934111&plah=dailylenglui.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95714
x-xss-protection: 0
server: cafe
etag: 3232603846146272685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 00:54:18 GMT

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame 4758 1 KB
1 KB 24ms
24ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658792
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5a1b5a99bb9f12912fa06de43a5a41fc4d83b97904b3d4e97b0668971b9d2382

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261492d3ac3d518.549517441076295910%22%3B%7D; expires=Thu, 21 Sep 2023 00:54:18 GMT; path=; domain=.exoclick.com; impressions=x%9Cu%CA%C1%0D%800%0C%03%C0%5D%F2N%A5%1A%3B%26b%15%C4%24%15%BB%C3%02%7D%DD%E7V%D0%B0%CC%A1%12Av%5C7%12%E6%81.Wg%40%9A%F1d%C8%10%E8%F1%E3%93%ADM%7C%3F%D2%27%11M; expires=Wed, 22 Sep 2021 00:54:18 GMT; path=/; domain=.exoclick.com;
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame 74A4 394 B
812 B 24ms
23ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658794
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 15c790fe83d419ab04833e80703d1163483728932e8d89253cf99cfd7772af1c

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261492d3ac44562.389454012831353492%22%3B%7D; expires=Thu, 21 Sep 2023 00:54:18 GMT; path=; domain=.exoclick.com;
Content-Encoding: gzip

GET
H/1.1 200
OK sidebar.gif
3.bp.blogspot.com/_qJFbsMHBJNg/Spois08XmoI/AAAAAAAAAOY/FoHLb9yJfDY/s1600/ 57 B
509 B 21ms
20ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/Spois08XmoI/AAAAAAAAAOY/FoHLb9yJfDY/s1600/sidebar.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

384a34ff3a05872b2b10bd2e2f177f89a30fe6fff15c220916804f2a17449976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v203"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sidebar.gif"
Timing-Allow-Origin: *
Content-Length: 57
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 08:30:38 GMT

GET
H/1.1 200
OK sidebar-top.gif
3.bp.blogspot.com/_qJFbsMHBJNg/SpokRklkgxI/AAAAAAAAAPw/USQYGpJK2cs/s400/ 151 B
608 B 21ms
20ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/SpokRklkgxI/AAAAAAAAAPw/USQYGpJK2cs/s400/sidebar-top.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4b1d31f600c5e526e7d0276d32bcf5e8009b6b9ad4ffa1c838f380778c2cba49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1d0"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sidebar-top.gif"
Timing-Allow-Origin: *
Content-Length: 151
X-XSS-Protection: 0
Expires: Sat, 18 Sep 2021 13:36:28 GMT

GET
H/1.1 200
OK get Show response
odb.outbrain.com/utils/ 1 KB
1 KB 154ms
106ms Script
text/x-json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fdailylenglui.blogspot.com%2F&srcUrl=http%3A%2F%2Fdailylenglui.blogspot.com%2Ffeeds%2Fposts%2Fdefault&settings=true&recs=false&widgetJSId=NA&key=AYQHSUWJ8576&idx=-1&version=01010326&rand=0.6204133021656011&sig=JZNb2Hax
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8c7e4690e2ab0ad13c20a24446de8c50d812de2d30f27409ab4d9b024d9fea28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
Via: 1.1 varnish, 1.1 varnish
Traffic-Path: NYDC1, LGA, HHN, Europe1
X-Cache: MISS, MISS
Backend-IP: 157.52.117.31
X-Cache-Hits: 0, 0
Connection: keep-alive
X-TraceId: 73c9e588e80d0bbb76eec84d29467797
content-encoding: gzip
Content-Length: 769
X-Served-By: cache-lga21931-LGA, cache-hhn4057-HHN
X-Timer: S1632185659.868812,VS0,VE96
Vary: Accept-Encoding, User-Agent
Content-Type: text/x-json; charset=UTF-8
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame 3269
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=1045...
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104...

43 KB
13 KB

325ms
324ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a3d704d32045a3e83aaa75ba4e019992f1795d6121cc6482ee12cbb9d952370

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: IRiyCW6xOrXagWA7rrZ8FCF/no6UJKOj5PPi6QBnSBVvY+L/L1HgeF/6uxHodA+HMyVYt3jsVC+qcA++7QD6UA==
date: Tue, 21 Sep 2021 00:54:19 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame AC32 46 B
595 B 21ms
19ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658816
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: f093c69d3c477cc5bf37da4a21c7fe0474186e4db7b456414efaffc646273c01

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Tue, 21 Sep 2021 00:54:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261492d3ac9f083.152191383462147539%22%3B%7D; expires=Thu, 21 Sep 2023 00:54:18 GMT; path=; domain=.exoclick.com;
Content-Encoding: gzip

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plus/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 14 KB
5 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plus/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90340a569f96d53e49b31bff428a2b7ab23ba09d442cd4bc7a1963267a2b181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 10:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4984
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Tue, 20 Sep 2022 10:23:51 GMT

GET
H2 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 75 KB
26 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d3332a48aa55b5ebb45e9f1d0a73d93e9aeb8941a2f3b850825bfc09b2bd189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 14:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26689
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sun, 18 Sep 2022 14:37:00 GMT

GET
H2 404 badge Show response
apis.google.com/u/0/_/widget/render/ Frame 8DAA 2 KB
2 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/u/0/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Requested by: Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: c853dea4592444045109bc8e46e5bda97bf41110f82f0483ec4e2c940cae2d23

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /u/0/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
cookie: NID=224=YN0nD9GPkCQhQ-fw1TtO607-k8nYzsKWtZqyZCkL9eaPoydezbiQr69rErdvwTJ74lLs4cUvP6llp95JAzImzPHWTPUWSyzrBIeNHd-KTGOBuC8tNb59OBg0yeNDx4Wnnse0H7Jnc3tzTGKoOwiYfv0YRuY8LR9zrIf8Nzzcqng
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1586
date: Tue, 21 Sep 2021 00:54:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

followers.g Show response
www.blogger.com/ Frame 86E1
Redirect Chain

https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4...
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D638100801402959337%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYy...
https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4...

13 KB
4 KB

245ms
245ms

Document
text/html

2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&bpli=1

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

185a3b390e83a3b47bf6a0fadb25e091bcb520b10bf3cb6e640e569d9476bd71

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3998
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Sep 2021 00:54:19 GMT
location: https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-B9Ht546lGznofq5xf3wiFQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 477
server: GSE
set-cookie: __Host-GAPS=1:c2zfoeGPwiuUGxnsiwNbAfgHuWypBw:YyhYQw9zDXIIC1Zq;Path=/;Expires=Thu, 21-Sep-2023 00:54:19 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

recommendations.php Show response
www.facebook.com/plugins/ Frame 1AAD
Redirect Chain

http://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light

13 B
223 B

31ms
30ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: xUi+fNiGAKALIFeRnXd2IScXCRYNEU1UiaQ3l3dq9E2RD+XyJ/WwbemvH1zG6b60yLzdlcmvv046Q05W2qxRjg==
date: Tue, 21 Sep 2021 00:54:18 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bull.gif
1.bp.blogspot.com/_qJFbsMHBJNg/SpojAH0sNnI/AAAAAAAAAOo/CXuWaakR1cI/s400/ 290 B
740 B 19ms
19ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_qJFbsMHBJNg/SpojAH0sNnI/AAAAAAAAAOo/CXuWaakR1cI/s400/bull.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5512d80f311835666d837ec9cc7b2e07c268253eaf6b26bb978585ea87084dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:18 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1a7"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bull.gif"
Timing-Allow-Origin: *
Content-Length: 290
X-XSS-Protection: 0
Expires: Tue, 21 Sep 2021 08:30:38 GMT

GET
H2 200 getCommentCounts.php Show response
www.intensedebate.com/js/ 1 KB
495 B 185ms
184ms Script
text/javascript 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/js/getCommentCounts.php?acct=0&links=&ids=&titles=
Requested by: Host: www.intensedebate.com
URL: http://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 4d8dd820c0432f430c32dbded6c2d8e917a6bfa43f7346fceb377d3f2cc5aff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 403 platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 7E05 0
0 460ms
460ms Script
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by: Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK js15.js Show response
s10.histats.com/ 11 KB
5 KB 92ms
21ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer: http://dailylenglui.blogspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 21 Sep 2021 00:47:25 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: W/"980881274"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 42305
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: A87719C6:FB6B_2E69C9F0:0050_61492D3B_23C9D:182C7
content-length: 4405
x-request-id: 754778437

GET
H/1.1 200
OK dbae6e4e1147504867c987411d62a6579418a2a8.jpg
s3t3d2y7.ackcdn.net/library/541686/ Frame 4758 20 KB
21 KB 97ms
47ms Image
image/jpeg 2a02:3d0:623:a000::8006
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3t3d2y7.ackcdn.net/library/541686/dbae6e4e1147504867c987411d62a6579418a2a8.jpg
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658792
Protocol: HTTP/1.1
Server: 2a02:3d0:623:a000::8006 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 280ebd10d5048d1143441964143b018eb437d7b7a0fc3334ad78af43a13e0536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://syndication.exoclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Last-Modified: Tue, 31 Aug 2021 13:59:41 GMT
Server: nginx
Age: 45987
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20897
X-LLID: 861f466c9f38f63298ec0cc8a739a744
Expires: Tue, 20 Sep 2022 12:07:52 GMT

GET
H2 200 5dd3cd0ada12c Show response
gamesfromheaven.com/iframe/ Frame B410 2 KB
1 KB 127ms
124ms Document
text/html 2606:4700:3035::6815:884
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1632185658794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:884 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c943254ee28e879b9b3927eedd14705fa7910141c9ca8294dbb5c91aa5dbb429

Request headers

:method: GET
:authority: gamesfromheaven.com
:scheme: https
:path: /iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://syndication.exoclick.com/
accept-encoding: gzip, deflate, br
cookie: showed_15095_95811=[2490878]; c_b18258c67e8265c130ff17d1036090b1=1; z_2d67a167f87c7e3abb66f14b3c153382=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://syndication.exoclick.com/

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-type: text/html
set-cookie: showed_13961_95809=[2470432]; Expires=Wed, 22-Sep-21 00:54:19 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None c_291a62d2aca6cfeb7a3f79f35f78db3f=1; Expires=Wed, 22-Sep-21 00:54:19 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None z_07e0bac262ae45d56013f56f668b48e2=1; Expires=Wed, 22-Sep-21 00:54:19 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGI7LVRWUHwv1uKCbxfl6n5krELqQV13fr5WRFxpI6DaWD0ORW1XlNxYw8YFN21S4Aok2Uvz%2FwVeZuthMPbeqtTDchk%2FCbmKGIfz%2FdQdCFWbQ%2BlkjCPUw1%2B%2BGp0%2FL5tVkj3KK0sdRAwwH3zKf6Uks5yf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 691f52509fee2c3e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/d7a19ed1/ Frame 2A61 329 KB
46 KB 10ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46352
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Sep 2022 07:39:56 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame 2A61 201 KB
66 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 14:17:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67291
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 14:17:50 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2A61 2 MB
505 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516948
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:06:23 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame 2A61 8 KB
3 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 08:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 08:51:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2A61 15 KB
15 KB 53ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 17766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:58:13 GMT

