newqueeries.blogspot.com Open in urlscan Pro
142.251.40.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newqueeries.blogspot.de/
Effective URL:
https://newqueeries.blogspot.com/
Submission: On September 30 via api (September 30th 2023, 3:30:51 am UTC) from US — Scanned from US

Summary HTTP 41 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 15 domains to perform 41 HTTP transactions. The main IP is 142.251.40.193, located in Queens, United States and belongs to GOOGLE, US. The main domain is newqueeries.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on September 4th 2023. Valid for: 3 months.

This is the only time newqueeries.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	142.251.40.193 142.251.40.193	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81d::2009	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1 2	185.66.200.224 185.66.200.224	201702 (SKHOSTING-EU) (SKHOSTING-EU)
6	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
6	185.66.200.221 185.66.200.221	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
5	143.244.174.234 143.244.174.234	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
41	14

3 142.251.40.193 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f1.1e100.net

newqueeries.blogspot.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newqueeries.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81d::2009 (United States)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.224 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.224.skhosting.eu

yllix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.66.200.221 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu

ylx-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ylx-4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-server.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

qoca.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.244.174.234 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.qoca.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	blogspot.com newqueeries.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10530 3.bp.blogspot.com — Cisco Umbrella Rank: 13157 4.bp.blogspot.com — Cisco Umbrella Rank: 13947 2.bp.blogspot.com — Cisco Umbrella Rank: 14560	312 KB
6	qoca.site qoca.site — Cisco Umbrella Rank: 104059 cdn.qoca.site — Cisco Umbrella Rank: 166820	112 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 8923	67 KB
4	ylx-1.com ylx-1.com	5 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 242	148 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113 ajax.googleapis.com — Cisco Umbrella Rank: 720	35 KB
2	advertica-cdn2.com ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 154194	27 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3876 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683	46 KB
2	gstatic.com fonts.gstatic.com	68 KB
2	yllix.com 1 redirects yllix.com	282 B
1	blogblog.com img1.blogblog.com — Cisco Umbrella Rank: 132824	180 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	455 B
1	cdn-server.cc cdn-server.cc	12 KB
1	ylx-4.com ylx-4.com	68 B
1	blogspot.de 1 redirects newqueeries.blogspot.de	292 B
41	15

	Domain	Requested by
5	www.blogger.com	newqueeries.blogspot.com apis.google.com
4	ylx-1.com	newqueeries.blogspot.com ylx-1.com
4	apis.google.com	newqueeries.blogspot.com apis.google.com www.blogger.com
3	cdn.qoca.site	qoca.site
3	qoca.site	ylx-1.com qoca.site
3	1.bp.blogspot.com	newqueeries.blogspot.com
2	ylx-i.advertica-cdn2.com	ylx-1.com
2	fonts.gstatic.com	fonts.googleapis.com
2	yllix.com	1 redirects newqueeries.blogspot.com
2	fonts.googleapis.com	newqueeries.blogspot.com qoca.site
2	newqueeries.blogspot.com	newqueeries.blogspot.com
1	ajax.googleapis.com	qoca.site
1	maxcdn.bootstrapcdn.com	qoca.site
1	stackpath.bootstrapcdn.com	cdn-server.cc
1	img1.blogblog.com	newqueeries.blogspot.com
1	pagead2.googlesyndication.com	newqueeries.blogspot.com
1	cdn-server.cc	newqueeries.blogspot.com
1	2.bp.blogspot.com	newqueeries.blogspot.com
1	4.bp.blogspot.com	newqueeries.blogspot.com
1	ylx-4.com	newqueeries.blogspot.com
1	3.bp.blogspot.com	newqueeries.blogspot.com
1	newqueeries.blogspot.de	1 redirects
41	22

