t.co Open in urlscan Pro
104.244.42.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://t.co/mm03i7OoDW
Submission Tags: demotag1 demotag2 Search All
Submission: On November 07 via api (November 7th 2020, 9:07:44 am UTC) from US

Summary HTTP 58 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 22 domains to perform 58 HTTP transactions. The main IP is 104.244.42.133, located in United States and belongs to TWITTER, US. The main domain is t.co.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on March 5th 2020. Valid for: a year.

This is the only time t.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2 6	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
10 20	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
58	21

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.170.39.103 (New York, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tencentspervisitorthoughblog.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 173.192.101.24 (Dallas, United States) 10 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p153768.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	infopicked.com infopicked.com
10	clksite.com 10 redirects p153768.clksite.com	1 KB
7	blogger.com www.blogger.com	66 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
6	google.com apis.google.com adservice.google.com	98 KB
6	traffdaq.com 2 redirects traffdaq.com	6 KB
4	blogblog.com resources.blogblog.com	2 KB
3	doubleclick.net googleads.g.doubleclick.net
3	googleusercontent.com lh3.googleusercontent.com lh4.googleusercontent.com themes.googleusercontent.com	35 KB
2	blogspot.com tencentspervisitorthoughblog.blogspot.com	23 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	t.co t.co	556 B
1	gstatic.com www.gstatic.com	19 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	832 B
1	googleadservices.com partner.googleadservices.com	632 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
0	controlc.com Failed controlc.com Failed
0	revdepo.com Failed cdn1.revdepo.com Failed
58	22

	Domain	Requested by
10	infopicked.com	tencentspervisitorthoughblog.blogspot.com
10	p153768.clksite.com	10 redirects
7	www.blogger.com	tencentspervisitorthoughblog.blogspot.com www.blogger.com apis.google.com
6	traffdaq.com	2 redirects speedflow.io traffdaq.com
5	apis.google.com	tencentspervisitorthoughblog.blogspot.com apis.google.com
4	pagead2.googlesyndication.com	tencentspervisitorthoughblog.blogspot.com pagead2.googlesyndication.com
4	resources.blogblog.com	tencentspervisitorthoughblog.blogspot.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	tencentspervisitorthoughblog.blogspot.com	traffdaq.com tencentspervisitorthoughblog.blogspot.com
1	t.co
1	www.gstatic.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	themes.googleusercontent.com	tencentspervisitorthoughblog.blogspot.com
1	lh4.googleusercontent.com	tencentspervisitorthoughblog.blogspot.com
1	lh3.googleusercontent.com	tencentspervisitorthoughblog.blogspot.com
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
1	speedflow.io
0	controlc.com Failed	t.co
0	cdn1.revdepo.com Failed	tencentspervisitorthoughblog.blogspot.com
58	27

This site contains links to these domains. Also see Links.

Domain
www.maxvisits.com
www.blogger.com
maps.google.com
www.ajiboye.com
www.entireweb.com

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.infopicked.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 8 frames:

Frame: https://controlc.com/c19e4266
Frame ID: 6F84EAD99C73F26CCEB1B453DB8D7ED1
Requests: 51 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604740028884&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: FCDD4BD2EA40DBF220E016DAF5452D24
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 5DE6E2761062FD0F9A79B3D1473A45A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: 10335A836F043F0A37A67232A2409938
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1080951626448944691&blogName=Proven+Seo+Trick+4+1500$+A+Month+Free...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tencentspervisitorthoughblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tencentspervisitorthoughblog.blogspot.com/&vt=-4944007469417932589&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: 85515C81C233AD3FA084327910A76E91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&h=600&slotname=6026245082&adk=102773910&adf=4233503496&pi=t.ma~as.6026245082&w=275&fwrn=4&fwrnh=100&lmt=1591487910&rafmt=1&psa=0&format=275x600&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740033741&bpp=10&bdt=172&idt=70&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5506943619728&frm=20&pv=2&ga_vid=1291743395.1604740034&ga_sid=1604740034&ga_hid=23825995&ga_fc=0&iag=0&icsg=133768&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068433&oid=3&pvsid=4486186474418976&pem=401&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZmAc7iV1Pj&p=https%3A//tencentspervisitorthoughblog.blogspot.com&dtd=90
Frame ID: 3B4080A184737588DAFED3052C814D60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&adk=1812271804&adf=3025194257&lmt=1591487910&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740035614&bpp=1&bdt=2045&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=275x600&nras=1&correlator=5506943619728&pv_h_ch=L0001&frm=20&pv=1&ga_vid=1291743395.1604740034&ga_sid=1604740034&ga_hid=23825995&ga_fc=0&iag=0&icsg=584822292492&dssz=30&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068433&oid=3&pvsid=4486186474418976&pem=401&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=6
Frame ID: 18D90D074A76E0CADC6ABD2C35B399C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 9FC6E6CB60441D98B3FBE13A0DB15531
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=trans_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=trans_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsI... Page URL
https://tencentspervisitorthoughblog.blogspot.com/ Page URL
https://t.co/mm03i7OoDW Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

