Submitted URL: https://ordretierce.blogspot.com/#00000m=1
Effective URL: https://ordretierce.blogspot.com/
Submission: On April 17 via manual from MA

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 78 HTTP transactions. The main IP is 2a00:1450:4001:82a::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is ordretierce.blogspot.com.
TLS certificate: Issued by GTS CA 1O1 on March 23rd 2021. Valid for: 3 months.
This is the only time ordretierce.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
20 tpc.googlesyndication.com ordretierce.blogspot.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
ordretierce.blogspot.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com ordretierce.blogspot.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
9 apis.google.com ordretierce.blogspot.com
apis.google.com
www.blogger.com
8 www.blogger.com 1 redirects ordretierce.blogspot.com
www.blogger.com
apis.google.com
7 resources.blogblog.com ordretierce.blogspot.com
www.blogger.com
5 www.google.com 3 redirects ordretierce.blogspot.com
googleads.g.doubleclick.net
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 accounts.google.com 2 redirects
2 mail.google.com 2 redirects
2 ordretierce.blogspot.com ordretierce.blogspot.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.gstatic.com apis.google.com
1 lh5.googleusercontent.com ordretierce.blogspot.com
1 4.bp.blogspot.com ordretierce.blogspot.com
1 img.root-top.com 1 redirects
1 lh3.googleusercontent.com ordretierce.blogspot.com
78 19
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.blogger.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.apis.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google.de
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh

This page contains 13 frames:

Primary Page: https://ordretierce.blogspot.com/
Frame ID: 7C9985CC89104298F15B9EE8D48EAD8D
Requests: 33 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=68010844175404702&blogName=ORDRE-TIERCE+-+V+I+P&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://ordretierce.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://ordretierce.blogspot.com/&vt=7995581631068307409&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: 830B628966156379584817CC64146A5F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Frame ID: E8726BC13EE2B835AF46963933C1637C
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
Frame ID: F36779CF3E4F26436D9B2C5C50AEE3D4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Frame ID: C5C19E073832AC6DC2C5474A593340CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&adk=1812271804&adf=3025194257&lmt=1618589540&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759965&bpp=3&bdt=298&idt=85&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280&nras=1&correlator=6735518322166&pv_h_ch=L0007&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=100
Frame ID: FF06C076DC9858BE707867366B64D762
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Frame ID: 95E20785504A51262516AE45519B2A41
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html
Frame ID: 162075410171FB2E4A44AA10B05DD8A6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CrYBc4ER6YMW7A9fG7_UP0OCJgAOZpbaOYrelx-v7DIOmstHrARABIIC4-g1glYr4gZQHoAHmsL2_A8gBCakCIALlfCMatD6oAwHIA0iqBNkBT9CoBb0yV_wfHKB5H7SrsinG4lhbR6bTiwqzLwLvzSeG3yOzA2Rx-gqJojQmr35-kp-_zLq-8ozjo_9wRFnZzwSu1DeMTA72ijpHVFoc80VdXOiEIBhwSrf_6TYULDGhj9mWN7r2Ukkr2lK9Mgp3vDB11xldxUdDpAaRjJHv02FkwNa-Bjqd4WqoQH_cRDtR_4XdGwoBAgBAYoGFZq24TRqgaGYszMBNNU6dglgQCS2UCVk-gq47nzf8-wmzRsmvraT4DEZO7TpNarLtBmbKcKq1qAbXLUPtCcAEqd6vxMEDkgUECAQYAZIFBAgFGASgBi6AB4LPwkCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhroK0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTcwNjAyOTg3NjExMTQ2OTc&sigh=A8aQ0Bjb1i8&template_id=419
Frame ID: 1C212499C564446E1286160A2874A2A4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5DAE3886089572CC20391DD2FF004475
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 34B8C0725BB52178C74DA91B67086172
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: BCF6144B88E467F56B2F82113CA33D8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 44EABFF01C84C0917C405F177E1DFBA7
Requests: 2 HTTP requests in this frame

