wa--groups.blogspot.com Open in urlscan Pro
142.250.185.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3WRj4B9?r=lp
Effective URL:
https://wa--groups.blogspot.com/2023/01/httpschat.html
Submission: On February 26 via manual (February 26th 2023, 9:40:55 pm UTC) from PL — Scanned from PL

Summary HTTP 107 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 19 domains to perform 107 HTTP transactions. The main IP is 142.250.185.129, located in United States and belongs to GOOGLE, US. The main domain is wa--groups.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on February 8th 2023. Valid for: 3 months.

This is the only time wa--groups.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
2	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
13	142.250.186.137 142.250.186.137	15169 (GOOGLE) (GOOGLE)
1	35.201.118.58 35.201.118.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
10	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
13	104.22.72.81 104.22.72.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
2	172.67.7.107 172.67.7.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.23.134.11 104.23.134.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.23.133.11 104.23.133.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.41.132 35.190.41.132	15169 (GOOGLE) (GOOGLE)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	66.203.127.18 66.203.127.18	205809 (MEGA) (MEGA)
9	66.203.127.11 66.203.127.11	205809 (MEGA) (MEGA)
3	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
4	66.203.125.12 66.203.125.12	203055 (MEGA-LIMI...) (MEGA-LIMITED-AS Mega Limited)
3	172.67.71.74 172.67.71.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.208.16.104 162.208.16.104	205809 (MEGA) (MEGA)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1 2	157.240.252.35 157.240.252.35	() ()
107	28

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

wa--groups.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

gauzedisparage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.137 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.118.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.22.72.81 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn01.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.7.107 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn02.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn03.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.23.134.11 (None, )

ASN13335 (CLOUDFLARENET, US)

js.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.23.133.11 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com

files.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.203.127.18 (New Zealand)

ASN205809 (MEGA, NZ)

mega.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 66.203.127.11 (New Zealand)

ASN205809 (MEGA, NZ)

eu.static.mega.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.203.125.12 (Bettembourg, Luxembourg)

ASN203055 (MEGA-LIMITED-AS Mega Limited, LU)
PTR: bt2.api.mega.co.nz

g.api.mega.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.71.74 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.208.16.104 (New Zealand)

ASN205809 (MEGA, NZ)

gfs302n204.userstorage.mega.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (None, ) 1 redirects

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	jotfor.ms cdn.jotfor.ms — Cisco Umbrella Rank: 19133 cdn01.jotfor.ms — Cisco Umbrella Rank: 21063 cdn02.jotfor.ms — Cisco Umbrella Rank: 21190 cdn03.jotfor.ms — Cisco Umbrella Rank: 21642	719 KB
14	mega.co.nz eu.static.mega.co.nz — Cisco Umbrella Rank: 93200 g.api.mega.co.nz — Cisco Umbrella Rank: 30482 gfs302n204.userstorage.mega.co.nz — Cisco Umbrella Rank: 316113	604 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	540 KB
13	blogger.com www.blogger.com — Cisco Umbrella Rank: 9057	386 KB
8	jotform.com 1 redirects form.jotform.com — Cisco Umbrella Rank: 20119 js.jotform.com — Cisco Umbrella Rank: 38497 www.jotform.com — Cisco Umbrella Rank: 26503 files.jotform.com — Cisco Umbrella Rank: 31153 api.jotform.com Failed events.jotform.com — Cisco Umbrella Rank: 21061	124 KB
6	blogspot.com wa--groups.blogspot.com	173 KB
5	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14237	12 MB
4	google.com www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 29	27 KB
3	jotform.io widgets.jotform.io — Cisco Umbrella Rank: 56080	6 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 ajax.googleapis.com — Cisco Umbrella Rank: 306	36 KB
2	facebook.com 1 redirects www.facebook.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	87 KB
2	mega.nz mega.nz — Cisco Umbrella Rank: 45510 Failed	62 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2316	83 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 693	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	5 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4041	17 KB
1	gauzedisparage.com gauzedisparage.com
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5165	249 B
107	19

	Domain	Requested by
13	www.blogger.com	wa--groups.blogspot.com www.blogger.com ajax.googleapis.com
12	cdn.jotfor.ms	form.jotform.com cdn.jotfor.ms js.jotform.com
10	fonts.gstatic.com	fonts.googleapis.com www.blogger.com www.google.com
9	eu.static.mega.co.nz	mega.nz
6	wa--groups.blogspot.com	wa--groups.blogspot.com ajax.googleapis.com
5	blogger.googleusercontent.com	wa--groups.blogspot.com
4	g.api.mega.co.nz	mega.nz
4	www.gstatic.com	www.google.com www.gstatic.com
3	widgets.jotform.io	wa--groups.blogspot.com widgets.jotform.io
3	www.google.com	www.blogger.com www.gstatic.com www.google.com
3	js.jotform.com	form.jotform.com widgets.jotform.io
2	www.facebook.com	1 redirects connect.facebook.net
2	connect.facebook.net	wa--groups.blogspot.com connect.facebook.net
2	www.jotform.com	1 redirects form.jotform.com
2	mega.nz	wa--groups.blogspot.com ajax.googleapis.com mega.nz
2	stackpath.bootstrapcdn.com	wa--groups.blogspot.com stackpath.bootstrapcdn.com
2	fonts.googleapis.com	wa--groups.blogspot.com cdn.jotfor.ms
1	play.google.com	www.blogger.com
1	code.jquery.com	widgets.jotform.io
1	gfs302n204.userstorage.mega.co.nz	mega.nz
1	events.jotform.com	wa--groups.blogspot.com
1	files.jotform.com	wa--groups.blogspot.com
1	cdn03.jotfor.ms	form.jotform.com
1	cdnjs.cloudflare.com	form.jotform.com
1	cdn02.jotfor.ms	form.jotform.com
1	cdn01.jotfor.ms	form.jotform.com
1	browser.sentry-cdn.com	form.jotform.com
1	ajax.googleapis.com	wa--groups.blogspot.com
1	form.jotform.com	wa--groups.blogspot.com
1	gauzedisparage.com	wa--groups.blogspot.com
1	bit.ly	1 redirects
0	api.jotform.com Failed	cdn.jotfor.ms
107	32

This site contains links to these domains. Also see Links.

Domain
sora-app-soratemplates.blogspot.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
abonnementpermissiveenliven.com
chat.whatsapp.com
surechieflyrepulse.com
www.pinterest.com
www.linkedin.com
web.whatsapp.com
api.whatsapp.com
www.blogger.com
www.soratemplates.com
gooyaabitemplates.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
allmygreatestlife.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-10` - `2023-10-20`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-07`	2 months	crt.sh
mega.nz R3	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.static.mega.co.nz Sectigo RSA Domain Validation Secure Server CA	`2022-12-12` - `2024-01-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.api.mega.co.nz Sectigo RSA Domain Validation Secure Server CA	`2022-12-12` - `2024-01-12`	a year	crt.sh
*.userstorage.mega.co.nz Sectigo RSA Domain Validation Secure Server CA	`2022-12-11` - `2024-01-11`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://wa--groups.blogspot.com/2023/01/httpschat.html
Frame ID: 5B054199DB41181101632EB0C12BBCAF
Requests: 26 HTTP requests in this frame

Frame: https://mega.nz/embed/xvhmhRSK
Frame ID: A0EDDB6427DD394904C291F7E81D15CB
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294
Frame ID: E1E7CF1AD4A112327A4BBF2329EA1153
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
Frame ID: D610602FE7F851ADEE9DE7D9DDEA2870
Requests: 28 HTTP requests in this frame

Frame: https://mega.nz/embed/xvhmhRSK
Frame ID: 155A0E9104314ECA00ECEFCE24B135CB
Requests: 27 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294
Frame ID: D243969A0B38FFCB0722804A1B990C49
Requests: 12 HTTP requests in this frame

Frame: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
Frame ID: 579999F5BBD378C15DF35C01E5671C07
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=pl&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=ykux0v1drxxl
Frame ID: 1C748147C2C0D227145267F7555337C4
Requests: 8 HTTP requests in this frame

Frame: https://www.blogger.com/_/BloggerCommentUi/cspreport
Frame ID: 3EBD2ABCEEE22643ECC680FF7C57E5CC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df76166345dfed4%2526domain%253Dwa--groups.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwa--groups.blogspot.com%25252Ff385e8cd31c6824%2526relation%253Dparent.parent%26container_width%3D254%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252Fprofile.php%253Fid%253D100088848632797%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
Frame ID: 0FBEC30D07731BAB07EBDBA83B96FCCC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grupos de México

Page URL History Show full URLs

https://bit.ly/3WRj4B9?r=lp HTTP 301
https://wa--groups.blogspot.com/2023/01/httpschat.html Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

107
Requests

87 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

28
IPs

5
Countries

15278 kB
Transfer

23666 kB
Size

1
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://sora-app-soratemplates.blogspot.com/p/about.html
Title: About

Search URL Search Domain Scan URL

URL: https://sora-app-soratemplates.blogspot.com/p/contact-us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/soratemplates/

Search URL Search Domain Scan URL

URL: https://twitter.com/LiveBlogger1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/livebloggerofficial/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/liveblogger

Search URL Search Domain Scan URL

URL: https://abonnementpermissiveenliven.com/c415th807q?key=6b3ac98eb749a734aff1c8dc0d9f998e

Search URL Search Domain Scan URL

URL: https://abonnementpermissiveenliven.com/zdwu72jnx?key=67cabb624b4abcd1d35b2ac953c8a637