58
Requests

91 %
HTTPS

60 %
IPv6

22
Domains

27
Subdomains

21
IPs

4
Countries

435 kB
Transfer

1132 kB
Size

0
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.maxvisits.com/
Title: https://www.maxvisits.com/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/13093787245521121671
Title: fads

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=1080951626448944691&postID=5173401178011577148&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=5173401178011577148&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=5173401178011577148&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=5173401178011577148&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=5173401178011577148&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=5173401178011577148&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?q=United+States@37.09024,-95.71289100000001&z=10
Title: United States

Search URL Search Domain Scan URL

URL: https://www.ajiboye.com/join/simplebusiness2016
Title: CLICK HERE TO SIGNUP FREE

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=1080951626448944691&postID=2016889087248690833&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=2016889087248690833&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=2016889087248690833&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=2016889087248690833&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=2016889087248690833&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=1080951626448944691&postID=2016889087248690833&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=AdSense&widgetId=AdSense1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: http://www.entireweb.com/free_submission/#a=onlinefreeincome&b=814c5a66

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML7&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML5&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML4&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML3&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML2&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=Profile&widgetId=Profile1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=BlogArchive&widgetId=BlogArchive1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=HTML&widgetId=HTML6&action=editWidget&sectionId=footer-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=1080951626448944691&widgetType=Attribution&widgetId=Attribution1&action=editWidget&sectionId=footer-3
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=trans_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=trans_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://tencentspervisitorthoughblog.blogspot.com/ Page URL
https://t.co/mm03i7OoDW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://traffdaq.com/delivery/pu/71463?category=trans_dating HTTP 301
https://traffdaq.com/delivery/pu/71463?category=trans_dating

Request Chain 5

http://traffdaq.com/delivery/dl/47382?category=trans_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=trans_dating

Request Chain 19

https://p153768.clksite.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center

Request Chain 20

https://p153768.clksite.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center

Request Chain 21

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

Request Chain 22

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

Request Chain 24

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_0

Request Chain 25

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

Request Chain 43

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

Request Chain 44

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

Request Chain 46

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_0

Request Chain 48

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

Request Chain 56

http://pasted.co/c19e4266 HTTP 301
http://controlc.com/c19e4266 HTTP 301
https://controlc.com/c19e4266

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 327ms
314ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 2380beed9be55af422e73e5b0923125e1c1f00bee2865f4bf6cafe7247407654

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 07 Nov 2020 09:07:08 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=49912; path=/ time_start=1604740028.7737; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=49912; path=/ ip=185.212.171.67 mobile=0 country=++ visits_todayi=0; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=49912; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 570
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 21ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 09:07:08 GMT
Content-Encoding: gzip
X-HW: 1604740028.dop235.fr8.shc,1604740028.dop235.fr8.t,1604740028.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1

200
OK

71463 Show response
traffdaq.com/delivery/pu/
Redirect Chain

http://traffdaq.com/delivery/pu/71463?category=trans_dating
https://traffdaq.com/delivery/pu/71463?category=trans_dating

5 KB
2 KB

313ms
120ms

Script
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/pu/71463?category=trans_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 3b680edf36693ede286b991c6324eb046951429f008a4a010406ece15d49de92