Screenshot


Page Statistics

78
Requests

100 %
HTTPS

94 %
IPv6

12
Domains

19
Subdomains

14
IPs

2
Countries

983 kB
Transfer

2381 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://mail.google.com/mail/u/0?ui=2&ik=2650418aea&attid=0.3&permmsgid=msg-f:1687588355088089256&th=176b84aaf01c80a8&view=fimg&sz=s0-l75-ft&attbid=ANGjdJ--caecgTD8AT4RP6HSzfyOiBQThGtaiZlXdvl5Md_NRmAXWEXXneYPfe3wQefnYMQ-Q9lsuJAuIw7v00zjIehpuN_DEa_GE5ocJ5614w_oToOi-qTTzwVqSC4&disp=emb&realattid=ii_kjcow5of16 HTTP 302
  • https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3D2650418aea%26attid%3D0.3%26permmsgid%3Dmsg-f:1687588355088089256%26th%3D176b84aaf01c80a8%26view%3Dfimg%26sz%3Ds0-l75-ft%26attbid%3DANGjdJ--caecgTD8AT4RP6HSzfyOiBQThGtaiZlXdvl5Md_NRmAXWEXXneYPfe3wQefnYMQ-Q9lsuJAuIw7v00zjIehpuN_DEa_GE5ocJ5614w_oToOi-qTTzwVqSC4%26disp%3Demb%26realattid%3Dii_kjcow5of16&scc=1&ltmpl=googlemail&emr=1&osid=1 HTTP 302
  • https://mail.google.com/intl/de/mail/help/about.html HTTP 301
  • https://www.google.com/intl/de/mail/help/about.html HTTP 302
  • https://www.google.com/intl/de/gmail/about/
Request Chain 8
  • https://img.root-top.com/topsite/topturfjs/banner.gif HTTP 302
  • https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
Request Chain 24
  • https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https://ordretierce.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__ HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D68010844175404702%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://ordretierce.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.en_US.MWM3Xj_RD9s.O/am%253DAQ/d%253D1/ct%253Dzgms/rs%253DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D68010844175404702%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://ordretierce.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.en_US.MWM3Xj_RD9s.O/am%253DAQ/d%253D1/ct%253Dzgms/rs%253DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/m%253D__features__%26bpli%3D1&passive=true&go=true HTTP 302
  • https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 73
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

78 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ordretierce.blogspot.com/
163 KB
15 KB
Document
General
Full URL
https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97a90e01735842169d73e8f04fb5b85891f7c78e5007956d767586c9b7dd5d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ordretierce.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Sat, 17 Apr 2021 02:15:59 GMT
date
Sat, 17 Apr 2021 02:15:59 GMT
cache-control
private, max-age=0
last-modified
Fri, 16 Apr 2021 16:12:20 GMT
etag
W/"f01b25fc74fb404966d9d8e77513e022cc88103a18a4ddc3fc0ce505cda973e8"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
15342
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
115981500-css_bundle_v2.css
www.blogger.com/static/v1/widgets/
36 KB
36 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 01:52:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 00:13:19 GMT
server
sffe
age
260638
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36990
x-xss-protection
0
expires
Thu, 14 Apr 2022 01:52:01 GMT
plusone.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sT/oPbubi75t+p2Z06mXZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"0ab444474500f3dd8e11c64dab872e43"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-sT/oPbubi75t+p2Z06mXZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 17 Apr 2021 02:15:59 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=68010844175404702&zx=5615748e-4da1-4f1e-9812-28bcb7b067e1
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 17 Apr 2021 02:15:59 GMT
server
GSE
date
Sat, 17 Apr 2021 02:15:59 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/
475 B
587 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:42:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 13:09:30 GMT
server
sffe
age
214383
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Wed, 21 Apr 2021 14:42:56 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/
162 B
281 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:19:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 08:41:29 GMT
server
sffe
age
183366
content-type
image/gif
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
expires
Wed, 21 Apr 2021 23:19:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48646
x-xss-protection
0
server
cafe
etag
9885252380620520250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Apr 2021 02:15:59 GMT
/
www.google.com/intl/de/gmail/about/
Redirect Chain
  • https://mail.google.com/mail/u/0?ui=2&ik=2650418aea&attid=0.3&permmsgid=msg-f:1687588355088089256&th=176b84aaf01c80a8&view=fimg&sz=s0-l75-ft&attbid=ANGjdJ--caecgTD8AT4RP6HSzfyOiBQThGtaiZlXdvl5Md_NR...
  • https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3D2650418aea%26attid%3D0.3%26permmsgid%3Dmsg-f:1687588355088089256%26t...
  • https://mail.google.com/intl/de/mail/help/about.html
  • https://www.google.com/intl/de/mail/help/about.html
  • https://www.google.com/intl/de/gmail/about/
0
0
Image
General
Full URL
https://www.google.com/intl/de/gmail/about/
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sat, 17 Apr 2021 02:16:00 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://www.google.com/intl/de/gmail/about/
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
hsvXvy398elve7dC5B35y-6vmePIU7cc8KMqR_5orbuHPWqvNpgCQd0qzdIlZ3QrgFnGb1Rr-ww=s0-d
lh3.googleusercontent.com/proxy/
14 KB
14 KB
Image
General
Full URL
https://lh3.googleusercontent.com/proxy/hsvXvy398elve7dC5B35y-6vmePIU7cc8KMqR_5orbuHPWqvNpgCQd0qzdIlZ3QrgFnGb1Rr-ww=s0-d
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ff54a899abc02dfcea8d6a5e1693a3973801a81f09b1588957f7134de108671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 22:21:04 GMT
x-content-type-options
nosniff
server
fife
age
14095
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14317
x-xss-protection
0
expires
Sat, 17 Apr 2021 22:21:04 GMT
TOPSITE0.gif
4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/
Redirect Chain
  • https://img.root-top.com/topsite/topturfjs/banner.gif
  • https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
21 KB
22 KB
Image
General
Full URL
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 22:53:35 GMT
x-content-type-options
nosniff
age
12144
content-disposition
inline;filename="TOPSITE0.gif"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21771
x-xss-protection
0
server
fife
etag
"v122d"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 17 Apr 2021 22:53:35 GMT