Search URL Search Domain Scan URL

URL: https://abonnementpermissiveenliven.com/kiehq3hq?key=048afc07415ad4934b10f30150447de8

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/DE8vfiT4hQD61TS0KcCywi
Title: https://chat.whatsapp.com/DE8vfiT4hQD61TS0KcCywi

Search URL Search Domain Scan URL

URL: https://surechieflyrepulse.com/bweurj4ps?key=62d863ccc757cab93e7dc453f5b11290
Title: https://chat.whatsapp.com/J1lcUTo5NR45IbRyErSYwg

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/E5FCyB27oia178ELFAADAN
Title: https://chat.whatsapp.com/E5FCyB27oia178ELFAADAN

Search URL Search Domain Scan URL

URL: https://surechieflyrepulse.com/kiehq3hq?key=048afc07415ad4934b10f30150447de8
Title: https://chat.whatsapp.com/FC7GdOkc0t2F0g2Rp8skuW

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/C6ZAYThvDqM8WsLJCDd93x
Title: https://chat.whatsapp.com/C6ZAYThvDqM8WsLJCDd93x

Search URL Search Domain Scan URL

URL: https://surechieflyrepulse.com/ajpd8ix9v7?key=3cfb044b375366dd89df81d63208f48a
Title: https://chat.whatsapp.com/HGCXOnZ15Az6tClZ4Pau1f

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/DHs0Okv0dFr7x21EQ6ld2A
Title: https://chat.whatsapp.com/DHs0Okv0dFr7x21EQ6ld2A

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/ESsRwQdB1z121SJOGJQ30u
Title: https://chat.whatsapp.com/ESsRwQdB1z121SJOGJQ30u

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/GHIqLbpE3i7D7vlAz5G9Yz
Title: https://chat.whatsapp.com/GHIqLbpE3i7D7vlAz5G9Yz

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/FbIJfDKQ0hg3hxrLrF153a
Title: https://chat.whatsapp.com/FbIJfDKQ0hg3hxrLrF153a

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/GwDc1f3tcbC2LZ5oiUYDvX
Title: https://chat.whatsapp.com/GwDc1f3tcbC2LZ5oiUYDvX

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/J9cJDgxu8wJ9YUIKgInuQn
Title: https://chat.whatsapp.com/J9cJDgxu8wJ9YUIKgInuQn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://wa--groups.blogspot.com/2023/01/httpschat.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://wa--groups.blogspot.com/2023/01/httpschat.html&text=%20Grupos%20de%20M%C3%A9xico
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://wa--groups.blogspot.com/2023/01/httpschat.html&media=https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfLyiVZXvMrBHyuEq47JLA81FS2vagk65_IMYmVW2j2EXr_L90po3XxmZdYUZBShXzsQs_HdRKLMSxhtWunAe-5kUgGA29ODmIzZ_hhPjWC5HuIlqtJzVXIrn2L03tK02hZelB73xPuM58kL8kIba_ukthQdnOZ7Rak3wUhelCUmjRAW4qPrc2e_Djcg/w497-h362/hentai%20bdsm%20art%20II.jpg&description=%20Grupos%20de%20M%C3%A9xico

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://wa--groups.blogspot.com/2023/01/httpschat.html

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%20Grupos%20de%20M%C3%A9xico%20|%20https://wa--groups.blogspot.com/2023/01/httpschat.html

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20Grupos%20de%20M%C3%A9xico%20|%20https://wa--groups.blogspot.com/2023/01/httpschat.html

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294

Search URL Search Domain Scan URL

URL: https://www.soratemplates.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://gooyaabitemplates.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Dowiedz się więcej

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3WRj4B9?r=lp HTTP 301
https://wa--groups.blogspot.com/2023/01/httpschat.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.jotform.com/uploads/soysrmoji/form_files/WA-Groups.63975a0617f6b3.70149199.jpg HTTP 302
https://files.jotform.com/jufs/soysrmoji/form_files/WA-Groups.63975a0617f6b3.70149199.jpg?md5=SFMoT6GCXNlj9zxueKmDfw&expires=1677447658

Request Chain 110

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df76166345dfed4%26domain%3Dwa--groups.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwa--groups.blogspot.com%252Ff385e8cd31c6824%26relation%3Dparent.parent&container_width=254&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2Fprofile.php%3Fid%3D100088848632797&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df76166345dfed4%2526domain%253Dwa--groups.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwa--groups.blogspot.com%25252Ff385e8cd31c6824%2526relation%253Dparent.parent%26container_width%3D254%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252Fprofile.php%253Fid%253D100088848632797%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

107 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request httpschat.html Show response
wa--groups.blogspot.com/2023/01/
Redirect Chain

https://bit.ly/3WRj4B9?r=lp
https://wa--groups.blogspot.com/2023/01/httpschat.html

332 KB
55 KB

532ms
421ms

Document
text/html

142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

GSE /

Resource Hash

722294202f5228a7c8162f7d76cb0adfdd997e11db0e0eadb545b26b8694e248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 55780
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 21:40:47 GMT
etag: W/"1d07149d89803162ea6919cd70c3b454daa55c2c85b2cb23a5cc3a2d428dd086"
expires: Sun, 26 Feb 2023 21:40:47 GMT
last-modified: Sun, 05 Feb 2023 03:20:19 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 141
content-type: text/html; charset=utf-8
date: Sun, 26 Feb 2023 21:40:47 GMT
location: https://wa--groups.blogspot.com/2023/01/httpschat.html
server: nginx
via: 1.1 google

GET
H/1.1 403
Forbidden cdc6ee9198ad06ba63bceb0ba7d178de.js
gauzedisparage.com/cd/c6/ee/ 0
0 941ms
136ms Script
text/html 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gauzedisparage.com/cd/c6/ee/cdc6ee9198ad06ba63bceb0ba7d178de.js
Requested by: Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 3 KB
868 B 156ms
58ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,500,500i,700,700i

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 21:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 21:40:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 21:40:47 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 105ms
41ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 2016735
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 79fbd75729e3bf2b-WAW
cdn-requestpullsuccess: True

GET
H2 200 depositphotos_85032710-stock-illustration-xxx-vector-logo-of-women.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUhT48TNnNd9c-ayD1y9ArRKHHY20jkIUx3wl0HT2bAgvtA0png7M2ZX1CRoNNFjasHCL-RfWULoPIsSsQKcW2n18ZKd9VtqRC0YpCzVUNwt2y4jJGQy9Fbx8ntkkf8QFyKMzDNirLy7U37cAI... 633 B
702 B 735ms
640ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUhT48TNnNd9c-ayD1y9ArRKHHY20jkIUx3wl0HT2bAgvtA0png7M2ZX1CRoNNFjasHCL-RfWULoPIsSsQKcW2n18ZKd9VtqRC0YpCzVUNwt2y4jJGQy9Fbx8ntkkf8QFyKMzDNirLy7U37cAITqS9FpWOB4lP6oP92W6zqyPKbEtO/w20/depositphotos_85032710-stock-illustration-xxx-vector-logo-of-women.jpg

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

bcf435495116719e85323d416172c48999c971ba68391f4673e32005e0be7ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v462"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="depositphotos_85032710-stock-illustration-xxx-vector-logo-of-women.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 633
x-xss-protection: 0
expires: Mon, 27 Feb 2023 21:40:49 GMT

GET
H2 200 hentai%20bdsm%20art%20II.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfLyiVZXvMrBHyuEq47JLA81FS2vagk65_IMYmVW2j2EXr_L90po3XxmZdYUZBShXzsQs_HdRKLMSxhtWunAe-5kUgGA29ODmIzZ_hhPjWC5HuIlqtJzVXIrn2L03tK02hZelB73xPuM58kL8k... 102 KB
102 KB 835ms
758ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfLyiVZXvMrBHyuEq47JLA81FS2vagk65_IMYmVW2j2EXr_L90po3XxmZdYUZBShXzsQs_HdRKLMSxhtWunAe-5kUgGA29ODmIzZ_hhPjWC5HuIlqtJzVXIrn2L03tK02hZelB73xPuM58kL8kIba_ukthQdnOZ7Rak3wUhelCUmjRAW4qPrc2e_Djcg/w497-h362/hentai%20bdsm%20art%20II.jpg

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

7de3906957c286b158284191c0d7228957baef90490685ebd84776ba7b0df062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v5b1"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hentai bdsm art II.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104146
x-xss-protection: 0
expires: Mon, 27 Feb 2023 21:40:49 GMT

GET
H2 200 21023651.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEii9RLLS319icnVnGQuGoUwzcG3_YpO_mzCJm558Twla4PW1dBYFU_301wB83bL_R2rBv2GaAoVdrEW1pnkC5QOdGsldepMJ484C11PgnhviAR4Ge-ypXm1whlFstccpy0dZFcnHIoYeR4jzTwe... 12 MB
12 MB 3621ms
3545ms Image
image/gif 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEii9RLLS319icnVnGQuGoUwzcG3_YpO_mzCJm558Twla4PW1dBYFU_301wB83bL_R2rBv2GaAoVdrEW1pnkC5QOdGsldepMJ484C11PgnhviAR4Ge-ypXm1whlFstccpy0dZFcnHIoYeR4jzTwewQDch82NT3Am1aG7qeMTZ83KtAlZ4kMpIR2M6UxWlw/w400-h225/21023651.gif

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

df603a9a7f6d225acca2ec9cc6b3c7a82d52f60c4e69465e9abebab6db725b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v5a9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="21023651.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12556046
x-xss-protection: 0
expires: Mon, 27 Feb 2023 21:40:52 GMT