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 09:07:09 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://traffdaq.com/delivery/pu/71463?category=trans_dating
Connection: close
Content-length: 0

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame FCDD 0
0 39ms
22ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604740028884&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 07 Nov 2020 09:07:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225fa663bce1f3d8.72662551161313885%22%3B%7D; expires=Mon, 07 Nov 2022 09:07:08 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame 5DE6 0
0 332ms
317ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 09:07:09 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=02600a956c1dd35aff4931fc0d507250; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1252
content-type: text/html

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=trans_dating
https://traffdaq.com/delivery/dl/47382?category=trans_dating

3 KB
2 KB

386ms
209ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: e0159646be67bad81dabfe9eb3457f73d069b444355c84c1ef31218b60dce005

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 09:07:09 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Connection: close

GET
H/1.1 200
OK eyJpdiI6IlBneFQ4Y0tFeEgwVGs5ZkpnU3BsSkE9PSIsInZhbHVlIjoid3A4eXdtT2M0dGxRZmU2Y09oNEdhWEZvNDh4VnlTMlViclpab0JMaERoSThyeXJ6RjBWR1ltNGd0SDcrVnM5NE93b0J6ZmpYOTZyM2ZMazhxRkdjalE9PSIsIm1hYyI6IjkzZWU1OWVmN...
traffdaq.com/users/track/ 0
862 B 429ms
234ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6IlBneFQ4Y0tFeEgwVGs5ZkpnU3BsSkE9PSIsInZhbHVlIjoid3A4eXdtT2M0dGxRZmU2Y09oNEdhWEZvNDh4VnlTMlViclpab0JMaERoSThyeXJ6RjBWR1ltNGd0SDcrVnM5NE93b0J6ZmpYOTZyM2ZMazhxRkdjalE9PSIsIm1hYyI6IjkzZWU1OWVmNjJlNzcyZWRhOTIyMmUzMTBmNGI0YmNjYTVkMjhiNzZlNjBkNGU3ZjQzMDUxMjZiYzBmNzVmOTcifQ%3D%3D
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 09:07:10 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 82ms
30ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa663bdb8152&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 09:07:10 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 22ms
22ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 824018
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4032-HHN
date: Sat, 07 Nov 2020 09:07:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2491ms
2315ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1; laravel_session=eyJpdiI6IjRqSitCcStwcGNEMFFlRTJlQUJacmc9PSIsInZhbHVlIjoiUlpVbWlhd2FiQ2VmVFV4TU52TUwxdDlWSTJjNFhHWUtxdm14bHNrS2dIRUY1NmE4dmtSWGZmdEEyMXdGeWI2R2JRZHpcL1wveHUxXC9wQnE5RTlrK3M4SkE9PSIsIm1hYyI6IjhlMTI2OWMyMjMxODg2NjQwNjEwNTFhNjU4ZTQ2Y2EzYzc2YjEzMjExNzgxNzI3NjdhMWVkZDhjMDE5YTlmYjgifQ%3D%3D; referrer=eyJpdiI6IkxNRUxKRktrdGJ2WDdVU0dYWVZDbUE9PSIsInZhbHVlIjoiSVhvRmFEQ1hlbTNtbkNDenpqVEprOUxYaGZWYmRwSGhRQk9ibTd5N2RGbHNrXC9RdGZZbWRiZ051OHdDa01xWUoiLCJtYWMiOiI4NjE4NTA4YjNmMjM5MjA5OGU1ODg4NmNjODQ0ZjZmZjM1MDkzYWM1MGVkMjdjMTgxOTliZDgzYjhiNGZlOGQzIn0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=trans_dating

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 09:07:13 GMT
Content-Encoding: gzip

GET
H2 200 / Show response
tencentspervisitorthoughblog.blogspot.com/ 81 KB
21 KB 386ms
350ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tencentspervisitorthoughblog.blogspot.com/