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
24work.blogspot.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
banners.ylx-1.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
banners.ylx-4.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
cdn-server.cc R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
qoca.site R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
cdn.qoca.site R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://newqueeries.blogspot.com/
Frame ID: 2C7015993F36F7CC8BB3C3198F27418F
Requests: 22 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1036394491010973568&blogName=New+Queeries&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://newqueeries.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://newqueeries.blogspot.com/&vt=-3607864438528654008&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__
Frame ID: 98932A50FAD6E2ADA7DDAC2513B0A8D5
Requests: 3 HTTP requests in this frame

Frame: https://ylx-1.com/bnr_xload.php?section=General&pub=423645&format=300x250&ga=a&xt=169604464687740&xtt=3384225
Frame ID: 1F3E3EC7B42213029FC35B0DD621B701
Requests: 1 HTTP requests in this frame

Frame: https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Frame ID: E12D75D4103B16FAE15FAF7BAC8E0EDF
Requests: 2 HTTP requests in this frame

Frame: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v
Frame ID: 7E8072714D9612A9276581C7CF8A006B
Requests: 5 HTTP requests in this frame

Frame: https://qoca.site/fa8b9a43c6/60d0732a44/?placementName=ROTATOR&type=a&cv=XZixCAGpZriidZCirddZrCxCANrjrNZipNripCrCZZZCCrixCrrGCrCrGCxCirxrrdGGiCCr_67007&adApiR=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&refferer=1197351659_aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c&randomA=1399648775155&realRef=bUZNbVNXdW9lWmh3dDcvUzBoMklpN1VuQTZQUUluRGZLYmtUZ2VUd3RWbz0=
Frame ID: 1EDE07AC4D13B3E14360B67085B936AE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Queeries

Page URL History Show full URLs

https://newqueeries.blogspot.de/ HTTP 302
https://newqueeries.blogspot.com/ Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

62 %
IPv6

15
Domains

22
Subdomains

14
IPs

2
Countries

833 kB
Transfer

1635 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/share-post.g?blogID=1036394491010973568&postID=642003210492110517&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1036394491010973568&postID=642003210492110517&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1036394491010973568&postID=642003210492110517&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1036394491010973568&postID=642003210492110517&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: http://24work.blogspot.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newqueeries.blogspot.de/ HTTP 302
https://newqueeries.blogspot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://yllix.com/banner.php?section=General&pub=423645&format=728x90&ga=g HTTP 301
https://yllix.com/warn.php?section=General&pub=423645&format=728x90&ga=g

41 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newqueeries.blogspot.com/
Redirect Chain

https://newqueeries.blogspot.de/
https://newqueeries.blogspot.com/

55 KB
12 KB

222ms
203ms

Document
text/html

142.251.40.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.193 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f1.1e100.net

Software

GSE /

Resource Hash

b94ebc66fe62a268222199379b4761200832bdfb9e4e189ac13482b903e4b48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 12575
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 03:30:44 GMT
etag: W/"daa3590718081feff71516c278f2b85b769c89442055231caa998a6f9ed0ef13"
expires: Sat, 30 Sep 2023 03:30:44 GMT
last-modified: Thu, 30 Mar 2023 16:24:06 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 180
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 03:30:44 GMT
expires: Sat, 30 Sep 2023 03:30:44 GMT
location: https://newqueeries.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 428ms
9ms Stylesheet
text/css 2607:f8b0:4006:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 22:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6620
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:52:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 28 Sep 2024 22:19:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 399 B
723 B 438ms
21ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a223914b609aaa3c2d68053df6070902531718c71746e5b6d646b89b13d7f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 03:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Sep 2023 02:16:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Sep 2023 03:30:45 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 429ms
22ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 03:30:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21949
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "22f179323a7dd95a"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 03:30:45 GMT

GET
H2

200

warn.php Show response
yllix.com/
Redirect Chain

https://yllix.com/banner.php?section=General&pub=423645&format=728x90&ga=g
https://yllix.com/warn.php?section=General&pub=423645&format=728x90&ga=g

52 B
144 B

125ms
95ms

Script
text/html

185.66.200.224
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://yllix.com/warn.php?section=General&pub=423645&format=728x90&ga=g