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 8DAA 3 KB
4 KB 62ms
29ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/u/0/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Sep 2021 00:54:19 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame AD7E 566 B
880 B 73ms
19ms Document
text/html 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plus,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b778b8c1d97959af4734b740ae4038a6dae1eeabae79ec300510ee5df5442c7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dfLCYpKFlIjV8x47ABvkUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
cookie: NID=224=YN0nD9GPkCQhQ-fw1TtO607-k8nYzsKWtZqyZCkL9eaPoydezbiQr69rErdvwTJ74lLs4cUvP6llp95JAzImzPHWTPUWSyzrBIeNHd-KTGOBuC8tNb59OBg0yeNDx4Wnnse0H7Jnc3tzTGKoOwiYfv0YRuY8LR9zrIf8Nzzcqng
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 21 Sep 2021 00:54:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-dfLCYpKFlIjV8x47ABvkUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 991008.php Show response
s4.histats.com/stats/ 403 B
538 B 340ms
101ms Script
text/html 192.99.13.63
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/991008.php?991008&@f16&@g1&@h1&@i1&@j1632185659075&@k0&@l1&@mPretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&@n0&@o1000&@q0&@r0&@s605&@ten-US&@u1600&@b1:81222450&@b3:1632185659&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fdailylenglui.blogspot.com%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.13.63 Ajax, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns504751.ip-192-99-13.net
Software: /
Resource Hash: 87d069d308ee02fb32b2a00dfa73d3b26c96f24af1a837ec091e767c4d583f15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Connection: close
Content-Length: 403
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK ice.js Show response
resources.infolinks.com/js/1757.010-3.025/ 584 KB
187 KB 29ms
28ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/1757.010-3.025/ice.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc8562872dc541ccfe9ab57d0d85581b33b22924c126651f11d1dc3456ad7961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

CF-RAY: 691f52516af64ab6-FRA
Date: Tue, 21 Sep 2021 00:54:19 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Sat, 11 Sep 2021 18:19:48 GMT
Server: cloudflare
Age: 8114
ETag: W/"91e1d-5cbbc46f1d11c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Wed, 20 Oct 2021 22:39:05 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 29ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 905
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28872
x-tw-cdn: VZ
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67C1)
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK get Show response
odb.outbrain.com/utils/ 1 KB
1 KB 107ms
107ms Script
text/x-json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fdailylenglui.blogspot.com%2F2014%2F01%2Fjessica-tan-chen-jieshi-from-singapore.html&srcUrl=http%3A%2F%2Fdailylenglui.blogspot.com%2Ffeeds%2Fposts%2Fdefault&settings=true&recs=true&widgetJSId=NA&key=AYQHSUWJ8576&idx=0&version=01010326&ref=&apv=false&rand=0.20624950096690076&sig=JZNb2Hax
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 932179dd9c7d37793e84372649abf393a064705c6344678be6a4c2eb892175d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Via: 1.1 varnish, 1.1 varnish
Traffic-Path: NYDC1, LGA, HHN, Europe1
X-Cache: MISS, MISS
Backend-IP: 167.82.174.21
X-Cache-Hits: 0, 0
Connection: keep-alive
X-TraceId: 44aa48551409f8329ff45a2a89e366b3
content-encoding: gzip
Content-Length: 769
X-Served-By: cache-lga13621-LGA, cache-hhn4057-HHN
X-Timer: S1632185659.198004,VS0,VE100
Vary: Accept-Encoding, User-Agent
Content-Type: text/x-json; charset=UTF-8
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2A61
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
472 B

20ms
19ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dad269e017ad998c2aea1caf1d7fd2725241aa5d2a887b1dc8a153d91182d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2A61 29 B
607 B 65ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:16 GMT
x-content-type-options: nosniff
age: 3
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Sep 2021 01:09:16 GMT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2A61 95 KB
29 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29920
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:06:23 GMT

GET
H2 200 Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js Show response
www.google.com/js/th/ Frame 2A61 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Eg7QwH47eZ8F7br57dZ0Bl95QQwUw_gBk_JaCBPNBfU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

120ed0c07e3b799f05edbaf9edd674065f79410c14c3f80193f25a0813cd05f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 16:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13284
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 20 Sep 2022 16:32:36 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2A61 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:16:09 GMT

GET
DATA 200
OK truncated
/ Frame 2A61 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTH4YCix3ouoUIJwGmPzh8tZepmWnNDFPwr3Gx4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2A61 2 KB
3 KB 67ms
23ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTH4YCix3ouoUIJwGmPzh8tZepmWnNDFPwr3Gx4=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b889e8fed7360a7886e2ca271cf2630e337874bcf2b14be6a8d825179b199637

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2354
x-xss-protection: 0
server: fife
etag: "v57"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Sep 2021 10:02:00 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Yl4ETw-TXos/ Frame 2A61 49 KB
50 KB 124ms
56ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Yl4ETw-TXos/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56ea482ce0b809435f23d3fbe7fa54e7699f9bdc2a4a3b8adb879c7fef5a2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: sffe
etag: "1389634051"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50230
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Sep 2021 02:54:19 GMT

GET
H2 200 1291055585-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame AD7E 10 KB
5 KB 75ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1291055585-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bceb42c38849f45f8eccea1ad752b5ccea22eba051598d3890607f03941e301e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 17:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4306
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 14:30:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Tue, 20 Sep 2022 17:14:19 GMT

GET
H2 403 rpc:shindig_random.js
apis.google.com/js/ Frame AD7E 0
0 521ms
514ms Script
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by: Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 e96f6e7b83b4444e35ba17bd08c36c6c.jpg
suchenachmuschi.space/bnr/4/e96/f6e7b8/ Frame B410 17 KB
18 KB 19ms
10ms Image
image/jpeg 2606:4700:3031::6815:a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suchenachmuschi.space/bnr/4/e96/f6e7b8/e96f6e7b83b4444e35ba17bd08c36c6c.jpg
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b520003f57f636a977906273d035c740d33c8b2e335a0b52f1dd2e4e9527045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14310
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17714
last-modified: Wed, 04 Mar 2020 14:50:31 GMT
server: cloudflare
etag: "5e5fc037-4532"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXsgvYZRF4r%2BSYTghqKOtehrFWx9Y4zztaL87IF4WQEY0o%2BL9UsX59iqUblM81nDHXukMQZH6iKAPsoyVW%2FqNMU0Y6snP95hcEpfY5fDx7HWC1Wp%2FMFaI3z%2Bd7ZRpZhbVZBSDEq0NR%2BX7zk6VFUbVUOKars%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 691f52537fdf5c14-FRA
expires: Tue, 21 Sep 2021 20:55:49 GMT

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame B410 0
419 B 19ms
15ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame B410 0
419 B 20ms
16ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame B410 0
418 B 18ms
15ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 F35KM3iwOBY.css
www.facebook.com/rsrc.php/v3/yJ/l/0,cross/ Frame 3269 19 KB
6 KB 14ms
6ms Stylesheet
text/css 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yJ/l/0,cross/F35KM3iwOBY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c8906bfce715a3bfcc8cedd4d3213b69614eac036fec61c5e456279f29c1056

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 16:28:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cG9gYUODjmyQv4x+lIoTLg==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 4807
x-fb-rlafr: 0
x-fb-debug: hSeFHmsxZoMh2+n5PkN88otGWVL27HzAmUjrykkinCAnWRK2NXfWTlWASjWvVl2oSn1c6X10G8lt/Jb0YApdxw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 20 Sep 2022 16:28:56 GMT

GET
H2 200 FPdNN1TK3wJ.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame 3269 2 KB
2 KB 14ms
6ms Stylesheet
text/css 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 18:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 815
x-fb-rlafr: 0
x-fb-debug: R3gu6pxEZ0Y/kHn1Pm4k1dnV5D4sEP8HjM9aZ0CvrBObsRvvl29oQugch8u49vOAUkfhhRMEiZ89h0mB8juSOQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 15 Sep 2022 18:27:09 GMT

GET
H2 200 5miGNL_U4if.js Show response
www.facebook.com/rsrc.php/v3/yC/r/ Frame 3269 300 KB
82 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yC/r/5miGNL_U4if.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

021b68edc510a18db2e6350715f2dfb09a10afdad81441b3df764b50f4c8b48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: uMj+4563Ja4MAH55dh3pfq3Tlf1Zk7Qvn/srzHGU2+UGAj6NrBGfQ6aDUmSQFAMfCBWlmjFo6Re3ebcRMIJl2A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: GnJfgd8kEYjISGXyh8LwPQ==
date: Fri, 17 Sep 2021 01:00:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 83221
x-fb-rlafr: 0
expires: Sat, 17 Sep 2022 01:00:17 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 3269 5 KB
2 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
content-security-policy-report-only: default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: NxzwzLnqsFGo4NiVTSkMusMfECsytBmxsWA1liuCLPoLBhRkJi+hxClLGPpcaRvqQkCpmSFcHNzuxWLonrYRvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 14 Sep 2022 05:05:38 GMT

GET
H2 200 1kDejkRJZe8.js Show response
www.facebook.com/rsrc.php/v3/y5/r/ Frame 3269 64 KB
20 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/1kDejkRJZe8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea70a4043bfff91a8b7d15650f75dc6d1c8cd81cbd55d02fd67bf99fa4424a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: Ii6Wy8Eple/5kNZalk9a4QU7OX2uJr0d8g9yEsOjLqVCY0VhOXy3P+VRx7uCZvSfWcMcuP6XnDU0gP8Wv7WkIw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 6BQZedFiLKoy2f8GQ//+LA==
date: Sat, 18 Sep 2021 15:07:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20160
x-fb-rlafr: 0
expires: Sun, 18 Sep 2022 15:07:01 GMT

GET
H2 200 LaSaGFy1cqz.js Show response
www.facebook.com/rsrc.php/v3iAxA4/yZ/l/de_DE/ Frame 3269 126 KB
35 KB 25ms
18ms Script
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAxA4/yZ/l/de_DE/LaSaGFy1cqz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd7bef3b2da0bbec9c680445e9c65303ba471a7edeb1b8798f28a865569615f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 04jEvewzu2BXD0qRq37HbQ==
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 35915
x-fb-rlafr: 0
x-fb-debug: T2tRv9M3VPUIjh9omjVbifFjhUyabeOmdz5cZjIS2hs3anvAnB5PRIR/J3Ext4vBZ/ycxREVDk7jaZ4W6rdyLA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 18 Sep 2022 15:08:27 GMT

GET
H2 200 e2osLY84fpI.js Show response
www.facebook.com/rsrc.php/v3/y-/r/ Frame 3269 1 KB
736 B 25ms
18ms Script
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y-/r/e2osLY84fpI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36fde156c21814a89b4b1325805d9c0c0c0136487bcbb0db32c6f799cd4836f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:03:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yi+ktKfsTjXNkCmLZh1dPA==
cross-origin-resource-policy: cross-origin
content-length: 524
x-fb-rlafr: 0
x-fb-debug: 2MfqmGaYYNGYCXhvF+1FhA2xdu0Ck1sQorfE51k4QkOP+Ma4BUe7oWfvjlVWI7NDtyAdmg32blpZdRi06h2cFA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 14 Sep 2022 05:03:32 GMT

GET
H2 200 546448_10150613661595936_1792293668_n.jpg
scontent.xx.fbcdn.net/v/t1.18169-9/p130x130/ Frame 3269 3 KB
3 KB 26ms
8ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-9/p130x130/546448_10150613661595936_1792293668_n.jpg?_nc_cat=102&ccb=1-5&_nc_sid=dd9801&_nc_ohc=3QUR2hWxQf4AX9PjVVy&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=6be8fb448a06b0c3c2edb655d6adb696&oe=6170775D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5760969ef9f8f37a41dd5ff7794f1b9bc6cce33ea51d15dbe1e632b5cfc9f171