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a9140caa57f260569132f677842104039f49877d2ba58dd86755a37408803166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tencentspervisitorthoughblog.blogspot.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Sat, 07 Nov 2020 09:07:13 GMT
date: Sat, 07 Nov 2020 09:07:13 GMT
cache-control: private, max-age=0
last-modified: Sat, 06 Jun 2020 23:58:30 GMT
etag: W/"26a889b4c20e69ae9c36bbd78c138d8ddd25156f435e1913a3f5f200aae66c75"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20551
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 15:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 20:13:23 GMT
server: sffe
age: 149081
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7982
x-xss-protection: 0
expires: Fri, 05 Nov 2021 15:42:32 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 55ms
35ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XPw7kUk4PNNgN5fW/+AQ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3e801f1b1d67e6ea720d7c6a799ff679"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-XPw7kUk4PNNgN5fW/+AQ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
646 B 145ms
131ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1080951626448944691&zx=ed6c97de-18f1-4912-a50d-f49f2374248e

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Nov 2020 09:07:13 GMT
server: GSE
date: Sat, 07 Nov 2020 09:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
312 B 7ms
5ms Image
image/gif 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:38:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Nov 2020 21:08:12 GMT
server: sffe
age: 408552
content-type: image/gif
status: 200
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Mon, 09 Nov 2020 15:38:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45426
x-xss-protection: 0
server: cafe
etag: 10562869928832476540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
594 B 8ms
6ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 19:16:31 GMT
server: sffe
age: 234976
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 11 Nov 2020 15:50:57 GMT

GET
H2 200 LxaAxjRABS3LMcBS067ifyTAaQ42ewBTz6Yz3K3E1PEbi4Ymuyoq04yS15BWIEHt_Fnv3MzXO1pTwxxZbFNiqPqX2ana_LPwo554W9RtYMUuwwA6o2w3Lw=s0-d
lh3.googleusercontent.com/proxy/ 35 KB
35 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/LxaAxjRABS3LMcBS067ifyTAaQ42ewBTz6Yz3K3E1PEbi4Ymuyoq04yS15BWIEHt_Fnv3MzXO1pTwxxZbFNiqPqX2ana_LPwo554W9RtYMUuwwA6o2w3Lw=s0-d

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f7b204ae3c888823e2ba49f9b37b22246782c3fe9f51d964a37921fb14850f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35859
x-xss-protection: 0
expires: Sun, 08 Nov 2020 09:07:13 GMT

GET
H2 200 gVP_o4P3jn0kC2GekwHUbgqOA7rWdXcM10DsVDQ7sSpXD93fsFJChIRb2THcee-kmeV9TzIZDzXZU5-ZkLbc4ySpOsDFU_WBAdZEa649Uktd2XDJ_NKCTyzDvs33ALA=s0-d
lh4.googleusercontent.com/proxy/ 43 B
273 B 884ms
881ms Image
image/gif 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/gVP_o4P3jn0kC2GekwHUbgqOA7rWdXcM10DsVDQ7sSpXD93fsFJChIRb2THcee-kmeV9TzIZDzXZU5-ZkLbc4ySpOsDFU_WBAdZEa649Uktd2XDJ_NKCTyzDvs33ALA=s0-d

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: attachment;filename="unnamed.gif"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center

0
0

422ms
141ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:13 GMT
server: nginx
content-length: 178
location: https://infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center

0
0

420ms
143ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:13 GMT
server: nginx
content-length: 178
location: https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

0
0

420ms
142ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:13 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

0
0

419ms
142ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:13 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
content-type: text/html

GET
H3-Q050 200 birds-2toned-bg.png
resources.blogblog.com/blogblog/data/1kt/ethereal/ 486 B
820 B 17ms
15ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/ethereal/birds-2toned-bg.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06eb13218426e0e280cdd790ee55945334498186483cff716e090ed2b840a4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 18:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 09:13:29 GMT
server: sffe
age: 397904
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 486
x-xss-protection: 0
expires: Mon, 09 Nov 2020 18:35:29 GMT

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0
https://infopicked.com/adServe/banners?tid=153768_514894_0

0
0

420ms
143ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_0
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:13 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_0
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

0
0

420ms
143ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:13 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
content-type: text/html