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Server

185.66.200.224 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.200.224.skhosting.eu

Software

nginx /

Resource Hash

22ed5e3f0acf749ce17d4e011866e16293477c4e313ee8dda15dc243b56226b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8

Redirect headers

location: https://yllix.com/warn.php?section=General&pub=423645&format=728x90&ga=g
date: Sat, 30 Sep 2023 03:30:46 GMT
server: nginx
content-length: 162
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2 200 tumblr_m3qo51Eo6o1qadku2o1_500.jpg
1.bp.blogspot.com/-E-2K4EGrbtk/UBbIs4o03uI/AAAAAAAAGaw/iEO-CnafgLQ/s1600/ 111 KB
111 KB 591ms
178ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-E-2K4EGrbtk/UBbIs4o03uI/AAAAAAAAGaw/iEO-CnafgLQ/s1600/tumblr_m3qo51Eo6o1qadku2o1_500.jpg

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5b9c469ec4a3a03089ed05757693b27fbfa2fb022f7d2a92b4062b4cf19d2ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ac"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_m3qo51Eo6o1qadku2o1_500.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113205
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:30:45 GMT

GET
H2 200 tumblr_m74s78JbEi1qj31w3o1_500.jpg
3.bp.blogspot.com/-EQXBeXPdoxI/UBbJHCHrkSI/AAAAAAAAGa4/A762TCFrAb8/s1600/ 171 KB
171 KB 654ms
253ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-EQXBeXPdoxI/UBbJHCHrkSI/AAAAAAAAGa4/A762TCFrAb8/s1600/tumblr_m74s78JbEi1qj31w3o1_500.jpg

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6c9f2dc5b0904e4877a656b43d8e82a03f7dd0df2ef9ebbf0bd092f04815a345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:45 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="tumblr_m74s78JbEi1qj31w3o1_500.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174667
x-xss-protection: 0
server: fife
etag: "v19ae"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Oct 2023 03:30:45 GMT

GET
H2 200 bnr.php Show response
ylx-1.com/ 429 B
683 B 1381ms
97ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ylx-1.com/bnr.php?section=General&pub=423645&format=300x250&ga=a
Requested by: Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 08f365af262bd227d703d3ff89934bc27dd5213c99ebc6f4b3ca7341d7030a59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 03:30:46 GMT
last-modified: Sat, 30 Sep 2023 03:30:46 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 30 Sep 2023 03:30:46 GMT

GET
H2 200 layer.php Show response
ylx-4.com/ 0
68 B 812ms
135ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ylx-4.com/layer.php?section=General&pub=423645&ga=a&show=1&fp
Requested by: Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

server: nginx
date: Sat, 30 Sep 2023 03:30:45 GMT
content-type: application/javascript

GET
H2 200 shotty.jpg
1.bp.blogspot.com/-CRZ9g_oiEpM/Tpp-kfZQy8I/AAAAAAAANTE/GYyXSL-ZU_w/s72-c/ 3 KB
3 KB 664ms
252ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-CRZ9g_oiEpM/Tpp-kfZQy8I/AAAAAAAANTE/GYyXSL-ZU_w/s72-c/shotty.jpg

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

192982a9e87aa65a703377e89623a108852719c719acdf8515c2bffb42080c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v3585"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shotty.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3392
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:30:45 GMT

GET
H2 200 Ruslan+1.jpg
4.bp.blogspot.com/-kTsULlSA7dk/ULukJ1inAXI/AAAAAAAAKCI/kKnhgonlElU/s72-c/ 2 KB
2 KB 657ms
245ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-kTsULlSA7dk/ULukJ1inAXI/AAAAAAAAKCI/kKnhgonlElU/s72-c/Ruslan+1.jpg

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cec008cb6ed689fe0a0016c6b73f58a57060b9f6c5c76c6291c1e41d8b797f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v3639"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ruslan 1.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:30:45 GMT