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 3309999711
date: Tue, 21 Sep 2021 00:54:19 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3086220460
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 3224

GET
H2 200 305869_10150373568115936_2055056898_n.jpg
scontent.xx.fbcdn.net/v/t1.18169-1/cp0/c29.29.367.367a/s50x50/ Frame 3269 2 KB
2 KB 26ms
8ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-1/cp0/c29.29.367.367a/s50x50/305869_10150373568115936_2055056898_n.jpg?_nc_cat=101&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=vKZ62MwSaeIAX-3tglM&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=4dd706d51bf457aef4c06e89700330da&oe=616F3553
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 02acdc04b989121b80b5bc02f08bd2d97d24e3d3b357463e8af353a04ec4442a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 1741071610
date: Tue, 21 Sep 2021 00:54:19 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1379147560
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1570

GET
H2 206 e96f6e7b83b4444e35ba17bd08c36c6c.mp4
iadoremakingpics.com/bnr/4/e96/f6e7b8/ Frame B410 805 KB
807 KB 236ms
188ms Media
video/mp4 2606:4700:3036::6815:4193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iadoremakingpics.com/bnr/4/e96/f6e7b8/e96f6e7b83b4444e35ba17bd08c36c6c.mp4
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e43e5cd00bed6fe0f8cb8df54ad375fa2856bc5cf9716f851a94cdd1e8239da

Request headers

Referer: https://gamesfromheaven.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 04 Mar 2020 14:47:48 GMT
server: cloudflare
etag: "5e5fbf94-c942f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIM3umju29FQYeiTj52v4KeunbmZGJ637mF%2FoE8m3trNyVqDY%2B0%2BtQV2Td%2F4wxfWgTbvbx74SQVuIBwwav46uhvQWXRV5nnvVPqyA2zTYjPkWNR0qlO9gjwXqFB34WgkZZ4VwineIpZL8YrovoXw0D8c9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-824366/824367
cf-ray: 691f5253cc3396ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 824367

GET
H/1.1 200
OK outbrainWidget.css
widgets.outbrain.com/mu/css/ 16 KB
4 KB 13ms
11ms Stylesheet
text/css 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/mu/css/outbrainWidget.css?v=01010326
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ea0ae7ef3769fbd24a75a32f40785260ed5d83350b76ece6ededa1060fa4271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Aug 2019 14:32:06 GMT
Server: AkamaiNetStorage
ETag: "32bea34dd5eb870d71a0fe6924ae2e9f:1566138726"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 3333

GET
H/1.1 200
OK Cookie set comScore.htm Show response
widgets.outbrain.com/nanoWidget/3rd/comScore/ Frame 1306 1 KB
1 KB 26ms
24ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3f4fff8c05bef8a28e78cea9f413e0ce65f691de874fd2f81598bba5b54d872

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "c8168943484af9b72a02b35c90882b46:1458203027"
Last-Modified: Thu, 17 Mar 2016 08:23:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=345600
Date: Tue, 21 Sep 2021 00:54:19 GMT
Content-Length: 720
Connection: keep-alive
Timing-Allow-Origin: * *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Set-Cookie: akacd_widgets_routing=1632185659~rv=52~id=4ba8fca63de4a7f0832f9552ebd05814; path=/; Expires=Tue, 21 Sep 2021 00:54:19 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame C431 319 KB
103 KB 34ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fdailylenglui.blogspot.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 615284
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Sep 2021 00:54:19 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.025/ 279 KB
86 KB 46ms
27ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 691f52540c942c3a-FRA
date: Tue, 21 Sep 2021 00:54:19 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
server: cloudflare
age: 10956
etag: W/"45adc-5c5f8851c3ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 20 Oct 2021 21:51:43 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame BCF6 8 KB
2 KB 203ms
180ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c800885f66d372a6c80fabfb954f6e288769d3278a1ec15214c9928589f14e3

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 691f52544cba2c3a-FRA
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
52 B 160ms
142ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 691f52544cbb2c3a-FRA
content-length: 0

GET
H/1.1 200
OK gsd Show response
router.infolinks.com/ 0
192 B 197ms
178ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://router.infolinks.com/gsd?evt=afterGSD&pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F&jsv=1757.010-3.025&_cb=16321856595500
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:19 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
Connection: keep-alive
CF-RAY: 691f525458a44a79-FRA
Content-Length: 0

GET
H2 200 cc_605.js Show response
s10.histats.com/counters/ 13 KB
4 KB 32ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_605.js
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 84be71f0ec4f6b1a504eae4016ba02c03874c5718e791ac48c30a3691ae8e151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:40:28 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "49411206"
x-cacheable: Matched cache
content-type: text/javascript
x-grace: full
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4312
x-request-id: 1045432441

GET
H/1.1

200
OK

/ Show response
e.dtscout.com/e/
Redirect Chain

http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j=
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j=

2 KB
3 KB

311ms
102ms

Script
application/javascript

51.161.15.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j=
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570935.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:20 GMT
X-T: 0.51
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl3
Expires: Tue, 21 Sep 2021 00:54:19 GMT

Redirect headers

Location: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j=
Date: Tue, 21 Sep 2021 00:54:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H2 200 mOcgOmDDSbN.png
www.facebook.com/rsrc.php/v3/yL/r/ Frame 3269 1 KB
2 KB 7ms
7ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yL/r/mOcgOmDDSbN.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yJ/l/0,cross/F35KM3iwOBY.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dc936b3c6e476fbbbfea1c5d962f4bee0e3636450608357ffcf9e6e92e0d596

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/rsrc.php/v3/yJ/l/0,cross/F35KM3iwOBY.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: 8N9tXtczCMyLLIbG6zhw4gi488YHyQXTMCqIBNI68HILVqkpn9VHhzcD7L/jyg018F9H54PHGFh+7clZxtC59g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 2bKr5oI1XogALo4o3p6kDA==
date: Tue, 14 Sep 2021 02:14:11 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1193
x-fb-rlafr: 0
expires: Wed, 14 Sep 2022 02:14:11 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2A61 4 KB
3 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Tue, 21 Sep 2021 00:54:19 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 2A61 0
39 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GVDW8w
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 plusone.js Show response
apis.google.com/js/ Frame 86E1 54 KB
21 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&bpli=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdc432b7e6db805df28ba7ecf921326edc8059fa90ebe3ea3a68d637253d4f2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mmDpbZdnY+poJoap4UgTAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "eac6a2c819f6270ea5095bed57405fa1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-mmDpbZdnY+poJoap4UgTAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 21 Sep 2021 00:54:19 GMT

GET
H/1.1 200
OK star-yellow-lrg.png
i0.poll.fm/images/ratings/ 5 KB
5 KB 51ms
10ms Image
image/png 192.0.77.36
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i0.poll.fm/images/ratings/star-yellow-lrg.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 192.0.77.36 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 06d21229e33e11800844eced6ef936058b77fd9d8b637c689cebcd1efae74dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-nc: HIT hhn 2
Date: Tue, 21 Sep 2021 00:54:19 GMT
Last-Modified: Thu, 24 Dec 2015 22:37:43 GMT
Server: nginx
ETag: "567c73b7-12e3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4835
Expires: Sat, 02 Oct 2021 02:40:49 GMT

GET
H/1.1 200
OK info.png
i0.poll.fm/images/ratings/ 1 KB
2 KB 50ms
10ms Image
image/png 192.0.77.36
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i0.poll.fm/images/ratings/info.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 192.0.77.36 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 8d1b51a6bcf97a173884161816c19b753e0088a0926148482d8a1f371706c774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-nc: HIT hhn 1
Date: Tue, 21 Sep 2021 00:54:19 GMT
Last-Modified: Thu, 24 Dec 2015 22:38:23 GMT
Server: nginx
ETag: "567c73df-4ca"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1226
Expires: Fri, 01 Oct 2021 08:32:18 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ Frame 1306 1 KB
1 KB 62ms
12ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Protocol: HTTP/1.1
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Mon, 20 Sep 2021 13:52:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 26 Feb 2021 14:35:05 GMT
Server: AmazonS3
Age: 68867
ETag: W/"1827f116c73f319409b97f10b8a58ade"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: jgpX8i0rzYPxt-tRR1p-x81TaNdeXz_P2fMxo8pA5JPZDCcEx6DuyQ==

GET
H2 200 / Show response
de.tynt.com/deb/ Frame BE9C 75 B
289 B 332ms
103ms Document
text/html 208.100.17.187
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip187.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Wed, 22 Sep 2021 00:54:20 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 21 Sep 2021 00:54:20 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 5208
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

18ms
17ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3801426332da04070718265936f3745add170d7f713465fb2aa440fdad8d3f00

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Cookie: CMID=YUktO5yTjT97J1tzQmxUnAAA; CMPS=5210
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|241|39|90|64|65|13
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1749
Expires: Tue, 21 Sep 2021 00:54:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YUktO5yTjT97J1tzQmxUnAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Sep 2022 00:54:19 GMT CMPS=5210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Dec 2021 00:54:19 GMT CMPRO=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Dec 2021 00:54:19 GMT CMRUM3=2d61492d3b05a0&0d61492d3b05a0&5a61492d3b05a0&f161492d3b05a0&4161492d3b05a0&2761492d3b0b40&4061492d3b05a0&e661492d3b2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Sep 2022 00:54:19 GMT CMST=YUktO2FJLTsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 22 Sep 2021 00:54:19 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 21 Sep 2021 00:54:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YUktO5yTjT97J1tzQmxUnAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 21 Sep 2022 00:54:19 GMT CMPS=5210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 20 Dec 2021 00:54:19 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 36F3 2 KB
823 B 78ms
5ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTFDOTJDMDQtNDg3RS00MTEyLTg1QTktRkM0MkUxMTY0MjEz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DA1C92C04-487E-4112-85A9-FC42E1164213
https://router.infolinks.com/dyn/pbm-usync?uid=A1C92C04-487E-4112-85A9-FC42E1164213

0
166 B

241ms
241ms

Image
text/html

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=A1C92C04-487E-4112-85A9-FC42E1164213
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 691f5258ef9c2c3a-FRA
content-length: 0
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=A1C92C04-487E-4112-85A9-FC42E1164213
date: Tue, 21 Sep 2021 00:54:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=9045594834743322627

35 B
187 B

242ms
242ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=9045594834743322627
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f52571e722c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:19 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7d7719b6-a040-40d4-a6f7-ec96af6dcbaa
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=9045594834743322627
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-AK_QAlpE2uHm9il.7fE27CbTzpg7xfC8iwCRINk-~A

35 B
300 B

150ms
149ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-AK_QAlpE2uHm9il.7fE27CbTzpg7xfC8iwCRINk-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f52574e932c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-AK_QAlpE2uHm9il.7fE27CbTzpg7xfC8iwCRINk-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1272435918
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1272435918
https://sync.1rx.io/usersync/tradedesk/8efae672-7fb7-4ab8-b6c8-2806de07fdf7
https://sync.targeting.unrulymedia.com/csync/RX-89f71766-a004-4bd7-9d3b-d292098aa710-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-89f71766-a004-4bd7-9d3b-d292098aa710-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-89f71766-a004-4bd7-9d3b-d292098aa710-003

35 B
204 B

180ms
180ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-89f71766-a004-4bd7-9d3b-d292098aa710-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f52588f532c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-89f71766-a004-4bd7-9d3b-d292098aa710-003
date: Tue, 21 Sep 2021 00:54:20 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX89f71766a0044bd79d3bd292098aa710003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
177 B