GET
H3-Q050 200 cookienotice.js Show response
tencentspervisitorthoughblog.blogspot.com/js/ 6 KB
2 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tencentspervisitorthoughblog.blogspot.com/js/cookienotice.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2020 08:21:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
expires: Sat, 14 Nov 2020 09:07:13 GMT

GET
H3-Q050 200 3613744382-widgets.js Show response
www.blogger.com/static/v1/widgets/ 141 KB
51 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3613744382-widgets.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f926684fd770877ff27f536756a94061022d54e214aad1547e94ecd6e1651f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 04:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 04:19:16 GMT
server: sffe
age: 274104
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52520
x-xss-protection: 0
expires: Thu, 04 Nov 2021 04:58:49 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 138 KB
49 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384731
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49481
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:02 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 54 KB
17 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67be4fed19676d44bde7ccb93cfb018abde00ea85c57bcf71de9681ef0762832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384716
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17813
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:17 GMT

GET
H3-Q050 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
840 B 34ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 23:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 23:12:47 GMT

GET
H3-Q050 403 image
themes.googleusercontent.com/ 0
0 228ms
213ms Image
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 bird-2toned-blue-fade.png
resources.blogblog.com/blogblog/data/1kt/ethereal/ 135 B
235 B 6ms
6ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/ethereal/bird-2toned-blue-fade.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f97c4d5d5252e3495e1c998a66396d69ff1dc40e77e857bddb5106abcea6251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:08:27 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2020 00:13:24 GMT
server: sffe
age: 14326
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
expires: Sat, 14 Nov 2020 05:08:27 GMT

GET
H3-Q050 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 6ms
6ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 06:18:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 17:22:06 GMT
server: sffe
age: 96545
content-type: image/png
status: 200
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
expires: Fri, 13 Nov 2020 06:18:08 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
86 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame 1033 0
0 24ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Nov 2020 18:17:45 GMT
expires: Fri, 20 Nov 2020 18:17:45 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 53368
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 navbar.g
www.blogger.com/ Frame 8551 0
0 483ms
482ms Document
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=1080951626448944691&blogName=Proven+Seo+Trick+4+1500$+A+Month+Free...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tencentspervisitorthoughblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tencentspervisitorthoughblog.blogspot.com/&vt=-4944007469417932589&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=1080951626448944691&blogName=Proven+Seo+Trick+4+1500$+A+Month+Free...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tencentspervisitorthoughblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tencentspervisitorthoughblog.blogspot.com/&vt=-4944007469417932589&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 07 Nov 2020 09:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2670
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
69 B 619ms
619ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1080951626448944691&zx=ed6c97de-18f1-4912-a50d-f49f2374248e

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Nov 2020 09:07:14 GMT
server: GSE
date: Sat, 07 Nov 2020 09:07:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
632 B 81ms
30ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tencentspervisitorthoughblog.blogspot.com&callback=_gfp_s_&client=ca-pub-5084329235057490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

1b54bad3a6cc90d0cd0396315b1e209e242a8932fb9000f18d0418627264a856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 35ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tencentspervisitorthoughblog.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 37ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tencentspervisitorthoughblog.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3B40 0
0 30ms
30ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&h=600&slotname=6026245082&adk=102773910&adf=4233503496&pi=t.ma~as.6026245082&w=275&fwrn=4&fwrnh=100&lmt=1591487910&rafmt=1&psa=0&format=275x600&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740033741&bpp=10&bdt=172&idt=70&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5506943619728&frm=20&pv=2&ga_vid=1291743395.1604740034&ga_sid=1604740034&ga_hid=23825995&ga_fc=0&iag=0&icsg=133768&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068433&oid=3&pvsid=4486186474418976&pem=401&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZmAc7iV1Pj&p=https%3A//tencentspervisitorthoughblog.blogspot.com&dtd=90

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&h=600&slotname=6026245082&adk=102773910&adf=4233503496&pi=t.ma~as.6026245082&w=275&fwrn=4&fwrnh=100&lmt=1591487910&rafmt=1&psa=0&format=275x600&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740033741&bpp=10&bdt=172&idt=70&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5506943619728&frm=20&pv=2&ga_vid=1291743395.1604740034&ga_sid=1604740034&ga_hid=23825995&ga_fc=0&iag=0&icsg=133768&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068433&oid=3&pvsid=4486186474418976&pem=401&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ZmAc7iV1Pj&p=https%3A//tencentspervisitorthoughblog.blogspot.com&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 07 Nov 2020 09:07:13 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Nov-2020 09:22:13 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 07 Nov 2020 09:07:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604665402527796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27920
x-xss-protection: 0
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