GET
H2 200 sailorman.jpg
1.bp.blogspot.com/-moGPJfCcgb0/Tp2phpTokbI/AAAAAAAANTk/CeC_scE5RPw/s72-c/ 4 KB
4 KB 662ms
251ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-moGPJfCcgb0/Tp2phpTokbI/AAAAAAAANTk/CeC_scE5RPw/s72-c/sailorman.jpg

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d6433c00623fbaa89a5b19e356c624abb90903b2162cd1e75c00a403a6585b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v3589"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sailorman.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3604
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:30:45 GMT

GET
H2 200 silhouet.jpg
2.bp.blogspot.com/-oi4ICZwlzxk/Tpkoy6rxSGI/AAAAAAAANSw/wUrWSaMYfL4/s72-c/ 2 KB
3 KB 654ms
244ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-oi4ICZwlzxk/Tpkoy6rxSGI/AAAAAAAANSw/wUrWSaMYfL4/s72-c/silhouet.jpg

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8da6b68ff7e17d0152e81412c92eff77573ab0ff998359abe4fcf401b2ec02bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v3583"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="silhouet.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2305
x-xss-protection: 0
expires: Sun, 01 Oct 2023 03:30:45 GMT

GET
H2 200 wl-http.js Show response
cdn-server.cc/p/ 12 KB
12 KB 708ms
119ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-server.cc/p/wl-http.js?pub=423645&ga=a
Requested by: Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 98f3645ff9dedc08978480c6891d97c5ac045ec595c5cfca2383942a91afecb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: application/javascript
pragma: cache
date: Sat, 30 Sep 2023 03:30:45 GMT
cache-control: max-age=3600
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sat, 30 Sep 2023 04:30:45 GMT

GET
H2 200 591462033-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
57 KB 424ms
11ms Script
text/javascript 2607:f8b0:4006:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/591462033-widgets.js

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8938e987d959c3738c63f512a238ab34c83a962166bab455877a68d091db3f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 22:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57938
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:54:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 28 Sep 2024 22:19:04 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 24ms
22ms Stylesheet
text/css 2607:f8b0:4006:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1036394491010973568&zx=36ad6a75-d1fa-41ac-b0a0-4888a958b0ad

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 30 Sep 2023 03:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Sep 2023 03:30:45 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/ 180 KB
60 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ed5573773da6701a325bf1c4ee50adbacab764a71e26efe12843e38bd7d438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60820
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 23:21:17 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
455 B 21ms
3ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 23:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 23:21:17 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 94ms
93ms Stylesheet
text/css 2607:f8b0:4006:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1036394491010973568&zx=36ad6a75-d1fa-41ac-b0a0-4888a958b0ad

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sat, 30 Sep 2023 03:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Sep 2023 03:30:45 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 9893 7 KB
3 KB 45ms
44ms Document
text/html 2607:f8b0:4006:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=1036394491010973568&blogName=New+Queeries&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://newqueeries.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://newqueeries.blogspot.com/&vt=-3607864438528654008&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0af96745c384d4a93f6b496699ac88f360a3a614ca3e10e5a8c73d876faa9d00

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newqueeries.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2566
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 03:30:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 9893 57 KB
21 KB 74ms
56ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1036394491010973568&blogName=New+Queeries&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://newqueeries.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=https://newqueeries.blogspot.com/&vt=-3607864438528654008&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.L92w_vMR5kE.O%2Fd%3D1%2Frs%3DAHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8f1efe1d0d52a96dff5f0e285975b33bc89f9093c51e50024fa4c1d3810041f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 03:30:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fb306044a1b24cfb"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 03:30:45 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/ Frame 9893 133 KB
44 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8183085f79cc939053929846561337bf0b9287aedece2d7eb154a87e572bab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45424
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 23:21:17 GMT

