dailylenglui.blogspot.com Open in urlscan Pro
2a00:1450:4001:829::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dailylenglui.blogspot.com/
Submission: On March 22 via manual (March 22nd 2021, 6:55:28 am UTC) from US

Summary HTTP 218 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 8 countries across 56 domains to perform 218 HTTP transactions. The main IP is 2a00:1450:4001:829::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is dailylenglui.blogspot.com.

This is the only time dailylenglui.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:82a::2009	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:4200:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:c200:16:876:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
12	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 11	192.0.123.247 192.0.123.247	2635 (AUTOMATTIC) (AUTOMATTIC)
20	2a00:1450:400... 2a00:1450:400d:809::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	192.0.77.36 192.0.77.36	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:829::2009	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	184.25.114.184 184.25.114.184	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.22.2.144 104.22.2.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9	2600:9000:218... 2600:9000:2182:9c00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:8600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.58.221.124 52.58.221.124	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
8	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	192.0.123.248 192.0.123.248	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2606:4700:303... 2606:4700:3034::ac43:de75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15 19	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.99.8.27 192.99.8.27	16276 (OVH) (OVH)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
14	172.67.39.17 172.67.39.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:2385	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:303... 2606:4700:3033::6815:5362	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1 1	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.185 208.100.17.185	32748 (STEADFAST) (STEADFAST)
2 5	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 4	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
2 3	34.249.70.28 34.249.70.28	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
1 1	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.77.10.176 54.77.10.176	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
4 5	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	88.214.193.83 88.214.193.83	46636 (NATCOWEB) (NATCOWEB)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	88.221.62.154 88.221.62.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	184.25.115.49 184.25.115.49	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:9000:215... 2600:9000:2156:7000:16:876:8540:93a1	16509 (AMAZON-02) (AMAZON-02)
218	66

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dailylenglui.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4200:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:c200:16:876:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.123.247 (Los Angeles, United States) 2 redirects

ASN2635 (AUTOMATTIC, US)
PTR: intensedebate.com

www.intensedebate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:400d:809::2001 (Ireland)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.36 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

i.polldaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.poll.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.114.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-114-184.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.2.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2182:9c00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.221.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

s3t3d2y7.ackcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.123.248 (Los Angeles, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)
PTR: polldaddy.com

polldaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

sites.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:de75 (United States)

ASN13335 (CLOUDFLARENET, US)

warumbistdusoarm.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 15 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.27 (Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.39.17 (United States)

ASN13335 (CLOUDFLARENET, US)

router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:2385 (United States)

ASN13335 (CLOUDFLARENET, US)

stimmtso.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5362 (United States)

ASN13335 (CLOUDFLARENET, US)

spagat.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.200.100 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.185 (United States)

ASN32748 (STEADFAST, US)
PTR: ip185.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.91 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.150 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.70.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-70-28.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.63 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.10.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-10-176.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.63.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.216 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.83 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.51 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.232.32 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.62.154 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-62-154.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.115.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:7000:16:876:8540:93a1 (United States)

ASN16509 (AMAZON-02, US)

sd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	google.com 16 redirects apis.google.com sites.google.com accounts.google.com www.google.com	338 KB
20	googleusercontent.com lh6.googleusercontent.com lh3.googleusercontent.com	1 MB
20	ggpht.com lh6.ggpht.com lh4.ggpht.com lh5.ggpht.com lh3.ggpht.com yt3.ggpht.com	2 MB
18	sharethis.com w.sharethis.com s.sharethis.com ws.sharethis.com l.sharethis.com sd.sharethis.com	103 KB
17	infolinks.com resources.infolinks.com router.infolinks.com	277 KB
13	blogspot.com dailylenglui.blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 4.bp.blogspot.com	31 KB
11	intensedebate.com 2 redirects www.intensedebate.com	11 KB
10	facebook.com www.facebook.com	162 KB
10	exoclick.com syndication.exoclick.com main.exoclick.com	9 KB
8	pubmatic.com 7 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	5 KB
8	doubleclick.net 5 redirects googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	8 KB
8	youtube.com www.youtube.com	2 MB
7	blogger.com 1 redirects www.blogger.com	68 KB
6	outbrain.com widgets.outbrain.com odb.outbrain.com	39 KB
5	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
5	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	6 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com sb.scorecardresearch.com	2 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	histats.com s10.histats.com s4.histats.com	9 KB
3	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	22 KB
3	google-analytics.com www.google-analytics.com	17 KB
3	googlesyndication.com pagead2.googlesyndication.com	120 KB
3	polldaddy.com 1 redirects i.polldaddy.com polldaddy.com	5 KB
2	poll.fm i0.poll.fm	7 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	realsrv.com main.realsrv.com	836 B
2	exdynsrv.com main.exdynsrv.com	838 B
2	fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frt3-2.xx.fbcdn.net	5 KB
2	warumbistdusoarm.space warumbistdusoarm.space	3 KB
2	ackcdn.net s3t3d2y7.ackcdn.net	21 KB
2	paypalobjects.com www.paypalobjects.com	1 KB
2	blogblog.com resources.blogblog.com	1 KB
1	bttrack.com bttrack.com	380 B
1	adform.net c1.adform.net	188 B
1	rfihub.com 1 redirects p.rfihub.com	758 B
1	ck-ie.com 1 redirects us.ck-ie.com	482 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	33across.com ssc-cms.33across.com	72 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	591 B
1	onetag-sys.com onetag-sys.com	818 B
1	tynt.com de.tynt.com	289 B
1	spagat.space spagat.space	144 KB
1	stimmtso.space stimmtso.space	97 KB
1	ytimg.com i.ytimg.com	49 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
218	56