Redirect headers

date
Sat, 17 Apr 2021 02:15:59 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gMBGsViJaWQi1PGLPdEZbgB3XrPDv5d65VHeasiMPjtnTxFuwAim05zBt0yrrGy8BM1tC0JPXWqAOhZ6WS%2B1NGmEP6NO6NwjUP8f2dBmIlO2BFEfY%2F9LDvQl9yjm"}],"max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://4.bp.blogspot.com/-9rgHikzhRtk/WaBw8I7Z2DI/AAAAAAAAEis/uMbu7FpqG1oPo5ccQXvThtIpcLRuvZW1QCLcBGAs/s1600/TOPSITE0.gif
cf-ray
641226165d754eaf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097f3621f800004eaf9f8fa000000001
R1PuaVyFMUc6FpCeDab16RNP8brauJwMcXziMC23uwBW2Wl2xIMd0LC3TBTF4dXmjOpJSHt4D0vOuX1JKn2y8-FH6WY=s0-d
lh5.googleusercontent.com/proxy/
7 KB
7 KB
Image
General
Full URL
https://lh5.googleusercontent.com/proxy/R1PuaVyFMUc6FpCeDab16RNP8brauJwMcXziMC23uwBW2Wl2xIMd0LC3TBTF4dXmjOpJSHt4D0vOuX1JKn2y8-FH6WY=s0-d
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a36e987850551a8f88bf95359a3bbdff70c727748e9521a6ad30692187c976ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:09:02 GMT
x-content-type-options
nosniff
server
fife
age
4017
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
attachment;filename="unnamed.gif"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
expires
Sun, 18 Apr 2021 01:09:02 GMT
cookienotice.js
ordretierce.blogspot.com/js/
6 KB
2 KB
Script
General
Full URL
https://ordretierce.blogspot.com/js/cookienotice.js
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/cookienotice.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ordretierce.blogspot.com
referer
https://ordretierce.blogspot.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 23:08:11 GMT
server
sffe
age
2505
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
expires
Sat, 24 Apr 2021 01:34:14 GMT
1893845785-widgets.js
www.blogger.com/static/v1/widgets/
143 KB
143 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/1893845785-widgets.js
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 20:58:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 05:53:33 GMT
server
sffe
age
19034
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146285
x-xss-protection
0
expires
Sat, 16 Apr 2022 20:58:45 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/
142 KB
50 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84b4152f00e70008b4f6d07fb34b7a185e523f81cbfe7e9c401a794c73f01ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
183070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50974
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:24:49 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/
52 KB
17 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98c523b65083f335b04fc6c001eb2bb54e565612b1cc6ff5e66db369e54e4117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
140728
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17264
x-xss-protection
0
expires
Fri, 15 Apr 2022 11:10:31 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
578 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:03:38 GMT
gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/
403 B
424 B
Image
General
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:54:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 11:18:04 GMT
server
sffe
age
199276
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
expires
Wed, 21 Apr 2021 18:54:43 GMT
body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/
95 B
116 B
Image
General
Full URL
https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:42:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 16:10:33 GMT
server
sffe
age
574424
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Sat, 17 Apr 2021 10:42:15 GMT
share_buttons_20_3.png
www.blogger.com/img/
5 KB
5 KB
Image
General
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:54:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 18:14:50 GMT
server
sffe
age
199281
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5080
x-xss-protection
0
expires
Wed, 21 Apr 2021 18:54:38 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/
24 KB
8 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adcc52f470f4648625c9157ec80f99f54da378cc1ff9fc4005395131114afe06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 10:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
144508
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8498
x-xss-protection
0
expires
Fri, 15 Apr 2022 10:07:31 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=68010844175404702&zx=5615748e-4da1-4f1e-9812-28bcb7b067e1
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/#00000m=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 17 Apr 2021 02:16:00 GMT
server
GSE
date
Sat, 17 Apr 2021 02:16:00 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
navbar.g
www.blogger.com/ Frame 830B
7 KB
3 KB
Document
General
Full URL
https://www.blogger.com/navbar.g?targetBlogID=68010844175404702&blogName=ORDRE-TIERCE+-+V+I+P&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://ordretierce.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://ordretierce.blogspot.com/&vt=7995581631068307409&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f288fd981e9e169058ff4e319c733da96fe719a149377e494f091076330a6337
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=68010844175404702&blogName=ORDRE-TIERCE+-+V+I+P&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://ordretierce.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://ordretierce.blogspot.com/&vt=7995581631068307409&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2600
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/
222 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84747
x-xss-protection
0
server
cafe
etag
7950800710615234990
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Apr 2021 02:15:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/ Frame E872
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210414/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 16 Apr 2021 14:17:06 GMT
expires
Fri, 30 Apr 2021 14:17:06 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
43133
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/
71 KB
26 KB
Script
General
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e138a8ec4bdfee18a5378abbd2e93f8fde313fea07d47f17556761096e6dbcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 16:40:34 GMT
server
sffe
age
558
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26298
x-xss-protection
0
expires
Sat, 17 Apr 2021 02:56:41 GMT
followers.g
www.blogger.com/ Frame F367
Redirect Chain