245ms
244ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f5258ffa62c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame BCF6 0
478 B 112ms
24ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame BCF6
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fdailylenglui.blogspot.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fdailylenglui.blogspot.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=9045594834743322627

95 B
945 B

152ms
32ms

Image
image/png

52.30.185.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=9045594834743322627

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-185-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 21 Sep 2021 00:54:20 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 21 Sep 2021 00:54:20 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:19 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 531c7256-0ffb-4f1f-a5da-2d9707483d98
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=9045594834743322627
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame BCF6 42 B
233 B 292ms
84ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7436bc3c-1a76-11ec-93df-06d442bbc09c
https://router.infolinks.com/dyn/outh-usync?uid=y-iUoY8zhE2uH.ylk4CHbH9Prfk_7Jr4JQ~A~UP7436bc3c-1a76-11ec-93df-06d442bbc09c

35 B
235 B

179ms
178ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-iUoY8zhE2uH.ylk4CHbH9Prfk_7Jr4JQ~A~UP7436bc3c-1a76-11ec-93df-06d442bbc09c
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f52578eb22c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-iUoY8zhE2uH.ylk4CHbH9Prfk_7Jr4JQ~A~UP7436bc3c-1a76-11ec-93df-06d442bbc09c
Connection: keep-alive
Content-Length: 0

GET
H2

200

enbd-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
https://match.bnmla.com/usersync?dspid=6&uuid=DE1DCA67951044358FA1B3DE40B1746F
https://router.infolinks.com/dyn/enbd-usync?uid=383240db-3ef4-4ea1-9198-d1372f2039d0

35 B
200 B

243ms
243ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/enbd-usync?uid=383240db-3ef4-4ea1-9198-d1372f2039d0
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f52595fe32c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/enbd-usync?uid=383240db-3ef4-4ea1-9198-d1372f2039d0
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=97d9aa7bf444392e74e0579d

35 B
194 B

180ms
180ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=97d9aa7bf444392e74e0579d
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f5257becf2c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=97d9aa7bf444392e74e0579d
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DA1C92C04-487E-4112-85A9-FC42E1164213
https://router.infolinks.com/dyn/usersync?pmuservalue=A1C92C04-487E-4112-85A9-FC42E1164213

0
156 B

242ms
242ms

Image
text/plain

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=A1C92C04-487E-4112-85A9-FC42E1164213
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 691f5258ef9b2c3a-FRA
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=A1C92C04-487E-4112-85A9-FC42E1164213
date: Tue, 21 Sep 2021 00:54:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame BCF6 0
35 B 238ms
237ms Image
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 691f52581f0e2c3a-FRA
content-length: 0

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame BCF6
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1870471598214004453

35 B
187 B

141ms
141ms

Image
image/gif

172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1870471598214004453
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f5259b8332c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1870471598214004453
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame BCF6 0
72 B 349ms
100ms Image
text/plain 208.100.17.180
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0&pdom=dailylenglui.blogspot.com&purl=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.180 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip180.208-100-17.static.steadfastdns.net
Software: 33XP001 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-33x-status: 2000208
date: Tue, 21 Sep 2021 00:54:20 GMT
server: 33XP001

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C431 288 B
453 B 157ms
113ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=26b1a4a98989dccc6970f99e3d347b24c7fd485a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fdailylenglui.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 00:54:20 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 3c87db3eca62a2f070382fc7fa23f017c40f12cfbee865f669431fd6c74660cd
content-length: 188

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 86E1 149 KB
51 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d1dab25380ba1420d2c35bfff5bc1b7801a2810445709e6fcae0371b81b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52477
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Sat, 17 Sep 2022 19:11:23 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 86E1 36 KB
12 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79ff948cd4ee4c630401336f4220f798231b8934478ef2dc3333fb8346e554dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12187
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 21 Sep 2022 00:43:09 GMT

GET
H2 200 default-user=s45-c
lh3.googleusercontent.com/a/ Frame 86E1 316 B
443 B 26ms
4ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/default-user=s45-c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 22:02:57 GMT
x-content-type-options: nosniff
age: 10282
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
server: fife
etag: "v0"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 21 Sep 2021 22:02:57 GMT

GET
H2

200

AOh14Gi0bUZZ2N61BtxpgWC6s32Z490905OUwPV_B6oafg=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCIau85TF6vWSciILdmNhcmRfcGhvdG8qKGIwMTFhZTNlOTg1MDg0YzgwMWFmYzViNjI4MzAyNThlMmE4M2NmOTEwAZ25UUqjo4OpXeCdbYLlx8I29U-k
https://lh3.googleusercontent.com/a-/AOh14Gi0bUZZ2N61BtxpgWC6s32Z490905OUwPV_B6oafg=s96-p

3 KB
3 KB

29ms
28ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gi0bUZZ2N61BtxpgWC6s32Z490905OUwPV_B6oafg=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b9754e5f7eb543d84815dccc45284b0eb2d0a25081e765e8a6cc52e7dee40eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3015
x-xss-protection: 0
server: fife
etag: "vea3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Sep 2021 12:28:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14Gi0bUZZ2N61BtxpgWC6s32Z490905OUwPV_B6oafg=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-6bajYLsoaBeo3aCvVT338w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-6bajYLsoaBeo3aCvVT338w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GgKu15WENJtX5DGYEtbP7vpCgwLlkTmomF7Rfg6SQ=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECO7Sjonww9O22AEiC3ZjYXJkX3Bob3RvKigxMjk3OGI4ZmY3YzU5ZTg2MjFlYjljNTg1NDM4NjA2MWMyNzdhMzc1MAE8R14_PYIODceIGWXHSUEtA2Bj6A
https://lh3.googleusercontent.com/a-/AOh14GgKu15WENJtX5DGYEtbP7vpCgwLlkTmomF7Rfg6SQ=s96-p

5 KB
5 KB

29ms
29ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgKu15WENJtX5DGYEtbP7vpCgwLlkTmomF7Rfg6SQ=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3d7338aa8d316ac74e86fdacdcc8330f4fe3ea39a94e471747d4f8002243e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4768
x-xss-protection: 0
server: fife
etag: "v959"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgKu15WENJtX5DGYEtbP7vpCgwLlkTmomF7Rfg6SQ=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-cmfN4HVNVuJU88fOWEgD+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-cmfN4HVNVuJU88fOWEgD+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14Gikit-9vXmcuvQFRbuDfD_w8mPCMYs1FLufn1KWig=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCNKr6dyd2Z6vAyILdmNhcmRfcGhvdG8qKGFlZGFhNGZiYTk2N2VmMTI1ZjEyZmY2NDFiNjA5NDc4YTczNjEyNjQwARsAtmYyNzKIO-d9F-wPZIqk-VzM
https://lh3.googleusercontent.com/a-/AOh14Gikit-9vXmcuvQFRbuDfD_w8mPCMYs1FLufn1KWig=s96-p

4 KB
4 KB

11ms
10ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gikit-9vXmcuvQFRbuDfD_w8mPCMYs1FLufn1KWig=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e083bd873948bb4049297e3efd02020e1793d657a0664000a2262c108da9901e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:32:42 GMT
x-content-type-options: nosniff
age: 12098
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4415
x-xss-protection: 0
server: fife
etag: "v42d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 12:21:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14Gikit-9vXmcuvQFRbuDfD_w8mPCMYs1FLufn1KWig=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-JcTY8q+LQPDjXT0Ik8F8pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-JcTY8q+LQPDjXT0Ik8F8pQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GgwkEibANL6Yd1jBphQA9I0vtS3HOL-Wlp-HUOnGQ=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECOD7n-jR0KCO-gEiC3ZjYXJkX3Bob3RvKihmYmM0ZWJkOTNkN2FhNzAzZTgwYjFiOTE5YzgyYTBjN2ZkYzkxNTdiMAEx9wlpjXOv8jgoMCEmTazIn6l6Sg
https://lh3.googleusercontent.com/a-/AOh14GgwkEibANL6Yd1jBphQA9I0vtS3HOL-Wlp-HUOnGQ=s96-p

6 KB
6 KB

26ms
26ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgwkEibANL6Yd1jBphQA9I0vtS3HOL-Wlp-HUOnGQ=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

233614a8545986cc0cc0982ee474a6b062704ab8899779ed8eaa2cd9bdcd1070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5714
x-xss-protection: 0
server: fife
etag: "v8ba"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:41:32 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgwkEibANL6Yd1jBphQA9I0vtS3HOL-Wlp-HUOnGQ=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-xFhac3sk9mDKaWSZIjcoKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-xFhac3sk9mDKaWSZIjcoKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GgmbrHm59j9KogCtoNG5Jexcs2_tL5FgPDLOmEWxw=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCOjH6P_3gvvlaCILdmNhcmRfcGhvdG8qKDM5YjM4NjgyNTU1NzE0OGJlMGIwMzkyYjJkYjUzMmRlZDU0N2M1MzYwAYov6nPH_DhhVegGYhz2c0YzH6Eh
https://lh3.googleusercontent.com/a-/AOh14GgmbrHm59j9KogCtoNG5Jexcs2_tL5FgPDLOmEWxw=s96-p

20 KB
20 KB

33ms
33ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgmbrHm59j9KogCtoNG5Jexcs2_tL5FgPDLOmEWxw=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

73673501696b0597e8971478757c9674b1358a2a8ef6a3a14e238434f97d72ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20186
x-xss-protection: 0
server: fife
etag: "v273"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgmbrHm59j9KogCtoNG5Jexcs2_tL5FgPDLOmEWxw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-RtF/VESWJWYK6iZ/dhxQIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-RtF/VESWJWYK6iZ/dhxQIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AOh14GhfpcQH5sGauTkJixw1mlXI3mKnoiW9O5ZYmsOXWg=s45-c
lh3.googleusercontent.com/a-/ Frame 86E1 662 B
746 B 34ms
19ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhfpcQH5sGauTkJixw1mlXI3mKnoiW9O5ZYmsOXWg=s45-c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

92fc7e8a1681927541270ac52afabf0f679823f5038375f077e5b2ebe3027438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 662
x-xss-protection: 0
expires: Wed, 22 Sep 2021 00:54:19 GMT

GET
H2

200

AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPTfxN2ytNG2USILdmNhcmRfcGhvdG8qKDUyZGY0OWVjYzU1MjA3YTBlYWNhOGViNzkyM2I3MGNhMDAyMjYzNGYwAalM-KFTNrrQh2At4Hq2FWHaOn7v
https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p

7 KB
7 KB

34ms
34ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ab2a6f625629ffbf8b21b3e8546aeadd0b88b028338c85b08f8fac7c2dd33b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7583
x-xss-protection: 0
server: fife
etag: "v2087"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-EyrZcMMRLrF/F/FK8MHxwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-EyrZcMMRLrF/F/FK8MHxwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECIT1wKvS-M-coAEiC3ZjYXJkX3Bob3RvKihjN2JkOGE1OGU4NWUxMGMwNGUxNzM0MTBlMzJhOGMzNDIwZDg4YmVlMAGIqzklXoWOgLTfBpAc-KGbmLCkpw
https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p

4 KB
5 KB

28ms
28ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bf2ee140fbdc4709845eeae033d27b9235e8118a6d554840f96cc15bd1c9c01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4565
x-xss-protection: 0
server: fife
etag: "vade"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-mg5B6Ku73pHpHv4OgbiNlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-mg5B6Ku73pHpHv4OgbiNlA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPrN553y89yjHSILdmNhcmRfcGhvdG8qKGM4NjdmZTUyMTE1YWUwYjIwM2I1YTFkMWNmZmJlN2Y5YmE5MTJhZDQwAaan0GVzhW0Did0RfJ7nuzWshzoD
https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p