GET
H2 200 WA-Groups.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh96nXC4WQlFWHQ-miNIpYdrZFw3UjtIcdh4TTpJQCLLFpiNl05DIhmXOjQAJyVR0LwE6Cs1d1TOuY0vKrq9vYJS0jEqeLJ06bVAsHZeeYx3l9_-H7GiFW5N250SiEqTnfuu0_-DsTHJZJfseEF... 5 KB
5 KB 720ms
644ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh96nXC4WQlFWHQ-miNIpYdrZFw3UjtIcdh4TTpJQCLLFpiNl05DIhmXOjQAJyVR0LwE6Cs1d1TOuY0vKrq9vYJS0jEqeLJ06bVAsHZeeYx3l9_-H7GiFW5N250SiEqTnfuu0_-DsTHJZJfseEFKehzGOBbkUQWpZtw29UQ5bKvwy5jv4rW4jq-Q_zX2A/w147-h147/WA-Groups.jpg

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

63739f52e260bedf21fa774c0f8d7dd57076adae96bf2ebaf43d7a9d6d294db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v53d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WA-Groups.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4675
x-xss-protection: 0
expires: Mon, 27 Feb 2023 21:40:49 GMT

GET
H2 200 depositphotos_85032710-stock-illustration-xxx-vector-logo-of-women.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUhT48TNnNd9c-ayD1y9ArRKHHY20jkIUx3wl0HT2bAgvtA0png7M2ZX1CRoNNFjasHCL-RfWULoPIsSsQKcW2n18ZKd9VtqRC0YpCzVUNwt2y4jJGQy9Fbx8ntkkf8QFyKMzDNirLy7U37cAI... 3 KB
4 KB 701ms
625ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUhT48TNnNd9c-ayD1y9ArRKHHY20jkIUx3wl0HT2bAgvtA0png7M2ZX1CRoNNFjasHCL-RfWULoPIsSsQKcW2n18ZKd9VtqRC0YpCzVUNwt2y4jJGQy9Fbx8ntkkf8QFyKMzDNirLy7U37cAITqS9FpWOB4lP6oP92W6zqyPKbEtO/w100/depositphotos_85032710-stock-illustration-xxx-vector-logo-of-women.jpg

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

fife /

Resource Hash

48dbd2c763d739e9798f5badffe73f00bc8306733c5ae1b066a868cd32f493b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v462"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="depositphotos_85032710-stock-illustration-xxx-vector-logo-of-women.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
expires: Mon, 27 Feb 2023 21:40:49 GMT

GET
H2 200 976584016-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 17 KB
18 KB 140ms
44ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/976584016-comment_from_post_iframe.js

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

2bba036d27948ede7fad38a33790a10fda10c36768cf985cebdaa6cc931636b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 02:06:11 GMT
x-content-type-options: nosniff
age: 329677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17841
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 01:53:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 23 Feb 2024 02:06:11 GMT

GET
H2 200 223454216154046 Show response
form.jotform.com/jsform/ 63 KB
16 KB 258ms
157ms Script
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/jsform/223454216154046
Requested by: Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2.1 /
Resource Hash: bd5dd2a0aeb63daa424e5d5cddc04e742ce79296a1a7f568d333f1e779eea21f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
cache-hit: 1
via: 1.1 google
server: CacheX v2.1
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 142ms
44ms Script
text/javascript 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Feb 2024 20:13:24 GMT

GET
H2 200 cookienotice.js Show response
wa--groups.blogspot.com/js/ 6 KB
2 KB 53ms
52ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wa--groups.blogspot.com/js/cookienotice.js

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/2023/01/httpschat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2026
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 19:52:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 05 Mar 2023 21:40:48 GMT

GET
H2 200 3455050996-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 45ms
44ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3455050996-widgets.js

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

8949bc9ccc884e72a4e01641de6d291b7a41110106c790b1ed95332a58dacfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 02:06:11 GMT
x-content-type-options: nosniff
age: 329677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157235
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 01:53:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 23 Feb 2024 02:06:11 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 141ms
141ms Stylesheet
text/css 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3651721677125607820&zx=c24c7ba2-e855-44d9-bcb6-8bbbcd7f3d2f

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 26 Feb 2023 21:40:48 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 httpschat.html
wa--groups.blogspot.com/2023/01/ 6 KB
6 KB 224ms
224ms Image
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wa--groups.blogspot.com/2023/01/httpschat.html

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/2023/01/httpschat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 05 Feb 2023 03:20:19 GMT
server: GSE
etag: W/"1d07149d89803162ea6919cd70c3b454daa55c2c85b2cb23a5cc3a2d428dd086"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55780
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 21:40:48 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 182ms
86ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 10:49:32 GMT
x-content-type-options: nosniff
age: 211876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:49:32 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 102ms
70ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 752
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 14229694c9f3ffc077e39b6492aa0f69
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 79fbd75cee3e35d6-WAW
cdn-requestpullsuccess: True

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 198ms
104ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:41:28 GMT
x-content-type-options: nosniff
age: 255560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 22:41:28 GMT

GET xvhmhRSK
mega.nz/embed/ Frame A0ED 0
0

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 127ms
44ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 13:43:07 GMT
x-content-type-options: nosniff
age: 115061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Feb 2024 13:43:07 GMT

GET 3651721677125607820
www.blogger.com/comment/frame/ Frame E1E7 0
0

GET
H2 200 default.css
cdn.jotfor.ms/stylebuilder/ Frame D610 273 KB
52 KB 127ms
47ms Stylesheet
text/css 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93001afd6e2985ccbd6122e8bb622ab1857e7cad70e9ab187b3dbd811f4d14bf

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 221087
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Fri, 24 Feb 2023 08:15:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-form-cache: MISS-APP
cf-ray: 79fbd75d9a24bf44-WAW
expires: Thu, 01 Jan 1970 00:00:01 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 223454216154046.css
cdn.jotfor.ms/stylebuilder/ Frame D610 41 KB
9 KB 300ms
220ms Stylesheet
text/css 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/223454216154046.css?themeID=639941db613766581880042f
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b67cda6edd0f527970455ccc0fa2ce4b9024aedf8de377649f58dee0a1bfad0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Sun, 26 Feb 2023 21:40:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=3600
x-form-cache: MISS-APP
cf-ray: 79fbd75d9a25bf44-WAW
expires: Thu, 31 Dec 2037 23:55:55 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.12.1/ Frame D610 55 KB
17 KB 141ms
45ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.12.1/bundle.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wa--groups.blogspot.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 04 Feb 2020 11:19:05 GMT
server: Fastly
age: 11377978
etag: "1c5228c89d281d08aa0ce908f582609a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17201
expires: Wed, 18 Oct 2023 05:07:51 GMT

GET
H2 200 prototype.forms.js Show response
cdn01.jotfor.ms/static/ Frame D610 126 KB
33 KB 125ms
46ms Script
application/x-javascript 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.37986
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 18:53:04 GMT
server: cloudflare
age: 176511
etag: W/"63f90790-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 79fbd75d9fa135d9-WAW
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn02.jotfor.ms/static/ Frame D610 552 KB
145 KB 115ms
37ms Script
application/x-javascript 172.67.7.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.37986
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.7.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bab0f6af2f9b2e30ff55ff3574d96611cd4b4d672a692c7b94c2907dbe6e175

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 18:53:05 GMT
server: cloudflare
age: 176511
etag: W/"63f90791-89f7b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 79fbd75d9f07bfe1-WAW
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame D610 14 KB
5 KB 112ms
34ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2701473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4177
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1csvlmc1TlEEO0odk5YQn8FcBjwMpXmlbzJZErqUCLELDi3O4PSG1zZq20FQSJHz%2BNHAU5QNaavQNe%2BXmgekkEvLReRHQlmjZldQO7pjT%2FW%2BnwV0e63nNtkZALzK%2F9VO1GruDtyg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79fbd75d9ad6bf7e-WAW
expires: Fri, 16 Feb 2024 21:40:48 GMT

GET
H2 200 paypal.js Show response
cdn03.jotfor.ms/js/ Frame D610 5 KB
2 KB 269ms
192ms Script
application/x-javascript 172.67.7.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/paypal.js?v=3.3.37986
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.7.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9267a498f08f8c7c39c0e5a95014a9a5c28210ab560d6a687b514290f819ee

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-static: 2
date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
server: cloudflare
etag: W/"637f61f8-1596"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
cf-ray: 79fbd75d9f9cbff3-WAW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 postMessage.js Show response
js.jotform.com/vendor/ Frame D610 6 KB
2 KB 271ms
193ms Script
application/x-javascript 104.23.134.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/vendor/postMessage.js?3.3.37986
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sun, 26 Feb 2023 21:40:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Feb 2022 10:51:54 GMT
server: cloudflare
etag: W/"61fa624a-16bd"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 79fbd75d99cafc6f-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-static: 1

GET
H2 200 WidgetsServer.js Show response
js.jotform.com/ Frame D610 31 KB
10 KB 279ms
201ms Script
application/x-javascript 104.23.134.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/WidgetsServer.js?v=1670990713692
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2afef7b5f058e3840be2e536f575ab3c8bc2f41c930d29d021b14d71ca1630

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sun, 26 Feb 2023 21:40:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Nov 2022 15:13:49 GMT
server: cloudflare
etag: W/"637e38ad-7a31"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 79fbd75d99cbfc6f-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-static: 1