  • https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwM...
  • https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D68010844175404702%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyB...
  • https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwM...
5 KB
2 KB
Document
General
Full URL
https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9beb4681d82f4cb580b783c45f6f8bd08fd14d50aba6eff04cf648800621796d
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1698
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type
text/html; charset=UTF-8
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 17 Apr 2021 02:16:00 GMT
location
https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'report-sample' 'nonce-VGTnvIFRukJhP9FRvn1ttQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
477
server
GSE
set-cookie
__Host-GAPS=1:z-OBWAlS5INmIvmbRXW_5wafc7YEfw:gr8WNLSGPOdfBWfW;Path=/;Expires=Mon, 17-Apr-2023 02:16:00 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
202 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ordretierce.blogspot.com&callback=_gfp_s_&client=ca-pub-7060298761114697
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9740184a0696894dddf816c6508075fc6a9993bb04a6fb778f1b27fed95adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ordretierce.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ordretierce.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C5C1
103 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aacd6db0d06fe76cddc40a0ec20242787ef9bc9580771984e432149a97d6807
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWrz-uahPACFVfjuwgdUHACMA&gqi=4ER6YKmCA5KS3wPvpaSABA&layout=/sadbundle/%24csp%253Der3%24/15059633600090873651/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWrz-uahPACFVfjuwgdUHACMA&gqi=4ER6YKmCA5KS3wPvpaSABA&layout=/sadbundle/%24csp%253Der3%24/15059633600090873651/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 17 Apr 2021 02:16:00 GMT
server
cafe
content-length
33218
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 17-Apr-2021 02:31:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Apr 2021 02:16:00 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Sat, 17 Apr 2021 02:16:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 02:16:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FF06
3 KB
695 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&adk=1812271804&adf=3025194257&lmt=1618589540&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759965&bpp=3&bdt=298&idt=85&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280&nras=1&correlator=6735518322166&pv_h_ch=L0007&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38e6a5e9c0928e41c42d17244d7c2a8f5f19e01f1c0fb457a6820cca3c5b979c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&adk=1812271804&adf=3025194257&lmt=1618589540&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759965&bpp=3&bdt=298&idt=85&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280&nras=1&correlator=6735518322166&pv_h_ch=L0007&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 17 Apr 2021 02:16:00 GMT
server
cafe
content-length
672
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 17-Apr-2021 02:31:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Apr 2021 02:16:00 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ordretierce.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ordretierce.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 95E2
63 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a3011297eb4b16ad89f970bc4a71edb273ce8105513fc83ff2f9ce796b68a41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 17 Apr 2021 02:16:00 GMT
server
cafe
content-length
23118
x-xss-protection
0
set-cookie
IDE=AHWqTUmehFXOckDFXPS5jxnR7USfRpjK19O2PNIBQSaAPZlMioSlupusvPQ-DkwtHyk; expires=Thu, 12-May-2022 02:16:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Apr 2021 02:16:00 GMT
cache-control
private
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
82 KB
19 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23ee9ead2454a9acc5668c5c8307440b78f01c9e04449d0210479d0d7ead1dbb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15059633600090873651/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 11 Apr 2021 02:07:16 GMT
expires
Mon, 11 Apr 2022 02:07:16 GMT
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
18237
age
518924
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 1C21
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrYBc4ER6YMW7A9fG7_UP0OCJgAOZpbaOYrelx-v7DIOmstHrARABIIC4-g1glYr4gZQHoAHmsL2_A8gBCakCIALlfCMatD6oAwHIA0iqBNkBT9CoBb0yV_wfHKB5H7SrsinG4lhbR6bTiwqzLwLvzSeG3yOzA2Rx-gqJojQmr35-kp-_zLq-8ozjo_9wRFnZzwSu1DeMTA72ijpHVFoc80VdXOiEIBhwSrf_6TYULDGhj9mWN7r2Ukkr2lK9Mgp3vDB11xldxUdDpAaRjJHv02FkwNa-Bjqd4WqoQH_cRDtR_4XdGwoBAgBAYoGFZq24TRqgaGYszMBNNU6dglgQCS2UCVk-gq47nzf8-wmzRsmvraT4DEZO7TpNarLtBmbKcKq1qAbXLUPtCcAEqd6vxMEDkgUECAQYAZIFBAgFGASgBi6AB4LPwkCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhroK0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTcwNjAyOTg3NjExMTQ2OTc&sigh=A8aQ0Bjb1i8&template_id=419
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 17 Apr 2021 02:16:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 17 Apr 2021 02:16:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 1C21
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 02:05:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 1C21
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 01:54:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C21
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 02:16:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 1C21
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 02:09:51 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5DAE
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnsFQ0vJP8kCE_zl-1OWqHHQtoxR83l_T8_QwFwxB6_K-DmURqJBP7pzzpU3Q8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Apr 2021 01:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2074
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1620
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4021
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 18 Apr 2021 01:08:59 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1620
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 17 Apr 2021 18:54:37 GMT
truncated
/ Frame 1C21
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f7e1dcda22bc5621301f443a7c43beec683e73b6552041080b6e3a5a15bb320