GET
H2 200 bnr_xload.php Show response
ylx-1.com/ Frame 1F3E 1 KB
2 KB 413ms
358ms Document
text/html 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ylx-1.com/bnr_xload.php?section=General&pub=423645&format=300x250&ga=a&xt=169604464687740&xtt=3384225
Requested by: Host: ylx-1.com
URL: https://ylx-1.com/bnr.php?section=General&pub=423645&format=300x250&ga=a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 8f28e99c3bc41d460703967cbc03e184735b2e88c1aa8dcc0faf7c83aa5a6d38

Request headers

Referer: https://newqueeries.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 03:30:46 GMT
expires: Sat, 30 Sep 2023 03:30:46 GMT
last-modified: Sat, 30 Sep 2023 03:30:46 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 summary Show response
newqueeries.blogspot.com/feeds/posts/ 17 KB
6 KB 182ms
128ms Script
text/javascript 142.251.40.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://newqueeries.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.193 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f1.1e100.net

Software

blogger-renderd /

Resource Hash

c8d0613a85d05a2362510341638ad2d302c444e30b71cf088c5f0456828f45fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Mar 2023 16:24:06 GMT
server: blogger-renderd
etag: W/"17dba2dcfe8ae5703bd687e50d2294f8ffde249b0a49568eaa76452faa158da3"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5525
x-xss-protection: 0
expires: Sat, 30 Sep 2023 03:30:47 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 85ms
0ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newqueeries.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 17:28:16 GMT
x-content-type-options: nosniff
age: 36150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 17:28:16 GMT

GET
H2 200 blank.gif
img1.blogblog.com/img/ 43 B
180 B 21ms
4ms Image
image/gif 2607:f8b0:4006:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/blank.gif

Requested by

Host: newqueeries.blogspot.com
URL: https://newqueeries.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newqueeries.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 15:57:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Sep 2023 01:56:23 GMT
server: sffe
age: 128007
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 05 Oct 2023 15:57:19 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ Frame E12D 156 KB
25 KB 92ms
65ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: cdn-server.cc
URL: https://cdn-server.cc/p/wl-http.js?pub=423645&ga=a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://newqueeries.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 845
cdn-cachedat: 12/15/2022 07:48:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: acfdba215b21aec91ac07a3f6466aeeb
timing-allow-origin: *
cdn-requestcountrycode: GR
cdn-status: 200
cf-ray: 80e963a07ab11927-EWR
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame E12D 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 show.php Show response
ylx-1.com/ Frame 7E80 2 KB
2 KB 112ms
111ms Document
text/html 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v
Requested by: Host: ylx-1.com
URL: https://ylx-1.com/bnr_xload.php?section=General&pub=423645&format=300x250&ga=a&xt=169604464687740&xtt=3384225
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: 3fb18b6599e6c9c8e8c3649fa25ed6164f20b6468d109c13a13e89776e4210d6

Request headers

Referer: https://ylx-1.com/bnr_xload.php?section=General&pub=423645&format=300x250&ga=a&xt=169604464687740&xtt=3384225
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Sat, 30 Sep 2023 03:30:46 GMT
expires: Sat, 30 Sep 2023 03:30:46 GMT
last-modified: Sat, 30 Sep 2023 03:30:46 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
qoca.site/fa8b9a43c6/60d0732a44/ Frame 7E80 1 KB
941 B 432ms
105ms Script
application/javascript 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/fa8b9a43c6/60d0732a44/?placementName=ROTATOR&type=a&cv=XZixCAGpZriidZCirddZrCxCANrjrNZipNripCrCZZZCCrixCrrGCrCrGCxCirxrrdGGiCCr_67007&adApiR=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&refferer=1197351659_aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c

Requested by

Host: ylx-1.com
URL: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

f2aad40a2e9753869add5cd1cec91847cb34cb76b2f98cb11976357774c85895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ylx-1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 03:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: application/javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_s9c2nm.png
ylx-i.advertica-cdn2.com/aff/ Frame 7E80 26 KB
26 KB 76ms
8ms Image
image/png 143.244.174.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
Requested by: Host: ylx-1.com
URL: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.244.174.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ylx-1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:46 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
server: nginx
etag: W/"583d6824-68a8"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: debian-s-2vcpu-4gb-amd-nyc1-01
expires: Mon, 30 Oct 2023 03:30:46 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 7E80 2 KB
2 KB 80ms
14ms Image
image/png 143.244.174.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: ylx-1.com
URL: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.244.174.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ylx-1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:46 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: debian-s-2vcpu-4gb-amd-nyc1-01
expires: Mon, 30 Oct 2023 03:30:46 GMT