3 KB
3 KB

31ms
30ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

14fb2bf1a00f040bb92e4fd2364e7de05c6a7503dfdc5c5fda5d858ddabe67ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3405
x-xss-protection: 0
server: fife
etag: "v50e6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-xvDA1eM7IwCESia4Xg0YjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-xvDA1eM7IwCESia4Xg0YjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCKmKkvXW-OiJLiILdmNhcmRfcGhvdG8qKGVhZDBhNDM1YTg5NDUxMDc2ZTk1MTM3YjZiYTQyYjZjOWU4ZjBiZWUwATeXwoRAgSIIC0apbQFKJDkmYC6C
https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p

3 KB
3 KB

27ms
27ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7c8cde3bc9f502e92a8c5b87856ed9561a9bfea369964741c6f16992bee9aa4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3125
x-xss-protection: 0
server: fife
etag: "v1699"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:12:44 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-VoqxDz8ym3WGLEyTvoBv+g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-VoqxDz8ym3WGLEyTvoBv+g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECOWDqenlro6o0wEiC3ZjYXJkX3Bob3RvKigzMzBiNmUzYzIxY2QxOTA3MjlmMTVjNDdlY2Y1YTRjMmQwNTBkOTE1MAFElQ11LAw06J7zOEX4na8akbh0qA
https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p

3 KB
3 KB

29ms
29ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2178e9e3e1f4f25db91f0b59813e0c7f9e2904c313138d34fffe3a6dc4b93078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3062
x-xss-protection: 0
server: fife
etag: "v6ca"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-gB9IrpVfMGsNuLncP7FbTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-gB9IrpVfMGsNuLncP7FbTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMCmoen17arb5QEiC3ZjYXJkX3Bob3RvKig3ZDgzOWRlNTYyMzIwNjE3ZWRlMDNiYjNhNDMxMjFhNDQ0MjFkYThlMAGxFfFpVoUpUk3adgn_-IVPguf5dA
https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p

2 KB
2 KB

30ms
30ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c1b463f0a215f16037e0a225f8f5690285682283963ff04c67cf374b9e785c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
server: fife
etag: "v2385"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-onL5E0sDnQ/0jpJ6WkUp2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-onL5E0sDnQ/0jpJ6WkUp2g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJTRibz5iZn-FCILdmNhcmRfcGhvdG8qKGYzYjI5YWNkN2M3NWYxNjQzNzc5ZmE0ZmY5MWFlNTYwY2QwYzVjYTMwAfN-Y_ipFyu3hvrcnPc3lP8L2t8-
https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p

3 KB
3 KB

24ms
24ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

74cb95dca1cd7139321f5f789c654d76d625a8c68a56eb41958dbf83f613710e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3468
x-xss-protection: 0
server: fife
etag: "v5c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-pNhrvc7LmBw5ypxCa83Lkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-pNhrvc7LmBw5ypxCa83Lkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJLPr5P_m7iNKiILdmNhcmRfcGhvdG8qKDgzOTNjMzUzNGVhNTUxYWU5MzhjOTFlNjM3OGM3MDk4YTUxOTE4NGYwAcRofZD4JFPHcXA1UYGPk9lApMkF
https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p

3 KB
3 KB

13ms
12ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

771443136b722e3103e11bfe4da669504dad38c37a89b955eeec114da8b425d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 22:33:10 GMT
x-content-type-options: nosniff
age: 8470
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2644
x-xss-protection: 0
server: fife
etag: "v9b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 13:36:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-q+/r7+PakYx8cXQZ0dZ2+A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-q+/r7+PakYx8cXQZ0dZ2+A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GiorMB8_FfJJwZ21MWgXRFxPgB5X7e8FMBg-59xLw=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCL7K7qre4IraJiILdmNhcmRfcGhvdG8qKGIwOTQzYjJlOWQ3NDMwN2E3YTA4ZGJmMWUwNDRmMDZkNWNhNGZhMjAwAUvRV2tjJ9Ad6RkI0lKInfuCn2ZG
https://lh3.googleusercontent.com/a-/AOh14GiorMB8_FfJJwZ21MWgXRFxPgB5X7e8FMBg-59xLw=s96-p

4 KB
4 KB

32ms
31ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GiorMB8_FfJJwZ21MWgXRFxPgB5X7e8FMBg-59xLw=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8f7dedf475b9fccc47657ef4e701d752010004992b3d3b904e9a72efb2c3cd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3913
x-xss-protection: 0
server: fife
etag: "v32a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 13:36:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GiorMB8_FfJJwZ21MWgXRFxPgB5X7e8FMBg-59xLw=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-ogTTYq9O/H0dwqn88LZC3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-ogTTYq9O/H0dwqn88LZC3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCK32zJe6gMqZPiILdmNhcmRfcGhvdG8qKDkwYTBlYWI4ZmE3MzhkNWIyMjE0ZGU2NzNmODg5ODY3MGNlOGMzOGYwAX-w7UZ1CCbx46_rjDB3upAOwuq8
https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p

5 KB
5 KB

29ms
28ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8b46f5e84f8d34e0b8314497ce5765b34edfc55ce80f7f33bdbbc7d37837081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4664
x-xss-protection: 0
server: fife
etag: "v59"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-Uea94rbzN7uxnYnGy1j8Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-Uea94rbzN7uxnYnGy1j8Rg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p
lh3.googleusercontent.com/a-/ Frame 86E1
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECPrUiI-Vub29zQEiC3ZjYXJkX3Bob3RvKigxNzUwMzQzYjA4ZmQ0ZWE5ZjMzM2YwNzAzZjRkMTI2ZDM4NzIxOGQyMAEgaMkNCazF4JO2Q5vXoUmhcKxMpw
https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p

3 KB
4 KB

28ms
27ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ede53f972b47cd2276ccddbfe6b93aa6d605b952f363bc22ddd8a7a784b8a8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3558
x-xss-protection: 0
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 05:07:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-QwhSFjUo60OV6TSQXwT7tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'nonce-QwhSFjUo60OV6TSQXwT7tQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 1306
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=000&ns__t=1632185659961&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1632185659961&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.ht...

64 B
329 B

15ms
13ms

Image
image/gif

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1632185659961&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: k5JPCn3gd0d7HJ5bNOoynT202Z2JkTRs6jP55ksoOsFOuNctax9ZpQ==

Redirect headers

date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1632185659961&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F
content-length: 265
x-amz-cf-id: L0vroBAb9ejJnwFS1TuxpOrpPxGJsKle6xpBO9lmf1k-hqlysSZlTw==

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5208
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YUktO5yTjT97J1tzQmxUnAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ3B39OnO4Vot6kdR5N6j9I&google_cver=1&gdpr=1

43 B
999 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ3B39OnO4Vot6kdR5N6j9I&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 21 Sep 2021 00:54:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ3B39OnO4Vot6kdR5N6j9I&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5208
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDlbmgLI9899oyBfk5AYKio&google_cver=1

43 B
315 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDlbmgLI9899oyBfk5AYKio&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 21 Sep 2021 00:54:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDlbmgLI9899oyBfk5AYKio&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5208
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB&dcc=t

43 B
645 B

106ms
106ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PT1V7MMWJRKWP3R05Q2Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XTTM3AGZWC4Z1RVRMV9Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUktO5yTjT97J1tzQmxUnAAABGQAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5208 70 B
265 B 46ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 5208
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

15ms
15ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Tue, 21 Sep 2021 00:54:20 GMT
x-content-type-options: nosniff
server: openresty
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 00:54:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5208
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1634777660

43 B
1009 B

24ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1634777660
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 21 Sep 2021 00:54:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:19 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1634777660
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 5208
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632272060&gdpr=1

43 B
315 B

48ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632272060&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 21 Sep 2021 00:54:20 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632272060&gdpr=1
pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5208
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06bc220407d947a72b605d48&expiration=[EXPIRATION]&gdpr=1

43 B
1023 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06bc220407d947a72b605d48&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 00:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 21 Sep 2021 00:54:20 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06bc220407d947a72b605d48&expiration=[EXPIRATION]&gdpr=1
Date: Tue, 21 Sep 2021 00:54:20 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 5208 35 B
197 B 242ms
238ms Image
image/gif 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YUktO5yTjT97J1tzQmxUnAAA%261124
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:54:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 691f52577ea32c3a-FRA
content-length: 35
expires: Mon, 21 Sep 2020 00:54:20 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 87AE 14 KB
4 KB 9ms
8ms Document
text/html 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: b72527a1db29046eca96db1334c69daa214c657f7fd84780cd6f22ca31442918

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 03:22:38 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Mon, 20 Sep 2021 03:48:59 GMT
etag: W/"612ef1fe-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: CRfIid359nnCL3iBM8TkAVYSyRuHaSbPSeGV3ExB1K-y_xo_4kT13g==
age: 75921

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 87AE 16 KB
6 KB 8ms
7ms Script
application/javascript 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:33 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 1717607
etag: W/"612ef1fe-40f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
content-length: 5630
x-amz-cf-id: 7sDRfhUYRur6Hk6g-BPHAGEAD8V1dQ12gDnYtZbhtPv3MbW07LGRcw==
expires: Thu, 01 Sep 2022 03:47:33 GMT

GET
H2 200 st.57e66f577dc25e761b77d256b5e8adb6.js Show response
ws.sharethis.com/secure5x/js/ Frame 87AE 131 KB
32 KB 9ms
8ms Script
application/javascript 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/st.57e66f577dc25e761b77d256b5e8adb6.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 78f15585a6b2c5a886bbc8aad63848b2a1bbe5dd09b7f26952ce40a48e10a4a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 1717606
etag: W/"612ef1fe-20b17"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: emtHZCB7mncRqqlrSqH1X7bVWQ0g2-g4tpBs2Hugz-Li0JiwUXQ-Iw==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
317 B 84ms
9ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=dailylenglui.blogspot.com&_ss=626q7gimka&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=h3dn&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fdailylenglui.blogspot.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c257aee0991385667e0cb83f6e57cfeb3a79718af70cd830f94f48e8799537a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:54:20 GMT
X-T: 0.14
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Tue, 21 Sep 2021 00:54:19 GMT

GET
H2 200 wCSS.php
www.intensedebate.com/ 5 KB
1 KB 178ms
178ms Stylesheet
text/css 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/wCSS.php?widget=1
Requested by: Host: www.intensedebate.com
URL: http://www.intensedebate.com/widgets/acctComment/291108/10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: db6982dc7fd31db0d9511d7782216eadf36bbb8c50c1bf7730c79e79f0ffdbb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
content-encoding: gzip
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 200 avatar-compact.png
www.intensedebate.com/images/ 296 B
443 B 177ms
176ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/images/avatar-compact.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: d9ef93fa2e5f8c3cb5f62e046610375b9d45ba3e5bb08c6a8422bfe84dbe5daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
last-modified: Tue, 07 Oct 2008 04:38:04 GMT
server: nginx
etag: "48eae7ac-128"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 296
expires: Thu, 21 Oct 2021 00:54:20 GMT

GET
H2 200 idc-c-h.png
www.intensedebate.com/themes/chameleon/images/ 1 KB
1 KB 177ms
177ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/themes/chameleon/images/idc-c-h.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/wCSS.php?widget=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 0bc0ff6820d883bc78c110c4535024ea51a665c76218b1e4a906664ea9bd3c7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intensedebate.com/wCSS.php?widget=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
last-modified: Tue, 07 Oct 2008 04:50:34 GMT
server: nginx
etag: "48eaea9a-56f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1391
expires: Thu, 21 Oct 2021 00:54:20 GMT