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5DAE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&slotname=4860057165&adk=2566581553&adf=2403184095&pi=t.ma~as.4860057165&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0007&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625759937&bpp=28&bdt=270&idt=82&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6735518322166&frm=20&pv=2&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1901&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=zfvrgtQC45&p=https%3A//ordretierce.blogspot.com&dtd=101
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnsFQ0vJP8kCE_zl-1OWqHHQtoxR83l_T8_QwFwxB6_K-DmURqJBP7pzzpU3Q8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 02:16:00 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 17-Apr-2021 03:16:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Apr 2021 02:16:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 02:16:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 830B
907 B
928 B
Image
General
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=68010844175404702&blogName=ORDRE-TIERCE+-+V+I+P&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://ordretierce.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://ordretierce.blogspot.com/&vt=7995581631068307409&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 07:12:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 11:10:50 GMT
server
sffe
age
327822
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
907
x-xss-protection
0
expires
Tue, 20 Apr 2021 07:12:18 GMT
arrows-light.png
resources.blogblog.com/img/navbar/ Frame 830B
117 B
138 B
Image
General
Full URL
https://resources.blogblog.com/img/navbar/arrows-light.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=68010844175404702&blogName=ORDRE-TIERCE+-+V+I+P&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://ordretierce.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://ordretierce.blogspot.com/&vt=7995581631068307409&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:59:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 18:19:12 GMT
server
sffe
age
198989
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Wed, 21 Apr 2021 18:59:31 GMT
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 830B
54 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=68010844175404702&blogName=ORDRE-TIERCE+-+V+I+P&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://ordretierce.blogspot.com/search&blogLocale=fr&v=2&homepageUrl=https://ordretierce.blogspot.com/&vt=7995581631068307409&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8efc41712e500288b849790e1c0694e0f6b62c2e302b1ea74527e664039ac0b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p94yUqMQvTn8XCeFsofLFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"73f9d378d8859ef7f0fab3087dc950d0"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-p94yUqMQvTn8XCeFsofLFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 17 Apr 2021 02:16:00 GMT
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 1620
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 19:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
23949
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 16 Apr 2022 19:36:51 GMT
Element_12.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
7 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_12.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52a6464a0beb65ab2003165b19813163419c54d8102238c8c20a3d23757a1da
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
202417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1775
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Wed, 14 Apr 2021 18:02:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:02:23 GMT
Element_11.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
2 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_11.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3100090b126c16564d7acc34f5534c3db0c4ceb1d6dfd19688918e0a4f95b404
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
202417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1127
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Wed, 14 Apr 2021 18:02:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:02:23 GMT
Element_10.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
243 B
220 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_10.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a59d37994cd7430e950164dcb81f6d9b3770caee4b4af76dbf544d35361356b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
202417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Wed, 14 Apr 2021 18:02:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:02:23 GMT
Element_14.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
5 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_14.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc5fb9f3f03b87b14d7ab37b3f0d3a156649abd7b740cfa32faab7da33dc00f8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
202417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1735
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Wed, 14 Apr 2021 18:02:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:02:23 GMT
Element_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
3 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_1.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd5a8e8ecd945b1ba9e7cf0b265d25a1a1b62e2a980dea10a78256077e031b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
202417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1473
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Wed, 14 Apr 2021 18:02:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:02:23 GMT
Element_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
474 B
295 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_2.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d3428b5be95cfe457bf55b17db124142d1fd32c772c6258e5a8c5e222b34b74