GET
H2 200 /
ylx-1.com/trk/ Frame 7E80 43 B
268 B 111ms
109ms Image
image/gif 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-1.com/trk/?9a39cd220cf4edfbdbcef15c63624163
Requested by: Host: ylx-1.com
URL: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ylx-1.com/show.php?u69721696044646=true&ad=875164&f=300x250&a=316621&cri=0&s=YjlkMGIzMmRlOWU5NDUyODBkMzc4ZDZkZTdiMjUzOWU=&u=423645&si=574213362&di=13104041&ci=26&h=9a39cd220cf4edfbdbcef15c63624163&cc=US&https=1&useAf=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&ar=aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 03:30:46 GMT
last-modified: Sat, 30 Sep 2023 03:30:46 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
qoca.site/fa8b9a43c6/60d0732a44/ Frame 1EDE 28 KB
8 KB 115ms
114ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: qoca.site
URL: https://qoca.site/fa8b9a43c6/60d0732a44/?placementName=ROTATOR&type=a&cv=XZixCAGpZriidZCirddZrCxCANrjrNZipNripCrCZZZCCrixCrrGCrCrGCxCirxrrdGGiCCr_67007&adApiR=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&refferer=1197351659_aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

0e12e6a4d1b86eb0a865a390b489d8bf27c9f27dbb4a2747a55e742f93f1d20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ylx-1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 03:30:47 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 css
fonts.googleapis.com/ Frame 1EDE 3 KB
686 B 30ms
21ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7652ca9a93430677612ef65fdd612f3d974d9095c9485f52082bd4c16ef012f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 03:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Sep 2023 02:23:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Sep 2023 03:30:47 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ Frame 1EDE 141 KB
22 KB 22ms
13ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qoca.site/
Origin: https://qoca.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718
age: 3766556
cdn-cachedat: 08/17/2023 09:25:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"450fc463b8b1a349df717056fbb3e078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6168ec683dbb6d9d767ebbb5090ac53f
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 80e963a5ce711927-EWR
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 1EDE 94 KB
33 KB 29ms
5ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 14:17:46 GMT

GET
H2 200 /
qoca.site/fa8b9a43c6/60d0732a44/ Frame 1EDE 28 KB
28 KB 119ms
119ms Image
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qoca.site/fa8b9a43c6/60d0732a44/?placementName=ROTATOR&type=a&cv=XZixCAGpZriidZCirddZrCxCANrjrNZipNripCrCZZZCCrixCrrGCrCrGCxCirxrrdGGiCCr_67007&adApiR=loaded_string_66939c25a9b5a3d285e0ee6772fd801e855d9_2809194_1696044646.4622_17055&refferer=1197351659_aHR0cHM6Ly9uZXdxdWVlcmllcy5ibG9nc3BvdC5jb20v&width=300&height=250&yxDom=eWx4LTEuY29t_d2e782c6bee242762e705a45bd0be41c&randomA=1399648775155&realRef=bUZNbVNXdW9lWmh3dDcvUzBoMklpN1VuQTZQUUluRGZLYmtUZ2VUd3RWbz0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 03:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1EDE 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3f483291bf2966ac9eb43d437136bfbcd2d52d9ab5624ba4adfa39bc416186b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1EDE 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aa4ef7e673fe34c72af3deba383eb402974900a2003466831121b5aac3a9c4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1EDE 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d1494b382b68ee8f3e5390911ad163be8180c6fa34b97b3db32200ae3d3c59