GET
H2 200 jotform-logo-white.svg
cdn.jotfor.ms/assets/img/logo2021/ Frame D610 3 KB
2 KB 118ms
41ms Image
image/svg+xml 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/logo2021/jotform-logo-white.svg
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ef4eafabf7a2b5302f526b1d31da0505f0a002a94fc8eedf8950e35f8e73d7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 2633887
last-modified: Wed, 02 Feb 2022 06:49:14 GMT
server: cloudflare
etag: W/"61fa296a-b90"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 79fbd75d9a27bf44-WAW
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

WA-Groups.63975a0617f6b3.70149199.jpg
files.jotform.com/jufs/soysrmoji/form_files/ Frame D610
Redirect Chain

https://www.jotform.com/uploads/soysrmoji/form_files/WA-Groups.63975a0617f6b3.70149199.jpg
https://files.jotform.com/jufs/soysrmoji/form_files/WA-Groups.63975a0617f6b3.70149199.jpg?md5=SFMoT6GCXNlj9zxueKmDfw&expires=1677447658

75 KB
75 KB

253ms
154ms

Image
application/octet-stream

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/soysrmoji/form_files/WA-Groups.63975a0617f6b3.70149199.jpg?md5=SFMoT6GCXNlj9zxueKmDfw&expires=1677447658
Requested by: Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 2135a6148207d01c66b707cca6a0d131bcd31964b64dacb000708007ee65c1fa

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
via: 1.1 google
access-control-allow-methods: OPTIONS, GET
content-type: application/octet-stream
access-control-allow-origin: *
content-disposition: attachment; filename="WA-Groups.63975a0617f6b3.70149199.jpg"
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Sun, 26 Feb 2023 21:40:49 GMT
strict-transport-security: max-age=600000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Sun, 26 Feb 2023 21:40:48 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/soysrmoji/form_files/WA-Groups.63975a0617f6b3.70149199.jpg?md5=SFMoT6GCXNlj9zxueKmDfw&expires=1677447658
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 79fbd75d9ebb34bc-WAW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ajax-loader.gif
cdn.jotfor.ms//images/ Frame D610 2 KB
2 KB 121ms
45ms Image
image/gif 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms//images/ajax-loader.gif
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
server: cloudflare
age: 2253632
etag: "637f61f8-739"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 79fbd75d9a28bf44-WAW
content-length: 1849
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 for-cardform-js.js Show response
cdn.jotfor.ms/s/umd/latest/ Frame D610 434 KB
116 KB 152ms
76ms Script
application/x-javascript 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/s/umd/latest/for-cardform-js.js?4.2
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60354e8e12b8396b7253a4196a30dbba3be391bff38bb6a7f7a46439f80ec534

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:48 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 07 Dec 2022 18:21:32 GMT
server: cloudflare
age: 7027404
etag: W/"6390d9ac-6c946"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
cf-ray: 79fbd75d9a26bf44-WAW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ownerView.php Show response
www.jotform.com/ Frame D610 0
249 B 252ms
175ms Script
text/html 104.23.133.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/ownerView.php?id=223454216154046
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.133.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 79fbd75d9ebd34bc-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 for-formuser.js Show response
cdn.jotfor.ms/s/umd/b8b49114c8d/ Frame D610 2 MB
352 KB 527ms
450ms Script
text/javascript 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/s/umd/b8b49114c8d/for-formuser.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/223454216154046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711ecd3b0127eebc6baf0e0ee129f7f697d29c9b384914136bf166aedd26fe18

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 13 Dec 2022 16:49:36 GMT
x-store: gcs
server: cloudflare
etag: W/"5440d5d043e6830bff02b5e4a9837712"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79fbd75d9a29bf44-WAW
expires: Sun, 26 Feb 2023 22:40:49 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 147ms
48ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

65b64c484e99a5d51d4c5833344ed093726435dff74e19f6775964a543b34df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 21:40:49 GMT
content-md5: 99HHWo5Zt9CylpnbSz2xMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 7Y785K6ymWatR257MoSIZxkMwND5MYi51yF6E9ZAPYBaKUU39kQbqN6n8zbspMdUJ0wz5hpFo0OOsC2vN0PYlA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 72bdc6b9f6444aee95668e17ff431f1b
cross-origin-opener-policy: same-origin-allow-popups
etag: "8ce801624c0d406ccbeee0e285a64864"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 26 Feb 2023 21:52:31 GMT

GET
H3 200 httpschat.html Show response
wa--groups.blogspot.com/2023/01/ 332 KB
55 KB 755ms
755ms XHR
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wa--groups.blogspot.com/2023/01/httpschat.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

GSE /

Resource Hash

722294202f5228a7c8162f7d76cb0adfdd997e11db0e0eadb545b26b8694e248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://wa--groups.blogspot.com/2023/01/httpschat.html
X-Requested-With: XMLHttpRequest
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 05 Feb 2023 03:20:19 GMT
server: GSE
etag: W/"1d07149d89803162ea6919cd70c3b454daa55c2c85b2cb23a5cc3a2d428dd086"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55780
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 21:40:49 GMT

GET
H3 200 httpschat.html Show response
wa--groups.blogspot.com/2023/01/ 332 KB
55 KB 933ms
933ms XHR
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wa--groups.blogspot.com/2023/01/httpschat.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

GSE /

Resource Hash

722294202f5228a7c8162f7d76cb0adfdd997e11db0e0eadb545b26b8694e248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://wa--groups.blogspot.com/2023/01/httpschat.html
X-Requested-With: XMLHttpRequest
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 05 Feb 2023 03:20:19 GMT
server: GSE
etag: W/"1d07149d89803162ea6919cd70c3b454daa55c2c85b2cb23a5cc3a2d428dd086"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55780
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 21:40:49 GMT

GET
H/1.1 200
OK xvhmhRSK Show response
mega.nz/embed/ Frame 155A 2 KB
2 KB 147ms
47ms Document
text/html 66.203.127.18
MEGA

General

Check archive.org

Show headers Download Go to

Full URL

https://mega.nz/embed/xvhmhRSK

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

66.203.127.18 , New Zealand, ASN205809 (MEGA, NZ),

Reverse DNS

Software

Resource Hash

84afae61acc2428b6ac25fc30f2acb0d1f59e53723a4c8818ce64e352aad2ff1

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wa--groups.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 800
Content-Security-Policy: default-src 'self' data: blob: *.mega.co.nz *.mega.nz *.mega.io http://*.mega.co.nz http://*.mega.nz http://*.mega.io wss://*.karere.mega.nz wss://*.sfu.mega.co.nz *.karere.mega.nz:1380 http://127.0.0.1:6341 localhost.megasyncloopback.mega.nz:6342; script-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob:; style-src 'self' 'unsafe-inline' *.mega.co.nz *.mega.nz *.mega.io data: blob:; frame-src 'self' *.megapay.nz mega: *.megaad.nz https://mega.nz/ https://mega.io/; img-src 'self' *.mega.co.nz *.mega.nz *.mega.io data: blob: mega.nz
Content-Type: text/html
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Robots-Tag: noindex

GET
H3 200 3651721677125607820 Show response
www.blogger.com/comment/frame/ Frame D243 73 KB
18 KB 75ms
75ms Document
text/html 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

ESF /

Resource Hash

0d973b8c5048f23c0be32685fe9f4a7000b2728a70b4484a18aac964f6b88e88

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-LeAPiXlLZ4v_7QetO_XjIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wa--groups.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-LeAPiXlLZ4v_7QetO_XjIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 26 Feb 2023 21:40:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 default Show response
wa--groups.blogspot.com/feeds/posts/ 2 KB
736 B 395ms
394ms XHR
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wa--groups.blogspot.com/feeds/posts/default?max-results=4&start-index=4&alt=json-in-script&callback=jQuery112409378622439620594_1677447648813&_=1677447648814

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

blogger-renderd /

Resource Hash

f45b8a36862b2969288a6d48def0cdf43c5e60744d398157370ad96306a3d53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://wa--groups.blogspot.com/2023/01/httpschat.html
X-Requested-With: XMLHttpRequest
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 05 Feb 2023 03:20:19 GMT
server: blogger-renderd
etag: W/"78391217072942ead7137ca3967e3516ec36f6191ef43e62172e900e2dd01b15"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 714
x-xss-protection: 0
expires: Sun, 26 Feb 2023 21:40:50 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 430ms
429ms Stylesheet
text/css 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3651721677125607820&zx=c24c7ba2-e855-44d9-bcb6-8bbbcd7f3d2f

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 26 Feb 2023 21:40:49 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame D243 0
26 B 59ms
59ms Other
text/html 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-H8tQjmEQjKm33eqxYsQZIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-H8tQjmEQjKm33eqxYsQZIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/am=mOMACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP0vBRE7r9PAZNP2oOP57vIVa5jAPw/ Frame D243 181 KB
64 KB 44ms
43ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/am=mOMACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP0vBRE7r9PAZNP2oOP57vIVa5jAPw/m=_b,_tp,_r

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

d61de203ec0c30e3c45536a69514f20c42d521d74c4e61e933c721b313889649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65182
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 03:30:01 GMT

GET
H/1.1 200
OK secureboot.js Show response
mega.nz/ Frame 155A 207 KB
60 KB 54ms
53ms Script
text/javascript 66.203.127.18
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://mega.nz/secureboot.js?r=1677203030
Requested by: Host: mega.nz
URL: https://mega.nz/embed/xvhmhRSK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.203.127.18 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: /
Resource Hash: 7bf53bd00afe5b1998b66390f478b56a4fc6f9538a1539cae0dfba17f9556b0b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/embed/xvhmhRSK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Content-Length: 61007
Expires: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 95ms
46ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=799f6770eae39d04dc592b552f9a4e05