GET
H2 200 idw-jump.png
www.intensedebate.com/widgets/images/ 812 B
864 B 179ms
179ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/widgets/images/idw-jump.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/wCSS.php?widget=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 7ada8c6db41df4c22b32bb93a2c2d946ce725e4ed4dbdf8386a41516cb23ec97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intensedebate.com/wCSS.php?widget=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
last-modified: Sat, 17 May 2008 00:00:49 GMT
server: nginx
etag: "482e2031-32c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 812
expires: Thu, 21 Oct 2021 00:54:20 GMT

GET
H2 200 idw-c-m.png
www.intensedebate.com/widgets/images/ 187 B
263 B 178ms
178ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/widgets/images/idw-c-m.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/wCSS.php?widget=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 1ddeb76899626e297bac275b9523e4aa992610e184de0537c6e928127c4b52d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.intensedebate.com/wCSS.php?widget=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:54:20 GMT
last-modified: Sat, 17 May 2008 00:00:49 GMT
server: nginx
etag: "482e2031-bb"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 187
expires: Thu, 21 Oct 2021 00:54:20 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2A61 28 B
342 B 23ms
23ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Yl4ETw-TXos
X-YouTube-Client-Version: 1.20210915.1.2
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtlWUN6WXRlVnl1NCi62qSKBg%3D%3D
X-YouTube-Ad-Signals: dt=1632185659236&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image&bid=ANyPxKpvznaTpE2jRige2mvXBAwV_RdVamCo5VFXHXA4UBMUAfAWP40FgPzjjDWP-3edAOuUqI4cvGPuvKxEd6jS4NmYmqOf-A

Response headers

date: Tue, 21 Sep 2021 00:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 21 Sep 2021 00:54:21 GMT

GET
H2 200 hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
sd.sharethis.com/disc/css/ 3 KB
1 KB 259ms
7ms Stylesheet
text/css 2600:9000:225e:8200:16:876:8540:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Requested by: Host: s.sharethis.com
URL: http://s.sharethis.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8200:16:876:8540:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c733d9703260b1f2950bfe375cc83064458fd0350c0b8987122e5441b756452c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:53:08 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:18:30 GMT
server: AmazonS3
age: 158
etag: W/"ab4b82703a55102eddefc01bb815f2ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: 4QkRa8Pvrp-A2AHNy98vyv6J6t5NS7IbCXHu-Mp04rf9pwWN09PltA==

GET
H2 200 hoverbuttons.035267d71d894482eb413e5bea488ff5.js Show response
sd.sharethis.com/disc/js/ 8 KB
3 KB 259ms
8ms Script
application/javascript 2600:9000:225e:8200:16:876:8540:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.sharethis.com/disc/js/hoverbuttons.035267d71d894482eb413e5bea488ff5.js
Requested by: Host: s.sharethis.com
URL: http://s.sharethis.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8200:16:876:8540:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca7adfed58ae7c5d3a514891f855a8316e7e7f5d65cd903d8c96bc6ef1bc2239

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:47:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:21:16 GMT
server: AmazonS3
age: 489
etag: W/"035267d71d894482eb413e5bea488ff5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
x-robots-tag: noindex, nofollow
x-amz-cf-id: 2jVx-rbmP7M04voCqFMEwzIwz1xMpPI4M3YpuNMWGZjP4_BLkPgj7g==

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=890881783&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=890881783&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utms...

35 B
119 B

7ms
7ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=890881783&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185664371&utmac=UA-1645146-14&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 21:10:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13441
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=890881783&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1754189106&utmr=-&utmp=%2F&utmht=1632185664371&utmac=UA-1645146-14&utmcc=__utma%3D205858566.2055668820.1632185658.1632185658.1632185658.1%3B%2B__utmz%3D205858566.1632185658.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 mini_Top_Cap.png
sd.sharethis.com/disc/images/ 1 KB
1 KB 8ms
8ms Image
image/png 2600:9000:225e:8200:16:876:8540:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_Top_Cap.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8200:16:876:8540:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e29c399006c5c6e726eafd64d6c42dd91ca2b621ed55f13b81263512beadbfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:46:37 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:12 GMT
server: AmazonS3
age: 596
etag: "3c02395a29d645dfa785a7c7bbff28c6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1035
x-amz-cf-id: jt2QcXMPrIGLeNVOzKI2aPwdEBeN2Aze-EwD4Fml6jsTMEJcTaVJpg==

GET
H2 200 mini_BG.png
sd.sharethis.com/disc/images/ 952 B
1 KB 8ms
8ms Image
image/png 2600:9000:225e:8200:16:876:8540:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_BG.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8200:16:876:8540:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ca5cbea5f371c49060f5cf45fdeaec7a84efb59c59e39ee2573aa0692e6291c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:46:37 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:07 GMT
server: AmazonS3
age: 654
etag: "e07cd92ddc599b79b31648fe5de2e702"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 952
x-amz-cf-id: 0EnrnwRf-ydH5bUMhByfst2EulTihBNJxUscB3e-2PkJ84i8_ZwCRA==

GET
H2 200 mini_Bottom_Cap.png
sd.sharethis.com/disc/images/ 1 KB
1 KB 9ms
8ms Image
image/png 2600:9000:225e:8200:16:876:8540:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_Bottom_Cap.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8200:16:876:8540:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2c4ead1e1cf71139dc4895e4cf3a4fd2f9c9e386e844765bd7a8591949ac68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:46:37 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:09 GMT
server: AmazonS3
age: 704
etag: "f103c1bf9b9c26e07f47abbe0936408c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1084
x-amz-cf-id: df8mmf2lmdY9mVr52Sp5A1IHvL4wj9-ij1HcaXQN-JhjAQC1rD3-yA==

GET
H2 200 facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
1 KB 9ms
8ms Image
image/png 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 02:21:53 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 1636351
etag: "612ef1b8-497"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1175
x-amz-cf-id: I3nR5XmTR1XcF_VlzzoTNPGMp4_9BGBxcJuwt9_ysflnJRxt-293XQ==
expires: Fri, 02 Sep 2022 02:21:53 GMT

GET
H2 200 twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 9ms
9ms Image
image/png 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 1717610
etag: "612ef1b8-53a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1338
x-amz-cf-id: aKx_l2fp7mXEQUYgW0DenXETWxl3FzmACR9erKHwDz3IAFGZeEJvqg==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 googleplus_32.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 9ms
9ms Image
image/png 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:34 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 1717610
etag: "612ef1b8-9a4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2468
x-amz-cf-id: usKJwmjzTXCawZxQTC9YoliQJOJr6NJvjAqQJNpUMTk6Fp_pzwWGjQ==
expires: Thu, 01 Sep 2022 03:47:34 GMT