0
0

143ms
142ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

0
0

142ms
142ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 178
location: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
content-type: text/html

GET advertisement.js
cdn1.revdepo.com/static/ 0
0

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0
https://infopicked.com/adServe/banners?tid=153768_514894_0

0
0

143ms
142ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_0
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:15 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_0
content-type: text/html

GET
H3-Q050 200 logo-16.png
www.blogger.com/img/ 279 B
380 B 7ms
6ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 22:18:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 10:13:58 GMT
server: sffe
age: 298127
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Tue, 10 Nov 2020 22:18:28 GMT

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

0
0

141ms
141ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:15 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
content-type: text/html

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 24 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aebdc4bccca9950a2c12e2e3106cbcf3a98853a9f3943f4ff4192d0e21b9f4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384718
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8485
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:17 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 18D9 0
0 17ms
16ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&adk=1812271804&adf=3025194257&lmt=1591487910&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740035614&bpp=1&bdt=2045&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=275x600&nras=1&correlator=5506943619728&pv_h_ch=L0001&frm=20&pv=1&ga_vid=1291743395.1604740034&ga_sid=1604740034&ga_hid=23825995&ga_fc=0&iag=0&icsg=584822292492&dssz=30&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068433&oid=3&pvsid=4486186474418976&pem=401&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&adk=1812271804&adf=3025194257&lmt=1591487910&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740035614&bpp=1&bdt=2045&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=275x600&nras=1&correlator=5506943619728&pv_h_ch=L0001&frm=20&pv=1&ga_vid=1291743395.1604740034&ga_sid=1604740034&ga_hid=23825995&ga_fc=0&iag=0&icsg=584822292492&dssz=30&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068433&oid=3&pvsid=4486186474418976&pem=401&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6InlEaUNaVXNweHEwMzZnek5icnMzVXc9PSIsInZhbHVlIjoiU1lrTkN0SW1YN25UNWIycmwwRWdYM3B2YXhvRkh6OFdmXC83bGNsQzlJVENkY3ZNYTVKT05Za2ZXMXF6S2V2OVVENUhMbEpubkxRVEQ2RlZ0Yis4dmJVd2FCajlNTFEzWWwrNmRPcW1RTERcL29iZTZOZ1BUcGdJTWNTZEFGaWtzRnhsdFdWSFwvRWo0Wlp0TTl0Mzh2UitlbTN4SWVEQ2JQM2ZPRjZ4VVwvUHg4ZE1VNUhWT0NCT1hRbGxQZHhWdGhwWGR4NFdoRllMMGRwZ0hCeVZSWlI4enN1Mk0zbE4zcE14eGtWQWVGWFpqaXIra3hnTWExTG5GRTdxalJ3ZnNyRWxEQ0RcL0puYmhsWWxYeXV1RlpGVEFuOCt1NGVlUW5acStORWp3YlRcL0crNm1kcEtSbXFqMHhOMWphOEVqa3pSTXIiLCJtYWMiOiJkNDJkN2Q3MDkyNDBkZGY2MzBiNjM4NDkzOWIyODE3NWEyNzgwZjkwNDExNzVhZGUzZDI5MjNiODMxMmE4ZjAzIn0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 07 Nov 2020 09:07:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Nov-2020 09:22:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 07 Nov 2020 09:07:15 GMT
cache-control: private

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 49 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b48095d7d107ef9816c9f4338c8561cc2c35d3154efbd67221a229b88a1b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 08:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Sep 2020 23:45:01 GMT
server: sffe
age: 2447
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18809
x-xss-protection: 0
expires: Sat, 07 Nov 2020 09:16:28 GMT

GET
H3-Q050 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOP... 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f3f6dfbc59435d256eac5dba9ceb51f5393e7d022f1ce955c5bc8645537f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384705
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3122
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:30 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
19ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6526
x-xss-protection: 0