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

58bdcb58cd16d05edca75b7f96a4b6847826e76fbc30e216422c2fc5d354b9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wa--groups.blogspot.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 21:40:49 GMT
content-md5: Qz7N1ycelOSM8B2Mfb1RzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87014
x-fb-rlafr: 0
x-fb-debug: 2EmwxS4tbpF+i1svXJGIc3tqVNK6v0MQSxVFIkBqtNtAoeTpoPO7VPZJTLNHbZtYvoNamlTX2F+wlcmKQNrlrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1ee7d051a7360e104e1691a323206dc3
cross-origin-opener-policy: same-origin-allow-popups
etag: "86bbb57ab83488ff743c6995301a0477"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Feb 2024 20:31:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D610 12 KB
965 B 53ms
52ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Requested by

Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/223454216154046.css?themeID=639941db613766581880042f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cdn.jotfor.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 21:25:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 21:40:49 GMT

GET
BLOB 200
OK ab07891e-46e1-4f76-ba8e-87f92585f3cf Show response
https://mega.nz/ Frame 155A 28 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/ab07891e-46e1-4f76-ba8e-87f92585f3cf
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8580c21984ea06cc3b42d1feae90eefc14605b24fc35c8edf1a7982295204d7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 28398
Content-Type: text/javascript

GET
BLOB 200
OK c3f8df1e-0134-40f4-8917-2b8c3c94ff68
https://mega.nz/ Frame 155A 28 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/c3f8df1e-0134-40f4-8917-2b8c3c94ff68
Requested by: Host: mega.nz
URL: https://mega.nz/embed/xvhmhRSK
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1346beb5d9d9934e4ea1f6ca4f7b6ccf056e16d0152667c67acead14a1e5c4ef

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 28675
Content-Type: text/javascript

GET
BLOB 200
OK c3f8df1e-0134-40f4-8917-2b8c3c94ff68
https://mega.nz/ Frame 155A 28 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/c3f8df1e-0134-40f4-8917-2b8c3c94ff68
Requested by: Host: mega.nz
URL: https://mega.nz/embed/xvhmhRSK
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1346beb5d9d9934e4ea1f6ca4f7b6ccf056e16d0152667c67acead14a1e5c4ef

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 28675
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame D610 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D610 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D610 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D610 15 KB
15 KB 44ms
43ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 591103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Feb 2024 01:29:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D610 15 KB
15 KB 49ms
48ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 228099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 06:19:10 GMT

GET
H2 200 cart-shopping-filled.svg
cdn.jotfor.ms/assets/img/cardforms/ Frame D610 2 KB
977 B 41ms
41ms Image
image/svg+xml 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/cardforms/cart-shopping-filled.svg
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b4d569b98136a29f3419ff5cd161c55a570eb8f25ad6d9f360bf7849d34a4c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 125576
last-modified: Thu, 24 Nov 2022 17:54:55 GMT
server: cloudflare
etag: W/"637fafef-6e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 79fbd7605c74bf44-WAW
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pagination-left.svg
cdn.jotfor.ms/assets/img/cardforms/ Frame D610 2 KB
827 B 43ms
43ms Image
image/svg+xml 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/cardforms/pagination-left.svg
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8012e087bb535299f2dfde5bf0cd2bc27303c028331293abeeb56dd9083ac448

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 1947880
last-modified: Wed, 02 Feb 2022 06:49:14 GMT
server: cloudflare
etag: W/"61fa296a-619"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 79fbd7605c76bf44-WAW
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pagination-right.svg
cdn.jotfor.ms/assets/img/cardforms/ Frame D610 1 KB
828 B 41ms
41ms Image
image/svg+xml 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/cardforms/pagination-right.svg
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a6d3b954c82035c983486fce8a18699918d54679adbefbfe1bd82a48951142

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 7648097
last-modified: Wed, 02 Feb 2022 06:49:14 GMT
server: cloudflare
etag: W/"61fa296a-5e3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 79fbd7605c77bf44-WAW
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D610 15 KB
16 KB 43ms
43ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wa--groups.blogspot.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 216178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 09:37:51 GMT

GET
BLOB 200
OK 69dc8e5a-4f12-4ef8-965e-bfa575a080c0 Show response
https://mega.nz/ Frame 155A 176 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/69dc8e5a-4f12-4ef8-965e-bfa575a080c0
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 616c821b9e500c6e9a78b08f1cac275539429169c7494c5829885817083fd6eb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 176
Content-Type: text/javascript

GET
H3 200 S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v23/ Frame D243 59 KB
30 KB 44ms
44ms Font
font/ttf 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30418
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Feb 2024 21:06:33 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,laz... Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformi... Frame D243 278 KB
99 KB 44ms
43ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3hWH9HOj8nx5dkI_o1we1X2F2geA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;NSEoX:lazG7b;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,Z5uLle,I6YDgd,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,ZDqTJc,Uas9Hd,eD1YLc,A7fCU,pjICDe

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/am=mOMACAQ/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP0vBRE7r9PAZNP2oOP57vIVa5jAPw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

ab1eab7cab590276bf7c7a89ba0eaf1c6a0a94babae80e01d98d4d5c4770948d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101484
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 03:30:02 GMT

GET
H2 200 en_981595ab28bc22743536887a10523ad2516badf8bbb2dac503bfc720bbb2448a.json Show response
eu.static.mega.co.nz/4/lang/ Frame 155A 271 KB
78 KB 200ms
91ms XHR
application/json 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/lang/en_981595ab28bc22743536887a10523ad2516badf8bbb2dac503bfc720bbb2448a.json
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: 981595ab28bc22743536887a10523ad2516badf8bbb2dac503bfc720bbb2448a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:18 GMT
server: nginx
etag: "63f817da-13754"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 79700

GET
H2 200 mega-19_cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7.js Show response
eu.static.mega.co.nz/4/js/ Frame 155A 509 KB
141 KB 247ms
138ms XHR
application/javascript 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/js/mega-19_cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7.js
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:20 GMT
server: nginx
etag: "63f817dc-23319"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 144153

GET combinedinfo
api.jotform.com/formuser/223454216154046/ Frame D610 0
0

GET
H3 200 m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkR... Frame D243 73 KB
25 KB 44ms
43ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WzT7ae,XVMNvd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3hWH9HOj8nx5dkI_o1we1X2F2geA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;NSEoX:lazG7b;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,YwHGTd,i6Ko2d,pxq3x,fgj8Rb,XvDhNc,fgib1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

fd27b69120ef894e15b20896762d10cc6db7b5aea291cdf2d0dd58165917a192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25640
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 03:30:11 GMT

GET
H3 200 m=RqjULd Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ... Frame D243 12 KB
4 KB 43ms
43ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WzT7ae,XVMNvd,XvDhNc,YwHGTd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3hWH9HOj8nx5dkI_o1we1X2F2geA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;NSEoX:lazG7b;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

af72a3591f85caf0e2fe6d2d62524972ec7d37e4d671502942867cce69798e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4505
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 03:30:11 GMT

GET
H3 200 m=bm51tf Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ... Frame D243 1 KB
711 B 43ms
43ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WzT7ae,XVMNvd,XvDhNc,YwHGTd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3hWH9HOj8nx5dkI_o1we1X2F2geA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;NSEoX:lazG7b;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

f378fab2ded63f9716d414e5004420a8e2a1388526df324e8a608589951bae66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 685
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 03:30:11 GMT

GET
H2 200 mega-20_1e9e2d5d43d7fa8028dbe7ed14f4938407646b7373a69024df2b577cd5c56fd9.js Show response
eu.static.mega.co.nz/4/js/ Frame 155A 406 KB
95 KB 53ms
53ms XHR
application/javascript 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/js/mega-20_1e9e2d5d43d7fa8028dbe7ed14f4938407646b7373a69024df2b577cd5c56fd9.js
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: 1e9e2d5d43d7fa8028dbe7ed14f4938407646b7373a69024df2b577cd5c56fd9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:23 GMT
server: nginx
etag: "63f817df-17c61"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 97377

GET
H2 200 videostream_ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9.js Show response
eu.static.mega.co.nz/4/js/vendor/ Frame 155A 277 KB
63 KB 47ms
46ms XHR
application/javascript 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/js/vendor/videostream_ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9.js
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:22 GMT
server: nginx
etag: "63f817de-fb94"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 64404

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame D243 1 KB
990 B 149ms
54ms Script
text/javascript 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3hWH9HOj8nx5dkI_o1we1X2F2geA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;NSEoX:lazG7b;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,WzT7ae,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,S2r0ad,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,Z5uLle,I6YDgd,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,ZDqTJc,Uas9Hd,eD1YLc,A7fCU,pjICDe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

9a64702240eaab3f72e6617619aea8e91c9f6165c7fa1c1bfd66d537f277e28f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 670
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 21:40:49 GMT

GET
H2 200 embedplayer.html-postbuild_9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e.html Show response
eu.static.mega.co.nz/4/html/ Frame 155A 5 KB
2 KB 46ms
46ms XHR
text/html 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/html/embedplayer.html-postbuild_9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e.html
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: 9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:23 GMT
server: nginx
etag: "63f817df-5a4"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1444

GET
H2 200 embedplayer.css-postbuild_80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6.css Show response
eu.static.mega.co.nz/4/css/ Frame 155A 21 KB
5 KB 58ms
57ms XHR
text/css 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/css/embedplayer.css-postbuild_80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6.css
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: 80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:23 GMT
server: nginx
etag: "63f817df-119c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 4508