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
202417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Wed, 14 Apr 2021 18:02:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 18:02:23 GMT
Element_8.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/ Frame 1620
9 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15059633600090873651/Element_8.svg
Requested by
Host: ordretierce.blogspot.com
URL: https://ordretierce.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cba46b355819df7326c94eee0a7bffd894e3feb7dbcb275b10cb9a151955420
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
280735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2395
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:36 GMT
server
sffe
date
Tue, 13 Apr 2021 20:17:05 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Apr 2022 20:17:05 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame 830B
120 KB
41 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45e713a20df33e0ae79c9cd5adf8f1a0fafd83410a0501fd35b98d05d37ba7de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 18:53:53 GMT
server
sffe
age
183024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41446
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:25:36 GMT
plusone.js
apis.google.com/js/ Frame F367
54 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9B8xE/czRxQ25Bov1cqBYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"0ab444474500f3dd8e11c64dab872e43"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-9B8xE/czRxQ25Bov1cqBYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 17 Apr 2021 02:16:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame F367
142 KB
50 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84b4152f00e70008b4f6d07fb34b7a185e523f81cbfe7e9c401a794c73f01ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
183071
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50974
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:24:49 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame F367
38 KB
12 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250d2a9f9a81df667b29d2f222a94f53d4fe1eed634c72ed9e972259f9feb3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
182979
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12770
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:26:21 GMT
anon45.png
resources.blogblog.com/img/ Frame F367
2 KB
2 KB
Image
General
Full URL
https://resources.blogblog.com/img/anon45.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=68010844175404702&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMyMjIyMjJCByMwMDAwMDBKByM5OTk5OTlSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fordretierce.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__&bpli=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb9edcb764776694061a58275d9ddc53f2374f523f4705d6cdd2d62a684d424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:37:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 20:16:23 GMT
server
sffe
age
128340
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2393
x-xss-protection
0
expires
Thu, 22 Apr 2021 14:37:00 GMT
13152091194918569273
tpc.googlesyndication.com/daca_images/simgad/ Frame 95E2
54 KB
54 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/13152091194918569273
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16e2bc506188f531f5c5876a1564fba7d6929286d4238d751f67da608fbdc05d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 20:05:16 GMT
x-content-type-options
nosniff
age
22244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55579
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 09:17:24 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 20:05:16 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 95E2
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 02:05:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 95E2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 01:54:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95E2
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Sat, 17 Apr 2021 02:16:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 95E2
13 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 May 2021 02:09:51 GMT
l
www.google.com/ads/measurement/ Frame 95E2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoy0datLta7bpCfrVenKtnjhQovyN_sS-GLKCwSG_6vNl50I8EkqCCu_pep273NJJ2hbND
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 95E2
25 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10490
x-xss-protection
0
server
cafe
etag
4192951226220979311
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 11:42:25 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 95E2
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFw2D4ER6YK7TDc207_UPsq2P4AO1i4WrYqCDyZ70DdvZHhABIIC4-g1glYr4gZQHoAHI_qunAsgBAqkCIJDh6I9FgT6oAwHIA8kEqgTNAU_Q3Gr-M8qT0T2CFwABHHKzkVrrseAxK5eaI0SvGNj7fX2rtl2Da2D6ZmwNZE-eNEVKLKLEn5r4OqN0vYKWz0KU6OeeJBErbgWGxwfHYhhxUnMOWnZAphn9UprsHIoNKAowNui58XmcCn7iRnbKFp_qevWZPJ3B0SPF28mW1tlhYdvDffEGcwEHQHlci9wQLpFYEaDxPpWY30NtaLbPchjYO-5yWEW5pO6VEViwYICs2DDBsgNErUxR5JAL_gw4UEkMV9bnLR1vDbhCDIXABIHxk53MA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfQ3cHeAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCBlgnSCAkIgOGAcBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNzA2MDI5ODc2MTExNDY5Nw&sigh=UkGRntu6GFo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 17 Apr 2021 02:16:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 34B8
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUmehFXOckDFXPS5jxnR7USfRpjK19O2PNIBQSaAPZlMioSlupusvPQ-DkwtHyk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 17 Apr 2021 01:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2074
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 95E2
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32e60fc9fe2c7ca498f5709c33730104488e077575d1f265e90598386e549669