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ Frame 1EDE 47 KB
47 KB 6ms
6ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qoca.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 02:50:05 GMT
x-content-type-options: nosniff
age: 2442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 02:50:05 GMT

GET
H2 200 05.jpg
cdn.qoca.site/adult/stepsis/ Frame 1EDE 29 KB
30 KB 311ms
5ms Image
image/jpeg 143.244.174.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/adult/stepsis/05.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.244.174.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d76fc8aa33e89df945d7395c24497e45e684e0f50009eccf7530f4279b25850f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 May 2020 06:50:10 GMT
server: nginx
etag: W/"5ec4d322-75e3"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: debian-s-2vcpu-4gb-amd-nyc1-01
expires: Mon, 30 Oct 2023 03:30:47 GMT

GET
H2 200 04.jpg
cdn.qoca.site/adult/stepsis/ Frame 1EDE 22 KB
22 KB 315ms
9ms Image
image/jpeg 143.244.174.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/adult/stepsis/04.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.244.174.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f15f8d98606ad85358b8ebc417804a1c9a7125697b5ffc01600bdf9ee027ab73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 May 2020 06:49:46 GMT
server: nginx
etag: W/"5ec4d30a-57e1"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: debian-s-2vcpu-4gb-amd-nyc1-01
expires: Mon, 30 Oct 2023 03:30:47 GMT

GET
H2 200 02.jpg
cdn.qoca.site/adult/stepsis/ Frame 1EDE 24 KB
24 KB 318ms
13ms Image
image/jpeg 143.244.174.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qoca.site/adult/stepsis/02.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.244.174.234 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