GET
H2 200 asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js Show response
eu.static.mega.co.nz/4/js/vendor/ Frame 155A 433 KB
49 KB 53ms
53ms XHR
application/javascript 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/js/vendor/asmcrypto_9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7.js
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: 9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:50:22 GMT
server: nginx
etag: "63f817de-c262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 49762

GET
BLOB 200
OK 74773521-5578-4c01-91e3-b162e57473a0
https://mega.nz/ Frame 155A 21 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/74773521-5578-4c01-91e3-b162e57473a0
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af63c65f28e9dcc0b8bef6f01be30270b4408f46f5d86399a0e2f0c116dcadca

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 21341
Content-Type: text/css

GET
BLOB 200
OK 1db624be-43b3-4941-a290-346a3b7ef3b5 Show response
https://mega.nz/ Frame 155A 2 MB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/1db624be-43b3-4941-a290-346a3b7ef3b5
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda8cbe28acd90c90391a9fdfb0f0444300ccc676c490503da268603ead8e88e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 1664111
Content-Type: text/javascript

GET
H2 200 lato-regular-ie.woff2
eu.static.mega.co.nz/4/fonts/ Frame 155A 139 KB
139 KB 47ms
47ms Font
font/woff2 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.static.mega.co.nz/4/fonts/lato-regular-ie.woff2?v=2aaea217993c48e0
Requested by: Host: mega.nz
URL: blob:https://mega.nz/74773521-5578-4c01-91e3-b162e57473a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: ab73d700946a2bb3ab20198c4af443b85bd72da201b92cbcd3882d1b4228c136

Request headers

Referer
Origin: https://mega.nz
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 01:44:31 GMT
server: nginx
etag: W/"63f8167f-22d98"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D243 409 KB
163 KB 139ms
44ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__pl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

356ea314af320c2f5ef63fbd0c90e6d83e250eefe3503e1943ecf0a6800e3d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
Origin: https://www.blogger.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166439
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 17:16:08 GMT

POST
H/1.1 200
OK cs Show response
g.api.mega.co.nz/ Frame 155A 99 B
433 B 158ms
51ms XHR
application/json 66.203.125.12
MEGA-LIMITED-AS M...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.api.mega.co.nz/cs?id=0&domain=meganz&v=2&lang=en
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.203.125.12 Bettembourg, Luxembourg, ASN203055 (MEGA-LIMITED-AS Mega Limited, LU),
Reverse DNS: bt2.api.mega.co.nz
Software: /
Resource Hash: 900e9bbf8f73351b20942b7d4340bb6a49800c92c7084cdcd0adc28c1e96d383

Request headers

Referer: https://mega.nz/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Max-Age: 86400
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Original-Content-Length
Cache-Control: no-store
Original-Content-Length: 99
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Content-Length: 99

POST
H/1.1 200
OK cs Show response
g.api.mega.co.nz/ Frame 155A 200 B
536 B 160ms
53ms XHR
application/json 66.203.125.12
MEGA-LIMITED-AS M...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.api.mega.co.nz/cs?id=0&domain=meganz&v=2&lang=en
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.203.125.12 Bettembourg, Luxembourg, ASN203055 (MEGA-LIMITED-AS Mega Limited, LU),
Reverse DNS: bt2.api.mega.co.nz
Software: /
Resource Hash: 6c83d0e2b12a8efe4d9f5e8d7e0f11c52ff682d007db9f4cf988a2ceeecdfff4

Request headers

Referer: https://mega.nz/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Max-Age: 86400
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Original-Content-Length
Cache-Control: no-store
Original-Content-Length: 200
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Content-Length: 200

GET
H2 200 ajax-loader.gif
cdn.jotfor.ms//images/ Frame D610 2 KB
2 KB 35ms
35ms Image
image/gif 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms//images/ajax-loader.gif
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/s/umd/latest/for-cardform-js.js?4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:50 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
server: cloudflare
age: 2253634
etag: "637f61f8-739"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 79fbd76618e7bf44-WAW
content-length: 1849
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 /
events.jotform.com/jsform/223454216154046/ Frame D610 0
209 B 175ms
166ms Image
text/plain 104.23.134.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/jsform/223454216154046/?ref=https%253A%252F%252Fwa--groups.blogspot.com%252F2023%252F01%252Fhttpschat.html&res=1600x1200&eventID=1677447650266_223454216154046_DeP4LT8_bf&loc=https%253A%252F%252Fwa--groups.blogspot.com%252F2023%252F01%252Fhttpschat.html
Requested by: Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wa--groups.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 21:40:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Sun, 26 Feb 2023 16:40:50 GMT
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 79fbd76649f8fc6f-WAW
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
widgets.jotform.io/checklist/ Frame 5799 1 KB
1004 B 237ms
165ms Document
text/html 172.67.71.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
Requested by: Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c844c5cf1097bdf97536e18e21b11c3d8f3a507026a6a3b92aa79cbc2ea0d8b

Request headers

Referer: https://wa--groups.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: max-age=315360000 public
cf-cache-status: DYNAMIC
cf-ray: 79fbd766b97834dc-WAW
content-encoding: br
content-type: text/html
date: Sun, 26 Feb 2023 21:40:50 GMT
etag: W/"63d27c2d-4a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 26 Jan 2023 13:12:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BmlqweBYiatZinHqy%2FnOETWvkuAEqX9%2BhItyBDX54xXutxccrFBbSTsk%2FoxLGp72izIuoAc05K%2BlMohGqxUAmRYkPs6tsCY5s7kw1fmEl58GtXqxtZwK3QDLCqHJ7iJ%2FHjKzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-static: 1

GET
BLOB 200
OK 98039039-01be-4e43-a77c-66c2e83ce275 Show response
https://mega.nz/ Frame 155A 37 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/98039039-01be-4e43-a77c-66c2e83ce275
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e884b248bc8fd99426b98c9e2b0347d64a1d76e0cbed818a7ed42a09afa75b4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 37
Content-Type: text/javascript

GET
BLOB 200
OK 16ee5a0f-66ec-4aac-8c0a-9bc94e4ac383 Show response
https://mega.nz/ Frame 155A 73 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://mega.nz/16ee5a0f-66ec-4aac-8c0a-9bc94e4ac383
Requested by: Host: mega.nz
URL: https://mega.nz/secureboot.js?r=1677203030
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faade5384f10ce8bb1ff7428682f6f67d7f880411e370b8696ddd1364476116a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 73
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame 155A 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 155A 302 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f64d7eaace74a4d3595dbc512ed813c9df8f09423782c927081406fc5b0783

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 mega-embed-sprite.902b897b1ac00ca0.png
eu.static.mega.co.nz/4/imagery/ Frame 155A 3 KB
3 KB 140ms
46ms Image
image/png 66.203.127.11
MEGA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.static.mega.co.nz/4/imagery/mega-embed-sprite.902b897b1ac00ca0.png
Requested by: Host: mega.nz
URL: blob:https://mega.nz/74773521-5578-4c01-91e3-b162e57473a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.203.127.11 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: nginx /
Resource Hash: 2e900f1a0971b51b43c28603af05d291f07332e9bcdc01d38e5840fcd187bf51

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:50 GMT
last-modified: Fri, 24 Feb 2023 01:44:31 GMT
server: nginx
etag: "63f8167f-aef"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2799

POST
H/1.1 200
OK cs Show response
g.api.mega.co.nz/ Frame 155A 26 KB
11 KB 60ms
60ms XHR
application/json 66.203.125.12
MEGA-LIMITED-AS M...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.api.mega.co.nz/cs?id=-482566526&&domain=meganz&v=2&lang=en
Requested by: Host: mega.nz
URL: blob:https://mega.nz/1db624be-43b3-4941-a290-346a3b7ef3b5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.203.125.12 Bettembourg, Luxembourg, ASN203055 (MEGA-LIMITED-AS Mega Limited, LU),
Reverse DNS: bt2.api.mega.co.nz
Software: /
Resource Hash: d45f7b62d095ba79d5af82e8a0570f1ae1b1317b707ead0ff266aa5d42c12276

Request headers

Referer: https://mega.nz/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Content-Encoding: gzip
Access-Control-Max-Age: 86400
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Original-Content-Length
Cache-Control: no-store
Original-Content-Length: 26433
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Content-Length: 10610

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1C74 46 KB
25 KB 61ms
60ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=pl&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=ykux0v1drxxl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

cdab69d1af607e467b4a5d2d0c00066b96f2e7166dfd5a2512fac6d5ae96c8d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MwoNwG28m0lpjrdaNofVFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25586
content-security-policy: script-src 'report-sample' 'nonce-MwoNwG28m0lpjrdaNofVFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:40:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK cs Show response
g.api.mega.co.nz/ Frame 155A 123 B
459 B 58ms
58ms XHR
application/json 66.203.125.12
MEGA-LIMITED-AS M...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.api.mega.co.nz/cs?id=-482566525&&domain=meganz&v=2&lang=en
Requested by: Host: mega.nz
URL: blob:https://mega.nz/1db624be-43b3-4941-a290-346a3b7ef3b5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.203.125.12 Bettembourg, Luxembourg, ASN203055 (MEGA-LIMITED-AS Mega Limited, LU),
Reverse DNS: bt2.api.mega.co.nz
Software: /
Resource Hash: 9694572a363b319c31d1f23c1c7cfd3f0921ef4d94c42545abb7c44f16c67569

Request headers

Referer: https://mega.nz/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Max-Age: 86400
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Original-Content-Length
Cache-Control: no-store
Original-Content-Length: 123
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, MEGA-Chrome-Antileak
Content-Length: 123

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 1C74 55 KB
24 KB 133ms
44ms Stylesheet
text/css 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=pl&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=ykux0v1drxxl