GET
H2 200 pinterest_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
9ms Image
image/png 2600:9000:225e:e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/pinterest_32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 18:08:06 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 1320378
etag: "612ef1b8-59b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1435
x-amz-cf-id: RbVuDymykbdu6YRa3_osxbaCFRxFdS7v0Lcu22VxKkgkSD0TSqY5bg==
expires: Mon, 05 Sep 2022 18:08:06 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 01:46:36	Name: NID Value: 224=YN0nD9GPkCQhQ-fw1TtO607-k8nYzsKWtZqyZCkL9eaPoydezbiQr69rErdvwTJ74lLs4cUvP6llp95JAzImzPHWTPUWSyzrBIeNHd-KTGOBuC8tNb59OBg0yeNDx4Wnnse0H7Jnc3tzTGKoOwiYfv0YRuY8LR9zrIf8Nzzcqng
.dailylenglui.blogspot.com/	1970-01-20 14:54:17	Name: __utma Value: 205858566.2055668820.1632185658.1632185658.1632185658.1
.dailylenglui.blogspot.com/	1969-12-31 23:59:59	Name: __utmc Value: 205858566
.dailylenglui.blogspot.com/	1970-01-20 01:45:53	Name: __utmz Value: 205858566.1632185658.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.dailylenglui.blogspot.com/	1970-01-19 21:23:06	Name: __utmt Value: 1
.dailylenglui.blogspot.com/	1970-01-19 21:23:07	Name: __utmb Value: 205858566.1.10.1632185658
.gamesfromheaven.com/	1970-01-19 21:24:32	Name: showed_15095_95811 Value: [2490878]
.gamesfromheaven.com/	1970-01-19 21:24:32	Name: c_b18258c67e8265c130ff17d1036090b1 Value: 1
.gamesfromheaven.com/	1970-01-19 21:24:32	Name: z_2d67a167f87c7e3abb66f14b3c153382 Value: 1
.exoclick.com/	1970-01-20 06:08:41	Name: goals Value: a%3A1%3A%7Bi%3A58753%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222021-09-20%22%3B%7D%7D
.realsrv.com/	1970-01-20 06:08:41	Name: goals Value: a%3A1%3A%7Bi%3A58753%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222021-09-20%22%3B%7D%7D
.exdynsrv.com/	1970-01-20 06:08:41	Name: goals Value: a%3A1%3A%7Bi%3A58753%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222021-09-20%22%3B%7D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: CPRz8Pv3UTg
.youtube.com/	1970-01-20 01:42:17	Name: VISITOR_INFO1_LIVE Value: eYCzYteVyu4
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstCfa991008 Value: 1632185659075
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstCla991008 Value: 1632185659075
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstCmu991008 Value: 1632185659075
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstPn991008 Value: 1
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstPt991008 Value: 1
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstCnv991008 Value: 1
dailylenglui.blogspot.com/	1970-01-20 06:08:41	Name: HstCns991008 Value: 1
.gamesfromheaven.com/	1970-01-19 21:24:32	Name: showed_13961_95809 Value: [2470432]
.gamesfromheaven.com/	1970-01-19 21:24:32	Name: c_291a62d2aca6cfeb7a3f79f35f78db3f Value: 1
.gamesfromheaven.com/	1970-01-19 21:24:32	Name: z_07e0bac262ae45d56013f56f668b48e2 Value: 1
.doubleclick.net/	1970-01-20 06:44:41	Name: IDE Value: AHWqTUk_q7d1uuzxjA3pFoyt7Luf5ndDher4DT1Nze5Zbd_Uas_IMhbhN0bt0fPi
dailylenglui.blogspot.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 11e84926-e560-4a3f-afff-c55ee7a6bc12
.casalemedia.com/	1970-01-20 06:08:41	Name: CMID Value: YUktO5yTjT97J1tzQmxUnAAA
.casalemedia.com/	1970-01-19 23:32:41	Name: CMPS Value: 5210
.adnxs.com/	1970-01-19 23:32:41	Name: uuid2 Value: 9045594834743322627
.casalemedia.com/	1970-01-19 23:32:41	Name: CMPRO Value: 1124
.yahoo.com/	1970-01-20 06:09:03	Name: A3 Value: d=AQABBDstSWECEItuQNyFxwbkYXcMwALhJFcFEgEBAQF-SmFTYQAAAAAA_eMAAA&S=AQAAAnW27j3xsB8EPLlnJgHRsWU
.advertising.com/	1970-01-20 06:10:08	Name: APID Value: UP7436bc3c-1a76-11ec-93df-06d442bbc09c
.pubmatic.com/	1970-01-19 21:24:32	Name: KTPCACOOKIE Value: YES
.scorecardresearch.com/	1970-01-20 14:39:53	Name: UID Value: 1L0VROBAB9EJJNWFS1TUXPg1632185660
.pubmatic.com/	1970-01-19 23:32:41	Name: SyncRTB3 Value: 1633392000%3A220
.pubmatic.com/	1970-01-19 23:32:41	Name: KADUSERCOOKIE Value: A1C92C04-487E-4112-85A9-FC42E1164213
.analytics.yahoo.com/	1970-01-20 06:10:08	Name: IDSYNC Value: "192u~20io:18xp~20io"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP7436bc3c-1a76-11ec-93df-06d442bbc09c
.yahoo.com/	1970-01-19 21:24:32	Name: APIDTS Value: 1632185660
.lijit.com/	1970-01-20 06:08:41	Name: ljt_reader Value: 97d9aa7bf444392e74e0579d
.casalemedia.com/	1970-01-19 21:24:32	Name: CMST Value: YUktO2FJLTwA
.adsrvr.org/	1970-01-20 06:08:41	Name: TDID Value: 8efae672-7fb7-4ab8-b6c8-2806de07fdf7
.simpli.fi/	1970-01-20 06:10:08	Name: suid Value: DE1DCA67951044358FA1B3DE40B1746F
.adsrvr.org/	1970-01-20 06:08:41	Name: TDCPM Value: CAEYBSABKAIyCwiqnKy5oqn-ORAFOAE.
.dtscout.com/	1970-01-19 21:23:10	Name: m Value: 1
.dtscout.com/	1970-01-19 21:23:23	Name: b Value: 1
.dtscout.com/	1970-01-19 21:23:20	Name: oa Value: 1
.dtscout.com/	1970-01-19 23:47:05	Name: df Value: 1632185660
.1rx.io/	1970-01-20 06:08:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-89f71766-a004-4bd7-9d3b-d292098aa710-003%22%7D
.adotmob.com/	1970-01-20 06:51:53	Name: uid Value: 06bc220407d947a72b605d48
.adotmob.com/	1970-01-20 06:51:53	Name: uuid Value: 06bc220407d947a72b605d48
.adotmob.com/	1970-01-20 06:51:53	Name: partners Value: IX%3A1632185660152
.cpx.to/	1970-01-20 06:08:41	Name: cpSess Value: 5af543dbcad29884
.cpx.to/	1970-01-20 06:08:41	Name: dsp_app_nexus Value: 9045594834743322627#1632185660150
.infolinks.com/	1970-01-19 21:24:32	Name: VRUSERCOOKIE Value: y-AK_QAlpE2uHm9il.7fE27CbTzpg7xfC8iwCRINk-~A
.casalemedia.com/	1970-01-20 06:08:41	Name: CMRUM3 Value: 0d61492d3b05a0&5a61492d3b05a0&2d61492d3c2760CAESEJ3B39OnO4Vot6kdR5N6j9I&4061492d3c2760no-consent&f161492d3b05a0&2761492d3b0b40&4161492d3b05a0&e661492d3b2760
.pubmatic.com/	1970-01-19 23:32:41	Name: PUBMDCID Value: 3
.bnmla.com/	1970-01-19 21:23:06	Name: rx_sspurl_1000361 Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D383240db-3ef4-4ea1-9198-d1372f2039d0
.bnmla.com/	1970-01-19 21:44:41	Name: rx_uuid Value: 383240db-3ef4-4ea1-9198-d1372f2039d0
.bnmla.com/	1970-01-19 21:44:41	Name: rx_maxage_1000361 Value: 1633481660
.bnmla.com/	1970-01-19 21:23:06	Name: rx_sspid_1000361 Value: 6
.targeting.unrulymedia.com/	1970-01-20 06:08:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-89f71766-a004-4bd7-9d3b-d292098aa710-003%22%7D
.pubmatic.com/	1970-01-19 23:32:41	Name: chkChromeAb67Sec Value: 3
.infolinks.com/	1970-01-19 23:32:41	Name: ANUSERCOOKIE Value: 9045594834743322627
.infolinks.com/	1970-01-19 21:24:32	Name: OUTHUSERCOOKIE Value: y-iUoY8zhE2uH.ylk4CHbH9Prfk_7Jr4JQ~A~UP7436bc3c-1a76-11ec-93df-06d442bbc09c
.infolinks.com/	1970-01-19 21:24:32	Name: SOVRNUSERCOOKIE Value: 97d9aa7bf444392e74e0579d
.infolinks.com/	1970-01-19 21:24:32	Name: IXUSERCOOKIE Value: YUktO5yTjT97J1tzQmxUnAAA&1124
.infolinks.com/	1970-01-19 21:24:32	Name: R1USERCOOKIE Value: RX-89f71766-a004-4bd7-9d3b-d292098aa710-003
.rfihub.com/	1970-01-20 06:44:41	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1tDAyNDEwMDExNRbiM9QtM7UIzomIrPD2j_eV4jU0MzYytDA1MzMwMTIFAOSZoIc0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1tDAyNDEwMDExNRbiM9QtM7UIzomIrPD2j_cFACX212YlAAAA
.rfihub.com/	1970-01-20 06:44:41	Name: eud Value: H4sIAAAAAAAAAFslzmtoZmxkaGFqZmZgYmQKAC3F18YQAAAA
.infolinks.com/	1970-01-19 21:24:32	Name: PUBMUSERCOOKIE Value: A1C92C04-487E-4112-85A9-FC42E1164213
.infolinks.com/	1970-01-19 21:24:32	Name: KADUSERCOOKIE Value: A1C92C04-487E-4112-85A9-FC42E1164213~1632185746864
.infolinks.com/	1970-01-19 23:32:41	Name: ZMNUSERCOOKIE Value: ""
.infolinks.com/	1970-01-19 21:24:32	Name: ZTUSERCOOKIE Value: 1870471598214004453
.infolinks.com/	1970-01-19 21:23:09	Name: ENBDSERCOOKIE Value: 383240db-3ef4-4ea1-9198-d1372f2039d0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://apis.google.com/js/plusone.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://apis.google.com/js/plusone.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: http://lh4.ggpht.com/-L9TBMMJZO_U/UTOZQy29ckI/AAAAAAAANMM/LM87RlR5OVA/w72-h72-p-k-no-nu/daniella_wang_lidan.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lh4.ggpht.com/-MJYdSE1wJBc/UQDktfm-z_I/AAAAAAAAALk/7UtMv0EgLuM/w72-h72-p-k-no-nu/celia_kwok.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lh3.ggpht.com/-f-JScgODXbw/UQViFA8lLOI/AAAAAAAAE2U/RCfgpPwNUug/w72-h72-p-k-no-nu/cica_zhou.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://apis.google.com/u/0/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1632185658829&_gfid=I0_1632185658829&parent=http%3A%2F%2Fdailylenglui.blogspot.com&pfname=&rpctoken=29789686 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: http://dailylenglui.blogspot.com/(Line 2112) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://dailylenglui.blogspot.com/(Line 2112) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
ap.lijit.com
apis.google.com
b.scorecardresearch.com
b1sync.zemanta.com
casale-match.dotomi.com
cm.g.doubleclick.net
dailylenglui.blogspot.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dtscout.com
fonts.gstatic.com
gamesfromheaven.com
googleads.g.doubleclick.net
i.polldaddy.com
i.ytimg.com
i0.poll.fm
iadoremakingpics.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
l.sharethis.com
lh3.ggpht.com
lh3.googleusercontent.com
lh4.ggpht.com
lh5.ggpht.com
lh6.ggpht.com
lh6.googleusercontent.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
match.adsrvr.org
match.bnmla.com
odb.outbrain.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
platform.twitter.com
polldaddy.com
resources.blogblog.com
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
s.sharethis.com
s10.histats.com
s3t3d2y7.ackcdn.net
s4.histats.com
sb.scorecardresearch.com
scontent.xx.fbcdn.net
sd.sharethis.com
sites.google.com
ssc-cms.33across.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.doubleclick.net
suchenachmuschi.space
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.targeting.unrulymedia.com
syndication.exoclick.com
syndication.twitter.com
t.dtscout.com
um.simpli.fi
ups.analytics.yahoo.com
w.sharethis.com
widgets.outbrain.com
ws.sharethis.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.intensedebate.com
www.paypalobjects.com
www.youtube.com
yt3.ggpht.com
104.244.42.200
13.32.99.21
13.32.99.90
142.250.185.226
151.101.114.132
151.101.194.133
159.253.128.188
172.66.41.9
172.66.42.247
174.137.133.49
178.162.133.149
18.159.118.206
185.183.112.148
185.33.220.145
185.64.189.110
185.64.189.114
185.64.190.79
192.0.123.247
192.0.123.248
192.0.77.36
192.99.13.63
193.0.160.128
2.18.234.190
2.18.234.21
208.100.17.180
208.100.17.187
209.54.177.54
213.19.147.45
2600:9000:225e:7c00:16:876:8540:93a1
2600:9000:225e:8200:16:876:8540:93a1
2600:9000:225e:e00:3:c04e:c780:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3031::6815:a8d
2606:4700:3035::6815:884
2606:4700:3036::6815:4193
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2006
2a00:1450:4001:812::200d
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2016