GET
H2 200 Primary Request mm03i7OoDW
t.co/ 269 B
556 B 182ms
140ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/mm03i7OoDW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /mm03i7OoDW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 194
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sat, 07 Nov 2020 09:07:39 GMT
expires: Sat, 07 Nov 2020 09:12:39 GMT
referrer-policy: unsafe-url
server: tsa_o
set-cookie: muc=cf92dd2e-8ead-4287-9bd6-28e4e9f3cba1; Max-Age=63072000; Expires=Mon, 07 Nov 2022 09:07:39 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: aea925d522c1cccefcd6e2841c72d6d2
x-response-time: 119
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 58ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 07 Nov 2020 09:07:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 9FC6 0
0 34ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 07 Nov 2020 08:03:02 GMT
expires: Sun, 07 Nov 2021 08:03:02 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3877
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET

c19e4266
controlc.com/
Redirect Chain

http://pasted.co/c19e4266
http://controlc.com/c19e4266
https://controlc.com/c19e4266

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn1.revdepo.com
URL: https://cdn1.revdepo.com/static/advertisement.js

Domain: controlc.com
URL: https://controlc.com/c19e4266

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tencentspervisitorthoughblog.blogspot.com/(Line 1036) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
adservice.google.com
adservice.google.de
apis.google.com
c.securepaths.com
cdn.jsdelivr.net
cdn1.revdepo.com
controlc.com
googleads.g.doubleclick.net
infopicked.com
lh3.googleusercontent.com
lh4.googleusercontent.com
manyhit.com
p153768.clksite.com
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
speedflow.io
syndication.realsrv.com
t.co
tencentspervisitorthoughblog.blogspot.com
themes.googleusercontent.com
tpc.googlesyndication.com
traffdaq.com
www.blogger.com
www.googletagservices.com
www.gstatic.com
cdn1.revdepo.com
controlc.com
104.244.42.133
107.170.39.103
162.213.255.36
173.192.101.24
198.54.116.135
2001:4de0:ac19::1:b:2a
216.58.212.130
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:802::2009
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81f::2009
2a00:1450:4001:821::2001
2a04:4e42:1b::621
35.190.72.161
95.211.229.247
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06eb13218426e0e280cdd790ee55945334498186483cff716e090ed2b840a4e1
1b54bad3a6cc90d0cd0396315b1e209e242a8932fb9000f18d0418627264a856
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
2380beed9be55af422e73e5b0923125e1c1f00bee2865f4bf6cafe7247407654
33f3f6dfbc59435d256eac5dba9ceb51f5393e7d022f1ce955c5bc8645537f08
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3b680edf36693ede286b991c6324eb046951429f008a4a010406ece15d49de92
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
4f7b204ae3c888823e2ba49f9b37b22246782c3fe9f51d964a37921fb14850f5
4f97c4d5d5252e3495e1c998a66396d69ff1dc40e77e857bddb5106abcea6251
67be4fed19676d44bde7ccb93cfb018abde00ea85c57bcf71de9681ef0762832
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
a9140caa57f260569132f677842104039f49877d2ba58dd86755a37408803166
aebdc4bccca9950a2c12e2e3106cbcf3a98853a9f3943f4ff4192d0e21b9f4c5
b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
e0159646be67bad81dabfe9eb3457f73d069b444355c84c1ef31218b60dce005
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b48095d7d107ef9816c9f4338c8561cc2c35d3154efbd67221a229b88a1b7d
e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910
f926684fd770877ff27f536756a94061022d54e214aad1547e94ecd6e1651f00

t.co Open in urlscan Pro 104.244.42.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

91 %HTTPS

60 %IPv6

22 Domains

27 Subdomains

21 IPs

4 Countries

435 kBTransfer

1132 kBSize

0 Cookies

30 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

t.co Open in urlscan Pro
104.244.42.133 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

91 %
HTTPS

60 %
IPv6

22
Domains

27
Subdomains

21
IPs

4
Countries

435 kB
Transfer

1132 kB
Size

0
Cookies

58 HTTP transactions
0 data transactions