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 17:15:24 GMT

GET
H3 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 1C74 409 KB
163 KB 155ms
67ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__pl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

356ea314af320c2f5ef63fbd0c90e6d83e250eefe3503e1943ecf0a6800e3d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166439
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 17:16:08 GMT

POST
H/1.1 200
OK 1 Show response
gfs302n204.userstorage.mega.co.nz/.8URk8_Dwl5FTCgfCjyMyO-7hsqgM3C5udPG5aFzdYCSs6_0c2RN_cbXqNUEPnKH9Drdcnw/ Frame 155A 17 KB
17 KB 519ms
127ms XHR
application/octet-stream 162.208.16.104
MEGA

General

Check archive.org

Show headers Download Go to

Full URL: https://gfs302n204.userstorage.mega.co.nz/.8URk8_Dwl5FTCgfCjyMyO-7hsqgM3C5udPG5aFzdYCSs6_0c2RN_cbXqNUEPnKH9Drdcnw/1
Requested by: Host: mega.nz
URL: blob:https://mega.nz/1db624be-43b3-4941-a290-346a3b7ef3b5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 162.208.16.104 , New Zealand, ASN205809 (MEGA, NZ),
Reverse DNS
Software: /
Resource Hash: 2938d018f8a1fc0a00d7b6c889faa24f0334f7284ed9ef40ffdf2589d63b0946

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://mega.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: MEGA-Chrome-Antileak
Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Content-Type: application/octet-stream

GET
H2 200 styles.min.css
widgets.jotform.io/checklist/min/ Frame 5799 3 KB
1 KB 163ms
161ms Stylesheet
text/css 172.67.71.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/checklist/min/styles.min.css?v=36813c1d63ecfd1dc1ea478145214dff
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff93cc5e62c9b44a1da99d4a965f7252620c95d57ecb187324095f8434a6f5d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sun, 26 Feb 2023 21:40:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 26 Jan 2023 13:12:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d27c2d-a28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRYcbOXDgMYybzeihRUNMPnBOD6BJmzukEv8UH6M0WVRbv%2BwoHzdBjRI%2FakBb5vUCbcJHKOZYtk9acU7qFsfjk6nOOmUNaYL5%2BfuiwL3gJXnA5SGls4byD5vQ4%2F%2BSU1%2FKvYB6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 79fbd767ca5334dc-WAW
x-static: 1

GET
H2 200 JotFormCustomWidget.min.js Show response
js.jotform.com/ Frame 5799 53 KB
20 KB 170ms
169ms Script
application/x-javascript 104.23.134.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/JotFormCustomWidget.min.js
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.134.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720f13c92bf858a2f2ccb505c3eed107f778e98db254d1b46911fc48c86a4634

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sun, 26 Feb 2023 21:40:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Nov 2022 15:13:48 GMT
server: cloudflare
etag: W/"637e38ac-d20f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 79fbd767db51fc6f-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-static: 1

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 5799 88 KB
30 KB 117ms
32ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:50 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1677447650.dop004.wa1.t,1677447650.cds207.wa1.hn,1677447650.cds215.wa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/checklist/min/ Frame 5799 7 KB
3 KB 169ms
168ms Script
application/x-javascript 172.67.71.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/checklist/min/scripts.min.js?v=36813c1d63ecfd1dc1ea478145214dff
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4ccf7de6fadce680185edde78a9c43576928749ee7ca521eab9b98e3830110

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://widgets.jotform.io/checklist/?qid=20&ref=https%3A%2F%2Fwa--groups.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sun, 26 Feb 2023 21:40:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 26 Jan 2023 13:12:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d27c2d-1d8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pS8f%2FzW3cey%2FuEzF3yIVmFoRxsugv89mZmeeLtV6mqwKNOBQ3RXkMRXAM6wGR4%2BG2w3IxXkaTdachQiX%2FVW5Bdu71UZyOe9RPeBb%2F7MXkc30KC8B1R7IsxjcZ3WuwdD3tQWLdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 79fbd767da5434dc-WAW
x-static: 1

GET
H2 200 fontface.css
cdn.jotfor.ms/opt/google-fonts/Roboto/ Frame 5799 12 KB
1003 B 36ms
35ms Stylesheet
text/css 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/opt/google-fonts/Roboto/fontface.css
Requested by: Host: js.jotform.com
URL: https://js.jotform.com/JotFormCustomWidget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278b2f7b4de322279a54f1336f926d5c5402fd82daafc9035f734a22b7a59a3f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-static: 2
date: Sun, 26 Feb 2023 21:40:50 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:22:18 GMT
server: cloudflare
age: 7649454
etag: W/"637f61fa-31c2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
cf-ray: 79fbd7691b4bbf44-WAW
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 223454216154046.widgets.52961c97e3e5266570000004.css
cdn.jotfor.ms/stylebuilder/ Frame 5799 2 KB
778 B 619ms
619ms Stylesheet
text/css 104.22.72.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/223454216154046.widgets.52961c97e3e5266570000004.css
Requested by: Host: js.jotform.com
URL: https://js.jotform.com/JotFormCustomWidget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873cea8dd45cff536b9575170c23c2703cb8f407cb62767bc340ac5d4a5a616a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:51 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Sun, 26 Feb 2023 21:40:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-form-cache: MISS-APP
cf-ray: 79fbd7691b4dbf44-WAW
expires: Thu, 31 Dec 2037 23:55:55 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1C74 2 KB
2 KB 43ms
43ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 08:02:07 GMT
x-content-type-options: nosniff
age: 567523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 27 Feb 2023 08:02:07 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C74 15 KB
15 KB 44ms
44ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 281626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 15:27:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C74 15 KB
15 KB 45ms
45ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 357126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 18:28:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C74 12 KB
12 KB 53ms
53ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 09:06:50 GMT
x-content-type-options: nosniff
age: 390840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 09:06:50 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1C74 102 B
134 B 53ms
52ms Other
text/javascript 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=pl&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

796689fc3c8dc4d06a712dbc77b181f7a8cad177f6cc6fe97a4f7860f9fa1559

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=pl&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=ykux0v1drxxl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 26 Feb 2023 21:40:50 GMT

POST
H3 204 cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 3EBD 0
27 B 69ms
69ms Other
text/html 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/BloggerCommentUi/cspreport

Requested by

Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-PZetMY78UCL5nbaLBe6tZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 26 Feb 2023 21:40:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'report-sample' 'nonce-PZetMY78UCL5nbaLBe6tZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ... Frame D243 6 KB
3 KB 45ms
44ms Script
text/javascript 142.250.186.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.es.Qd0aFjoytUM.es5.O/ck=boq-blogger.BloggerCommentUi.7iCI6-iY-Ow.L.B1.O/am=mOMACAQ/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,I6YDgd,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,S2r0ad,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,WzT7ae,XVMNvd,XvDhNc,YwHGTd,Z5uLle,ZDqTJc,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,fgj8Rb,gZjhIf,gychg,hKSk3e,hc6Ubd,i6Ko2d,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,commentformiframeview/ed=1/wt=2/rs=AEy-KP3hWH9HOj8nx5dkI_o1we1X2F2geA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;NSEoX:lazG7b;JsbNhc:Xd8iUd;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f9.1e100.net

Software

sffe /

Resource Hash

e408c3f09759a360e24450837c23d6bced6bbc8e4f16b15538605c6a00ceaa16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2694
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 03:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 03:30:12 GMT

POST
H2 200 log Show response
play.google.com/ Frame D243 131 B
579 B 185ms
84ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Feb 2023 21:40:51 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.blogger.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Feb 2023 21:40:51 GMT

GET
BLOB 200
OK 7c958048-fe18-40f8-a14e-d5c6a016c079
https://mega.nz/ Frame 155A 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://mega.nz/7c958048-fe18-40f8-a14e-d5c6a016c079
Requested by: Host: wa--groups.blogspot.com
URL: https://wa--groups.blogspot.com/2023/01/httpschat.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a744e416098a8385c2c5b6c5d3b11c57895ca253f191334d23754cba2636d5c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 17168
Content-Type: image/jpeg

GET
H2

200

/
www.facebook.com/login/ Frame 0FBE
Redirect Chain

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df76166345dfed4%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

234ms
234ms

Document
text/html

157.240.252.35

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df76166345dfed4%2526domain%253Dwa--groups.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwa--groups.blogspot.com%25252Ff385e8cd31c6824%2526relation%253Dparent.parent%26container_width%3D254%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252Fprofile.php%253Fid%253D100088848632797%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=799f6770eae39d04dc592b552f9a4e05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wa--groups.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Feb 2023 21:40:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: HnQZaF4eQW3YOvQyUEgPzbfsKhXoVyEpCyrwurk4NzJmUECrqpZmXDBNadyGSt4oriwELXweGSYbOx4es1BO0w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 26 Feb 2023 21:40:53 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v10.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df76166345dfed4%2526domain%253Dwa--groups.blogspot.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwa--groups.blogspot.com%25252Ff385e8cd31c6824%2526relation%253Dparent.parent%26container_width%3D254%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252Fprofile.php%253Fid%253D100088848632797%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width
origin-agent-cluster: ?0
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: oMIVkWkgOYf3N22gsUblwTfZcBUJC5890L/By6Ov5pHcRW2gSUCG8PwC8OeD6i9/5PVFlpPH6VQGMChPpRzGog==
x-fb-rlafr: 0
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mega.nz
URL: https://mega.nz/embed/xvhmhRSK