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08c953cef050a689fdac0ca662750fd1317277892990dff05ba30d5b9e6da3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6997
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 34B8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUmehFXOckDFXPS5jxnR7USfRpjK19O2PNIBQSaAPZlMioSlupusvPQ-DkwtHyk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 02:16:00 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 17-Apr-2021 03:16:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 17 Apr 2021 02:16:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 17 Apr 2021 02:16:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame BCF6
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7060298761114697&output=html&h=280&adk=1112824722&adf=3960353355&pi=t.aa~a.3854229981~rp.1&w=550&fwrn=4&fwrnh=100&lmt=1618589540&rafmt=1&to=qs&pwprc=8604871089&psa=0&format=550x280&url=https%3A%2F%2Fordretierce.blogspot.com%2F%2300000m%3D1&flash=0&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618625760168&bpp=2&bdt=501&idt=2&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D77f5d606be183a0e-229d224e93a700bc%3AT%3D1618625760%3ART%3D1618625760%3AS%3DALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg&prev_fmts=550x280%2C0x0&nras=2&correlator=6735518322166&frm=20&pv=1&ga_vid=471886988.1618625760&ga_sid=1618625760&ga_hid=339417884&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=525&ady=1257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060829&oid=3&pvsid=126440751820156&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vqlJ50r85k&p=https%3A//ordretierce.blogspot.com&dtd=38
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 19:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
23949
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 16 Apr 2022 19:36:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7060298761114697&plah=ordretierce.blogspot.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 02:16:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 17 Apr 2021 02:16:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 44EA
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ordretierce.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ordretierce.blogspot.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 16 Apr 2021 19:36:50 GMT
expires
Sat, 16 Apr 2022 19:36:50 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
23950
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 44EA
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 19:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
23949
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 16 Apr 2022 19:36:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=126440751820156&bg=!Hh2lHVnNAAZUuIlwVLg7ACkAdvg8WuOVgOpHcMPKUE0WnPCmv8pCmwzutMPJTf5RSKxdeG66AU3ZRwIAAABjUgAAAA5oAQcKAPIifRMaryE8fCipKNUW0-y7-oZ34Tw5zb6SVh69VtNXvjfeOULIWlOuEv0v2vp6weSV2CUr3nE6CUOydnnUCsl1BQgnMC68jObBQtlFTntL0pHJOrW3w_camu9MpYLayDotqVdUkUW43wDaPh6QAn7fpLJQJR9TEQXtYuvhx8B8Cxjtji6UzLRorfzsRcQ2dk-bdFhyE5ey6ZfxM6H8hLv62h5foBed177V4pZuWG9bwsPTuJQXoX1N46wphd_CJCeVVDRdWQVHAObandCYoAAt4XqfwrxJXbJD-YvHXXOqUZSjJE05xbfyDis7cEJjBIFa55kCPtO7xvs01UYj1YQTn6JpGvzACAJCXw3k_vqzXbs_th9rAJ_lr5vAkz2vNP98oE6BdChHHX7CTK9xArCFnS8PKlpY5_8xJ5AEhS-wPNvITCyOBFITySl5qZZIX0g6139IO7K0Ptzukpnx_QhV33q89aY4elz4xwHFDN0D_6vIUpDHCbN8u3g0OfPg2Pc6CgtWvGmfGltg5fDsLcQ3Lcvo3S7b430678mXge9n6lSZCVnxd4dLIXjs-Rj_TEr0CaTkBGl-HVdkBC30SCnToSDHLXgcPqUvpnFEsyhPgZyv5Mho-GPEjJZEKAmxdkJYuCqHq_VT9PcZrCmwLSARwW8s7jG5BGQ0dmKzQ3aKRvJfrLSOjSWZNWq6sJGY0x1KTZAkM2DUIa8ior7W50ItEoAIawrFH-OqnviQ2EpuJrXYka5cu1aUWt8D3s3fltKVOYMtepnjK5oxcHiBm23buvjLm9tsW3vxyY0K18lhS3gEJ47AoGbLdaSC94qEWp0AQTkmxL-uUprjoGmpqwA07rLlydrqszIXSYjCHe9x5Zcl3rSpgl6AqbZ2xI07dybUoQp8jSxwjcA5nw7LVtiu6EqccMZgRAs3evOfui1aJCkN41_s2KJChvQx518gn3ePYQJNdAvQuInw4ef77Bu3YQfYc9B44HycfX3u1GxDwqdFsSQa2ohmM1XrA5TWbpGNYfORif6s74x8ih4z4SMOvpPrJSHtstxxdHTHpBmxH2HZlhJsVRjQMp64Z7yBs2jibUk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordretierce.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 02:16:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl function| followersIframeOpen object| followersIframe function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices boolean| google_empty_script_included object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| help object| hgb object| userfeedback function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmehFXOckDFXPS5jxnR7USfRpjK19O2PNIBQSaAPZlMioSlupusvPQ-DkwtHyk
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ordretierce.blogspot.com/ Name: __gads
Value: ID=77f5d606be183a0e-229d224e93a700bc:T=1618625760:RT=1618625760:S=ALNI_MYkND_6GcIZJAcC6hDswrEIYfIpWg
.ordretierce.blogspot.com/ Name: gadsTest
Value: test