60066fb7f568ecb4e56c13b718c4c382bf888ff90caa8ba85ecb80ef431450af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qoca.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 03:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Wed, 20 May 2020 06:49:05 GMT
server: nginx
etag: W/"5ec4d2e1-6017"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: debian-s-2vcpu-4gb-amd-nyc1-01
expires: Mon, 30 Oct 2023 03:30:47 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qoca.site/fa8b9a43c6/60d0732a44	1970-01-20 15:07:26	Name: total_impressions Value: 1
.google.com/	1970-01-20 19:30:55	Name: NID Value: 511=NNB9Yc-TrFKnKexIooXAl9coefvx0ctWzEw_kaNOowAXz8ENfZpic0XPd1zAhT9LcMMMUehAsXJlmyiHJxGKFA89Q7CqbdmEVEj0JcjNtMSKwA2iQONIgFbevvkK6MMUdPrCjakJscVqOQgTML5IUr2TJVYDFlA4vfFt-K62AO8
.cdn-server.cc/	1970-01-20 15:51:12	Name: yxpi Value: d41d8cd98f00b204e9800998ecf8427e
.ylx-1.com/	1970-01-20 15:07:26	Name: used_ad2809194 Value: 1
.ylx-1.com/	1970-01-20 15:07:26	Name: total_impressions Value: 1
.ylx-1.com/	1970-01-20 15:50:36	Name: cpa_875164 Value: 300x250_574213362_0
qoca.site/	1970-01-20 15:07:26	Name: used_ad2809194 Value: 2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://newqueeries.blogspot.com/ Message: Mixed Content: The page at 'https://newqueeries.blogspot.com/' was loaded over HTTPS, but requested an insecure element 'http://img1.blogblog.com/img/blank.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://newqueeries.blogspot.com/(Line 1325) Message: Mixed Content: The page at 'https://newqueeries.blogspot.com/' was loaded over HTTPS, but requested an insecure frame 'http://www.agoda.com/?cid=1647922'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
apis.google.com
cdn-server.cc
cdn.qoca.site
fonts.googleapis.com
fonts.gstatic.com
img1.blogblog.com
maxcdn.bootstrapcdn.com
newqueeries.blogspot.com
newqueeries.blogspot.de
pagead2.googlesyndication.com
qoca.site
stackpath.bootstrapcdn.com
www.blogger.com
yllix.com
ylx-1.com
ylx-4.com
ylx-i.advertica-cdn2.com
142.251.40.193
143.244.174.234
185.66.200.221
185.66.200.224
185.66.201.43
2606:4700::6812:bcf
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::200a
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2009
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::200e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
08280e7af6518c3230f34d50cb9534b35c82fddd96138896e2608d9a12661bbe
08f365af262bd227d703d3ff89934bc27dd5213c99ebc6f4b3ca7341d7030a59
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
0af96745c384d4a93f6b496699ac88f360a3a614ca3e10e5a8c73d876faa9d00
0e12e6a4d1b86eb0a865a390b489d8bf27c9f27dbb4a2747a55e742f93f1d20c
192982a9e87aa65a703377e89623a108852719c719acdf8515c2bffb42080c3a
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
22ed5e3f0acf749ce17d4e011866e16293477c4e313ee8dda15dc243b56226b2
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
34ed5573773da6701a325bf1c4ee50adbacab764a71e26efe12843e38bd7d438
3fb18b6599e6c9c8e8c3649fa25ed6164f20b6468d109c13a13e89776e4210d6
516c1cd728e7fbf78593b5cee126e73b10ba08f946c8a2c6c12a1c880f8d2dfb
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b9c469ec4a3a03089ed05757693b27fbfa2fb022f7d2a92b4062b4cf19d2ed7
60066fb7f568ecb4e56c13b718c4c382bf888ff90caa8ba85ecb80ef431450af
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6c9f2dc5b0904e4877a656b43d8e82a03f7dd0df2ef9ebbf0bd092f04815a345
7652ca9a93430677612ef65fdd612f3d974d9095c9485f52082bd4c16ef012f4
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
8938e987d959c3738c63f512a238ab34c83a962166bab455877a68d091db3f0f
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8da6b68ff7e17d0152e81412c92eff77573ab0ff998359abe4fcf401b2ec02bb
8f28e99c3bc41d460703967cbc03e184735b2e88c1aa8dcc0faf7c83aa5a6d38
98f3645ff9dedc08978480c6891d97c5ac045ec595c5cfca2383942a91afecb9
9aa4ef7e673fe34c72af3deba383eb402974900a2003466831121b5aac3a9c4a
a223914b609aaa3c2d68053df6070902531718c71746e5b6d646b89b13d7f6ed
a8183085f79cc939053929846561337bf0b9287aedece2d7eb154a87e572bab1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b94ebc66fe62a268222199379b4761200832bdfb9e4e189ac13482b903e4b48f
c8d0613a85d05a2362510341638ad2d302c444e30b71cf088c5f0456828f45fe
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cec008cb6ed689fe0a0016c6b73f58a57060b9f6c5c76c6291c1e41d8b797f63
d6433c00623fbaa89a5b19e356c624abb90903b2162cd1e75c00a403a6585b9d
d76fc8aa33e89df945d7395c24497e45e684e0f50009eccf7530f4279b25850f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0d1494b382b68ee8f3e5390911ad163be8180c6fa34b97b3db32200ae3d3c59
f15f8d98606ad85358b8ebc417804a1c9a7125697b5ffc01600bdf9ee027ab73
f2aad40a2e9753869add5cd1cec91847cb34cb76b2f98cb11976357774c85895
f3f483291bf2966ac9eb43d437136bfbcd2d52d9ab5624ba4adfa39bc416186b
f8f1efe1d0d52a96dff5f0e285975b33bc89f9093c51e50024fa4c1d3810041f

newqueeries.blogspot.com Open in urlscan Pro 142.251.40.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

62 %IPv6

15 Domains

22 Subdomains

14 IPs

2 Countries

833 kBTransfer

1635 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newqueeries.blogspot.com Open in urlscan Pro
142.251.40.193 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

62 %
IPv6

15
Domains

22
Subdomains

14
IPs

2
Countries

833 kB
Transfer

1635 kB
Size

7
Cookies

41 HTTP transactions
4 data transactions