Domain: www.blogger.com
URL: https://www.blogger.com/comment/frame/3651721677125607820?po=9206696926183727635&hl=es&skin=contempo&blogspotRpcToken=9090294

Domain: api.jotform.com
URL: https://api.jotform.com/formuser/223454216154046/combinedinfo?master=1

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 14:16:39	Name: _bit Value: n1qlEL-37555f866c40fee947-00w

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gauzedisparage.com/cd/c6/ee/cdc6ee9198ad06ba63bceb0ba7d178de.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://form.jotform.com/jsform/223454216154046(Line 10) Message: <link rel=preload> must have a valid `as` value
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: https://wa--groups.blogspot.com/2023/01/httpschat.html Message: Access to XMLHttpRequest at 'https://api.jotform.com/formuser/223454216154046/combinedinfo?master=1' from origin 'https://wa--groups.blogspot.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://api.jotform.com/formuser/223454216154046/combinedinfo?master=1 Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.jotform.com
bit.ly
blogger.googleusercontent.com
browser.sentry-cdn.com
cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
eu.static.mega.co.nz
events.jotform.com
files.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
g.api.mega.co.nz
gauzedisparage.com
gfs302n204.userstorage.mega.co.nz
js.jotform.com
mega.nz
play.google.com
stackpath.bootstrapcdn.com
wa--groups.blogspot.com
widgets.jotform.io
www.blogger.com
www.facebook.com
www.google.com
www.gstatic.com
www.jotform.com
api.jotform.com
mega.nz
www.blogger.com
104.17.24.14
104.18.10.207
104.22.72.81
104.23.133.11
104.23.134.11
142.250.181.238
142.250.184.193
142.250.185.129
142.250.185.227
142.250.186.137
142.250.186.164
142.250.186.170
142.250.186.35
151.101.130.217
157.240.252.13
157.240.252.35
162.208.16.104
172.67.7.107
172.67.71.74
173.233.137.52
216.58.212.138
35.190.41.132
35.201.118.58
66.203.125.12
66.203.127.11
66.203.127.18
67.199.248.10
69.16.175.10
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d973b8c5048f23c0be32685fe9f4a7000b2728a70b4484a18aac964f6b88e88
1346beb5d9d9934e4ea1f6ca4f7b6ccf056e16d0152667c67acead14a1e5c4ef
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e9e2d5d43d7fa8028dbe7ed14f4938407646b7373a69024df2b577cd5c56fd9
2135a6148207d01c66b707cca6a0d131bcd31964b64dacb000708007ee65c1fa
278b2f7b4de322279a54f1336f926d5c5402fd82daafc9035f734a22b7a59a3f
28ef4eafabf7a2b5302f526b1d31da0505f0a002a94fc8eedf8950e35f8e73d7
2938d018f8a1fc0a00d7b6c889faa24f0334f7284ed9ef40ffdf2589d63b0946
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bba036d27948ede7fad38a33790a10fda10c36768cf985cebdaa6cc931636b6
2e884b248bc8fd99426b98c9e2b0347d64a1d76e0cbed818a7ed42a09afa75b4
2e900f1a0971b51b43c28603af05d291f07332e9bcdc01d38e5840fcd187bf51
356ea314af320c2f5ef63fbd0c90e6d83e250eefe3503e1943ecf0a6800e3d96
3bab0f6af2f9b2e30ff55ff3574d96611cd4b4d672a692c7b94c2907dbe6e175
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4ccf7de6fadce680185edde78a9c43576928749ee7ca521eab9b98e3830110
48dbd2c763d739e9798f5badffe73f00bc8306733c5ae1b066a868cd32f493b7
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4c844c5cf1097bdf97536e18e21b11c3d8f3a507026a6a3b92aa79cbc2ea0d8b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51a6d3b954c82035c983486fce8a18699918d54679adbefbfe1bd82a48951142
58bdcb58cd16d05edca75b7f96a4b6847826e76fbc30e216422c2fc5d354b9b7
591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308
5a744e416098a8385c2c5b6c5d3b11c57895ca253f191334d23754cba2636d5c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60354e8e12b8396b7253a4196a30dbba3be391bff38bb6a7f7a46439f80ec534
616c821b9e500c6e9a78b08f1cac275539429169c7494c5829885817083fd6eb
63739f52e260bedf21fa774c0f8d7dd57076adae96bf2ebaf43d7a9d6d294db5
65b64c484e99a5d51d4c5833344ed093726435dff74e19f6775964a543b34df8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c83d0e2b12a8efe4d9f5e8d7e0f11c52ff682d007db9f4cf988a2ceeecdfff4
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
711ecd3b0127eebc6baf0e0ee129f7f697d29c9b384914136bf166aedd26fe18
720f13c92bf858a2f2ccb505c3eed107f778e98db254d1b46911fc48c86a4634
722294202f5228a7c8162f7d76cb0adfdd997e11db0e0eadb545b26b8694e248
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
796689fc3c8dc4d06a712dbc77b181f7a8cad177f6cc6fe97a4f7860f9fa1559
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bf53bd00afe5b1998b66390f478b56a4fc6f9538a1539cae0dfba17f9556b0b
7de3906957c286b158284191c0d7228957baef90490685ebd84776ba7b0df062
7ff93cc5e62c9b44a1da99d4a965f7252620c95d57ecb187324095f8434a6f5d
8012e087bb535299f2dfde5bf0cd2bc27303c028331293abeeb56dd9083ac448
80e386f6dba016f8574d7eb733031371ac22981e210d53462742432f4e3f50c6
81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e
84afae61acc2428b6ac25fc30f2acb0d1f59e53723a4c8818ce64e352aad2ff1
870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c
873cea8dd45cff536b9575170c23c2703cb8f407cb62767bc340ac5d4a5a616a
8949bc9ccc884e72a4e01641de6d291b7a41110106c790b1ed95332a58dacfad
8b67cda6edd0f527970455ccc0fa2ce4b9024aedf8de377649f58dee0a1bfad0
900e9bbf8f73351b20942b7d4340bb6a49800c92c7084cdcd0adc28c1e96d383
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93001afd6e2985ccbd6122e8bb622ab1857e7cad70e9ab187b3dbd811f4d14bf
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95b4d569b98136a29f3419ff5cd161c55a570eb8f25ad6d9f360bf7849d34a4c
9656fe42099f0e5643e6c9893002fa2a307beefe302cc8f9bdfc70f0f51dd84e
9694572a363b319c31d1f23c1c7cfd3f0921ef4d94c42545abb7c44f16c67569
981595ab28bc22743536887a10523ad2516badf8bbb2dac503bfc720bbb2448a
9a64702240eaab3f72e6617619aea8e91c9f6165c7fa1c1bfd66d537f277e28f
9c90f27443fbdb85519985333a8b00c3cff0e10a2753955f41890342d64362f7
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
ab1eab7cab590276bf7c7a89ba0eaf1c6a0a94babae80e01d98d4d5c4770948d
ab73d700946a2bb3ab20198c4af443b85bd72da201b92cbcd3882d1b4228c136
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
af63c65f28e9dcc0b8bef6f01be30270b4408f46f5d86399a0e2f0c116dcadca
af72a3591f85caf0e2fe6d2d62524972ec7d37e4d671502942867cce69798e80
b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bcf435495116719e85323d416172c48999c971ba68391f4673e32005e0be7ecc
bd2afef7b5f058e3840be2e536f575ab3c8bc2f41c930d29d021b14d71ca1630
bd5dd2a0aeb63daa424e5d5cddc04e742ce79296a1a7f568d333f1e779eea21f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8580c21984ea06cc3b42d1feae90eefc14605b24fc35c8edf1a7982295204d7
cda8cbe28acd90c90391a9fdfb0f0444300ccc676c490503da268603ead8e88e
cdab69d1af607e467b4a5d2d0c00066b96f2e7166dfd5a2512fac6d5ae96c8d4
cdf26e3dcdd8b094e4a3ec20fe489cf2f45fcb9c40ba4dc1bffe9739c4eb5ff7
d45f7b62d095ba79d5af82e8a0570f1ae1b1317b707ead0ff266aa5d42c12276
d61de203ec0c30e3c45536a69514f20c42d521d74c4e61e933c721b313889649
db9267a498f08f8c7c39c0e5a95014a9a5c28210ab560d6a687b514290f819ee
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
ddeb610d6af68fecb016bd85a9b0499f6a08daef8134e5fe00ea2fb1427ee4f9
df603a9a7f6d225acca2ec9cc6b3c7a82d52f60c4e69465e9abebab6db725b5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e408c3f09759a360e24450837c23d6bced6bbc8e4f16b15538605c6a00ceaa16
e9f64d7eaace74a4d3595dbc512ed813c9df8f09423782c927081406fc5b0783
f378fab2ded63f9716d414e5004420a8e2a1388526df324e8a608589951bae66
f45b8a36862b2969288a6d48def0cdf43c5e60744d398157370ad96306a3d53a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
faade5384f10ce8bb1ff7428682f6f67d7f880411e370b8696ddd1364476116a
fd27b69120ef894e15b20896762d10cc6db7b5aea291cdf2d0dd58165917a192

wa--groups.blogspot.com Open in urlscan Pro 142.250.185.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

87 %HTTPS

0 %IPv6

19 Domains

32 Subdomains

28 IPs

5 Countries

15278 kBTransfer

23666 kBSize

1 Cookies

31 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wa--groups.blogspot.com Open in urlscan Pro
142.250.185.129 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

87 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

28
IPs

5
Countries

15278 kB
Transfer

23666 kB
Size

1
Cookies

107 HTTP transactions
5 data transactions