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
googleads.g.doubleclick.net
img.root-top.com
lh3.googleusercontent.com
lh5.googleusercontent.com
mail.google.com
ordretierce.blogspot.com
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.googletagservices.com
www.gstatic.com
172.217.16.130
2606:4700:3038::6815:ea1b
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2009
2a00:1450:4001:810::2002
2a00:1450:4001:810::2005
2a00:1450:4001:811::2002
2a00:1450:4001:811::200d
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
16e2bc506188f531f5c5876a1564fba7d6929286d4238d751f67da608fbdc05d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d3428b5be95cfe457bf55b17db124142d1fd32c772c6258e5a8c5e222b34b74
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23ee9ead2454a9acc5668c5c8307440b78f01c9e04449d0210479d0d7ead1dbb
250d2a9f9a81df667b29d2f222a94f53d4fe1eed634c72ed9e972259f9feb3ff
3100090b126c16564d7acc34f5534c3db0c4ceb1d6dfd19688918e0a4f95b404
32e60fc9fe2c7ca498f5709c33730104488e077575d1f265e90598386e549669
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
38e6a5e9c0928e41c42d17244d7c2a8f5f19e01f1c0fb457a6820cca3c5b979c
45e713a20df33e0ae79c9cd5adf8f1a0fafd83410a0501fd35b98d05d37ba7de
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4f7e1dcda22bc5621301f443a7c43beec683e73b6552041080b6e3a5a15bb320
5aacd6db0d06fe76cddc40a0ec20242787ef9bc9580771984e432149a97d6807
5c69c084a448c3a9bf38acccb3b13de079aa5d06202aec2659a1a0e19d4e43f1
5cba46b355819df7326c94eee0a7bffd894e3feb7dbcb275b10cb9a151955420
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5ff54a899abc02dfcea8d6a5e1693a3973801a81f09b1588957f7134de108671
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
7a3011297eb4b16ad89f970bc4a71edb273ce8105513fc83ff2f9ce796b68a41
84b4152f00e70008b4f6d07fb34b7a185e523f81cbfe7e9c401a794c73f01ecb
8dd5a8e8ecd945b1ba9e7cf0b265d25a1a1b62e2a980dea10a78256077e031b5
8efc41712e500288b849790e1c0694e0f6b62c2e302b1ea74527e664039ac0b1
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
97a90e01735842169d73e8f04fb5b85891f7c78e5007956d767586c9b7dd5d6a
98c523b65083f335b04fc6c001eb2bb54e565612b1cc6ff5e66db369e54e4117
9a9740184a0696894dddf816c6508075fc6a9993bb04a6fb778f1b27fed95adb
9beb4681d82f4cb580b783c45f6f8bd08fd14d50aba6eff04cf648800621796d
9e138a8ec4bdfee18a5378abbd2e93f8fde313fea07d47f17556761096e6dbcd
a08c953cef050a689fdac0ca662750fd1317277892990dff05ba30d5b9e6da3b
a36e987850551a8f88bf95359a3bbdff70c727748e9521a6ad30692187c976ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52a6464a0beb65ab2003165b19813163419c54d8102238c8c20a3d23757a1da
a59d37994cd7430e950164dcb81f6d9b3770caee4b4af76dbf544d35361356b0
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
adcc52f470f4648625c9157ec80f99f54da378cc1ff9fc4005395131114afe06
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
bb9edcb764776694061a58275d9ddc53f2374f523f4705d6cdd2d62a684d424b
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cc5fb9f3f03b87b14d7ab37b3f0d3a156649abd7b740cfa32faab7da33dc00f8
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf9ffb799d5f1da8a6cb532f4bc6e62f294d1d717dd5e6471723755d38b032a7
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
f288fd981e9e169058ff4e319c733da96fe719a149377e494f091076330a6337