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2009
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a02:3d0:623:a000::8006
2a02:fa8:8806:20::2040
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.181.115
3.126.56.137
38.27.122.126
46.105.201.240
51.161.15.92
51.89.24.70
51.89.9.253
52.30.185.188
64.202.112.31
66.155.71.25
72.251.249.9
76.223.111.131
95.211.229.245
95.211.229.247
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
021b68edc510a18db2e6350715f2dfb09a10afdad81441b3df764b50f4c8b48f
02acdc04b989121b80b5bc02f08bd2d97d24e3d3b357463e8af353a04ec4442a
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06d21229e33e11800844eced6ef936058b77fd9d8b637c689cebcd1efae74dba
0802fb46da904ec68bf20de8ada26cfdee6c5e95d397763181aba4340f6e7d03
0a3d704d32045a3e83aaa75ba4e019992f1795d6121cc6482ee12cbb9d952370
0bc0ff6820d883bc78c110c4535024ea51a665c76218b1e4a906664ea9bd3c7f
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0eb3e91feaaaca56adff166c577ee601723567c131b25d281d772aece750e100
120ed0c07e3b799f05edbaf9edd674065f79410c14c3f80193f25a0813cd05f5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14fb2bf1a00f040bb92e4fd2364e7de05c6a7503dfdc5c5fda5d858ddabe67ca
15c790fe83d419ab04833e80703d1163483728932e8d89253cf99cfd7772af1c
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
185a3b390e83a3b47bf6a0fadb25e091bcb520b10bf3cb6e640e569d9476bd71
191d47fb80e2b88bad931569933ab6bb8fe36c813c4a072381793fe9aa9fa784
1b520003f57f636a977906273d035c740d33c8b2e335a0b52f1dd2e4e9527045
1ddeb76899626e297bac275b9523e4aa992610e184de0537c6e928127c4b52d3
1e0f23734c4968f14513447b96a6aa1303434786a8e821d870b5d96584b12b43
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
1e73f89046548162918d0907470e29b3c891ee2f716ec1ac3e22fceac16572b9
2178e9e3e1f4f25db91f0b59813e0c7f9e2904c313138d34fffe3a6dc4b93078
233614a8545986cc0cc0982ee474a6b062704ab8899779ed8eaa2cd9bdcd1070
280ebd10d5048d1143441964143b018eb437d7b7a0fc3334ad78af43a13e0536
294369c82d831799b4e873a82f34e42fb00de5d1dd73032494efb9914df6d245
298de217877c9e598561f4d9019bbda55c10754b1d51fe725268707796420d1f
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
2e29c399006c5c6e726eafd64d6c42dd91ca2b621ed55f13b81263512beadbfb
2ee161ee902daab76ff7bb03b1de4537ec1a5e3e515ed174879a7c60d7d621bc
307a78514afff091b8497deeccd07003f864099b4b184edbcfa6b3a640be639a
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
364a9f26140813151990539bc23bb8fa5248675084f5465540c6b3d6ebcded98
36fde156c21814a89b4b1325805d9c0c0c0136487bcbb0db32c6f799cd4836f9
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3801426332da04070718265936f3745add170d7f713465fb2aa440fdad8d3f00
384a34ff3a05872b2b10bd2e2f177f89a30fe6fff15c220916804f2a17449976
384aa3fb477ed1640ab5b28b263de9a3ab459bf631d1772033389e12098eafd2
38b516c9246e0a9a7e2ffc1c9eca4865046baa8985fc13c53aa1a6e8ac0a0db6
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3c800885f66d372a6c80fabfb954f6e288769d3278a1ec15214c9928589f14e3
3ca5cbea5f371c49060f5cf45fdeaec7a84efb59c59e39ee2573aa0692e6291c
3dc936b3c6e476fbbbfea1c5d962f4bee0e3636450608357ffcf9e6e92e0d596
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
452a5ac7b950e6c6705c03a66e6dcb9609c7c3178439e0b416df1548df2c8f17
495d1dab25380ba1420d2c35bfff5bc1b7801a2810445709e6fcae0371b81b8c
4a289c9f71fb1bb1e08de0f61000167d7824e87ad441c0a0dd8a9c68d0346252
4b1d31f600c5e526e7d0276d32bcf5e8009b6b9ad4ffa1c838f380778c2cba49
4d8dd820c0432f430c32dbded6c2d8e917a6bfa43f7346fceb377d3f2cc5aff5
4ea0ae7ef3769fbd24a75a32f40785260ed5d83350b76ece6ededa1060fa4271
539800129e81d097537e3ae13a9258716734fc7071a351ac9385b83c22649d70
5512d80f311835666d837ec9cc7b2e07c268253eaf6b26bb978585ea87084dda
553f29d085717e2a47e26c32b3f8bb0e9691e5287c30f1270fa78597070965e4
5760969ef9f8f37a41dd5ff7794f1b9bc6cce33ea51d15dbe1e632b5cfc9f171
5a1b5a99bb9f12912fa06de43a5a41fc4d83b97904b3d4e97b0668971b9d2382
5c8906bfce715a3bfcc8cedd4d3213b69614eac036fec61c5e456279f29c1056
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68ad418315427557d2453034932128de66cc1aec679bade5018644d1d63dec9f
6d3332a48aa55b5ebb45e9f1d0a73d93e9aeb8941a2f3b850825bfc09b2bd189
6e438f51b474134f435f788639f800142905b92f92c2c1532fda26dfdd75ae4f
6f34901c768ab9c7505777a0fede86ccce6b12d4dcbdad84abdfad5e3683e6cc
71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
73673501696b0597e8971478757c9674b1358a2a8ef6a3a14e238434f97d72ae
74cb95dca1cd7139321f5f789c654d76d625a8c68a56eb41958dbf83f613710e
7531b01031d70b3232e4301e7f2dafb57c5d6393c6c7b265882a452134b6f973
753317c58e485fe930390c7d2b9a30e6609a274456a37384506950283004664b
771443136b722e3103e11bfe4da669504dad38c37a89b955eeec114da8b425d0
7756fae3c6a927a182b1ec142a40727e680551670cd621ec7f0ca7f83ee73feb
78f15585a6b2c5a886bbc8aad63848b2a1bbe5dd09b7f26952ce40a48e10a4a0
796066ce92d05ec134b324f69c0eeb68d0388d78e28b5ddaa2a8a2308409dfd5
79ff948cd4ee4c630401336f4220f798231b8934478ef2dc3333fb8346e554dc
7ab2a6f625629ffbf8b21b3e8546aeadd0b88b028338c85b08f8fac7c2dd33b4
7ada8c6db41df4c22b32bb93a2c2d946ce725e4ed4dbdf8386a41516cb23ec97
7b0997742aba2828495b20e8ec9edf8f5455bdfdfff2bf4c5a8d30a09d3408d9
7c8cde3bc9f502e92a8c5b87856ed9561a9bfea369964741c6f16992bee9aa4f
7d4a8b6b96a1dca75c633779df58e6bbb05380bbbc3f052cb08aeb71fe59ef5b
7dad269e017ad998c2aea1caf1d7fd2725241aa5d2a887b1dc8a153d91182d68
7eb77b674a3d3a00e997e449c9899437a41a185cc5bc2fcf1c03f3d863a20019
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84be71f0ec4f6b1a504eae4016ba02c03874c5718e791ac48c30a3691ae8e151
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87d069d308ee02fb32b2a00dfa73d3b26c96f24af1a837ec091e767c4d583f15
8c7e4690e2ab0ad13c20a24446de8c50d812de2d30f27409ab4d9b024d9fea28
8d1b51a6bcf97a173884161816c19b753e0088a0926148482d8a1f371706c774
8d5b561226b0765b7374720bdc23f141008acb91a0a9fc51515c4003ff74fae1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8f7dedf475b9fccc47657ef4e701d752010004992b3d3b904e9a72efb2c3cd7d
90807636accc5caa49ee5b6b009276b04ad883d189ec56013ab9f52632dae6e2
91563af678cd860504972452b008a3d18595de97b147a5734335df31485a8cbc
92fc7e8a1681927541270ac52afabf0f679823f5038375f077e5b2ebe3027438
932179dd9c7d37793e84372649abf393a064705c6344678be6a4c2eb892175d7
9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242
95c77ee03fdb1491a7a5d5bdd29c1f91b8673390a6a478bf6683e57ff0107266
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
96140c2860e42f2db32cd8526d27deed771002ce86cab070e1a975fb1448c077
979b0069a9bb5e16b8f32806717226a7a378dbd4d176093dbe7053a5138a213d
98333f20bc1a03ce8fa68b0b8cb1bdc3ecd5af33b6a3548b398604b413f4d19f
9d0029c61be0ce611bd58fd85a0a04a8b4c663a03416f34b92922f7d198ec1f7
9e43e5cd00bed6fe0f8cb8df54ad375fa2856bc5cf9716f851a94cdd1e8239da
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a3f4fff8c05bef8a28e78cea9f413e0ce65f691de874fd2f81598bba5b54d872
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
a90340a569f96d53e49b31bff428a2b7ab23ba09d442cd4bc7a1963267a2b181
ac5979e2cc0e74af50ffc664f5412dbf1e6a28253c835d3b974ff82772cf4d14
af67ea2f6471994fe966d2d72642ee2f3ca0533e0020fb15a36c33e647ee737f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56ea482ce0b809435f23d3fbe7fa54e7699f9bdc2a4a3b8adb879c7fef5a2ef
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b72527a1db29046eca96db1334c69daa214c657f7fd84780cd6f22ca31442918
b778b8c1d97959af4734b740ae4038a6dae1eeabae79ec300510ee5df5442c7c
b889e8fed7360a7886e2ca271cf2630e337874bcf2b14be6a8d825179b199637
b9754e5f7eb543d84815dccc45284b0eb2d0a25081e765e8a6cc52e7dee40eeb
bceb42c38849f45f8eccea1ad752b5ccea22eba051598d3890607f03941e301e
bdc432b7e6db805df28ba7ecf921326edc8059fa90ebe3ea3a68d637253d4f2b
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf2ee140fbdc4709845eeae033d27b9235e8118a6d554840f96cc15bd1c9c01e
bf41c412c49366090ba0b5a0751f6e026c12a7cf1e17e3f45ffc9609970c4991
c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794
c1b463f0a215f16037e0a225f8f5690285682283963ff04c67cf374b9e785c76
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c257aee0991385667e0cb83f6e57cfeb3a79718af70cd830f94f48e8799537a7
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c733d9703260b1f2950bfe375cc83064458fd0350c0b8987122e5441b756452c
c853dea4592444045109bc8e46e5bda97bf41110f82f0483ec4e2c940cae2d23
c943254ee28e879b9b3927eedd14705fa7910141c9ca8294dbb5c91aa5dbb429
ca7adfed58ae7c5d3a514891f855a8316e7e7f5d65cd903d8c96bc6ef1bc2239
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cc8562872dc541ccfe9ab57d0d85581b33b22924c126651f11d1dc3456ad7961
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd7bef3b2da0bbec9c680445e9c65303ba471a7edeb1b8798f28a865569615f8
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
d21c8bd2e8b2f5a56b540807fec034374ae70b88dc022ee1e6db57431e3899c9
d236eed9587f12322a00882066264ef4fe0648dae4f50dc397fa9020446b3acc
d2c2b5467d76098a4dbd6a22597ee2f8bdbdf44de1b7ad3484729b49430e3ef0
d610cd6aa5e508062ed1da5af6b9d106791efdfede822a06ec3101d00be961b5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8d022bfafc5db3e38832ef2f4ce66f82b62f41dcf4be93195f7174fb91d26a5
d985648b31dd5d6de7c01f3400b8e8b81c38168d385bf133a6357ea5a9220629
d9ef93fa2e5f8c3cb5f62e046610375b9d45ba3e5bb08c6a8422bfe84dbe5daf
db6982dc7fd31db0d9511d7782216eadf36bbb8c50c1bf7730c79e79f0ffdbb3
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e083bd873948bb4049297e3efd02020e1793d657a0664000a2262c108da9901e
e0cc2a9c5cd23e63594391b3425c5fbcd461b92306d9d5cbf7674e60cfe1710c
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e2b1fe21c6d3074fa4f3e3a22fc8608d1877bfe8b6e34aeb03a8eef12da34a62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d7338aa8d316ac74e86fdacdcc8330f4fe3ea39a94e471747d4f8002243e31
e8b46f5e84f8d34e0b8314497ce5765b34edfc55ce80f7f33bdbbc7d37837081
e97fab623507015813482c6e4038d77b6e605b4beec0316fc763d3ae26d7e257
ea70a4043bfff91a8b7d15650f75dc6d1c8cd81cbd55d02fd67bf99fa4424a5b
ecfcc8810e08d1313ad57015b6a2f141beda5cd9dcde99d29ae3b243edb4d9ed
ede53f972b47cd2276ccddbfe6b93aa6d605b952f363bc22ddd8a7a784b8a8f3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f093c69d3c477cc5bf37da4a21c7fe0474186e4db7b456414efaffc646273c01
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f2c4ead1e1cf71139dc4895e4cf3a4fd2f9c9e386e844765bd7a8591949ac68d
f74a13feeaca39d6e906eac613825aab32f45edcf45558d3177b85ff18f7c257
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
fb7afa901c39ea37f645de98e2b0a6e0cae1015e34479e2a662b3ac863b214a8

dailylenglui.blogspot.com Open in urlscan Pro 2a00:1450:4001:801::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

212 Requests

72 %HTTPS

40 %IPv6

55 Domains

87 Subdomains

56 IPs

8 Countries

6200 kBTransfer

10387 kBSize

76 Cookies

0 Outgoing links

Redirected requests

212 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dailylenglui.blogspot.com Open in urlscan Pro
2a00:1450:4001:801::2001 Public Scan

Screenshot
Live screenshot

Full Image

212
Requests

72 %
HTTPS

40 %
IPv6

55
Domains

87
Subdomains

56
IPs

8
Countries

6200 kB
Transfer

10387 kB
Size

76
Cookies

212 HTTP transactions
1 data transactions