	Domain	Requested by
19	www.google.com	15 redirects apis.google.com www.youtube.com www.blogger.com
19	lh3.googleusercontent.com	dailylenglui.blogspot.com www.blogger.com
14	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
14	apis.google.com	dailylenglui.blogspot.com apis.google.com www.blogger.com accounts.google.com
11	www.intensedebate.com	2 redirects dailylenglui.blogspot.com www.intensedebate.com
10	www.facebook.com	dailylenglui.blogspot.com www.facebook.com
9	ws.sharethis.com	w.sharethis.com ws.sharethis.com dailylenglui.blogspot.com
8	www.youtube.com	dailylenglui.blogspot.com www.youtube.com
8	syndication.exoclick.com	dailylenglui.blogspot.com syndication.exoclick.com
7	lh6.ggpht.com	dailylenglui.blogspot.com
7	www.blogger.com	1 redirects dailylenglui.blogspot.com apis.google.com
6	lh4.ggpht.com	dailylenglui.blogspot.com
5	sd.sharethis.com	s.sharethis.com sd.sharethis.com
5	image8.pubmatic.com	4 redirects router.infolinks.com
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	4 redirects
4	3.bp.blogspot.com	dailylenglui.blogspot.com
4	widgets.outbrain.com	dailylenglui.blogspot.com widgets.outbrain.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
3	1.bp.blogspot.com	dailylenglui.blogspot.com www.blogger.com
3	www.google-analytics.com	dailylenglui.blogspot.com
3	resources.infolinks.com	dailylenglui.blogspot.com resources.infolinks.com
3	lh3.ggpht.com	dailylenglui.blogspot.com
3	pagead2.googlesyndication.com	dailylenglui.blogspot.com pagead2.googlesyndication.com
3	lh5.ggpht.com	dailylenglui.blogspot.com
2	i0.poll.fm	dailylenglui.blogspot.com
2	sb.scorecardresearch.com	1 redirects dailylenglui.blogspot.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	sync.search.spotxchange.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	eus.rubiconproject.com	router.infolinks.com eus.rubiconproject.com
2	main.realsrv.com	warumbistdusoarm.space
2	main.exoclick.com	warumbistdusoarm.space
2	main.exdynsrv.com	warumbistdusoarm.space
2	platform.twitter.com	dailylenglui.blogspot.com platform.twitter.com
2	warumbistdusoarm.space	syndication.exoclick.com
2	s10.histats.com	dailylenglui.blogspot.com s10.histats.com
2	accounts.google.com	1 redirects apis.google.com
2	odb.outbrain.com	widgets.outbrain.com
2	polldaddy.com	1 redirects dailylenglui.blogspot.com
2	s3t3d2y7.ackcdn.net	syndication.exoclick.com
2	l.sharethis.com	w.sharethis.com dailylenglui.blogspot.com
2	4.bp.blogspot.com	dailylenglui.blogspot.com
2	2.bp.blogspot.com	dailylenglui.blogspot.com
2	www.paypalobjects.com	dailylenglui.blogspot.com
2	resources.blogblog.com	dailylenglui.blogspot.com
2	dailylenglui.blogspot.com	dailylenglui.blogspot.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	bttrack.com	ssum-sec.casalemedia.com
1	c1.adform.net	ssum-sec.casalemedia.com
1	b.scorecardresearch.com	widgets.outbrain.com
1	p.rfihub.com	1 redirects
1	us.ck-ie.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	secure-assets.rubiconproject.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	www.gstatic.com	www.youtube.com
1	spagat.space	warumbistdusoarm.space
1	stimmtso.space	warumbistdusoarm.space
1	ssl.gstatic.com	accounts.google.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	s4.histats.com	s10.histats.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	fonts.gstatic.com	www.youtube.com
1	sites.google.com	dailylenglui.blogspot.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	i.polldaddy.com	dailylenglui.blogspot.com
1	lh6.googleusercontent.com	dailylenglui.blogspot.com
1	s.sharethis.com	dailylenglui.blogspot.com
1	w.sharethis.com	dailylenglui.blogspot.com
218	90

This site contains no links.

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.intensedebate.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-07` - `2021-05-06`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-13` - `2022-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.polldaddy.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
histats.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
exdynsrv.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
exoclick.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
realsrv.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
onetag-sys.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 25 frames:

Primary Page: http://dailylenglui.blogspot.com/
Frame ID: 24F765A5F20756B09163EC1C403AD56E
Requests: 99 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 8552244CCE15AD29AC36B2C0C6946136
Requests: 1 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396089901
Frame ID: 6BB2993D15B1FA39058B9D83A651F8E5
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: CC27F7084F135CC077EBEF77DDFF309D
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Yl4ETw-TXos
Frame ID: F5137B3DC21D7DB8EAA9D902F952FF59
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
Frame ID: 241B099D76A49AB6FA5FC2C9D4ABE416
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 63A1C89A5236F1C57873048B67154722
Requests: 1 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090774
Frame ID: CA1A916485BE70DFBFC785A794E47506
Requests: 1 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090784
Frame ID: 3D09DB96EAA7F1498D38E831A6891629
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Frame ID: B147ABEA69A78E6CD847AFEEF95ED481
Requests: 9 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090794
Frame ID: 966005516C7043F873A5DC24A3884DF7
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 813811CF55153282FE4BE413C046283C
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__&bpli=1
Frame ID: E10EBF3D3EA6EF9F593391705B5AF6D1
Requests: 25 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
Frame ID: F5AEF19B4DBA0A5B99CB01DF1CBEBC13
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: D03D2DE07EB5EE509CE27594B17AE73F
Requests: 4 HTTP requests in this frame

Frame: https://warumbistdusoarm.space/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Frame ID: 1642F0CFBA051A2D5F37EBCC6C0D8164
Requests: 5 HTTP requests in this frame

Frame: https://warumbistdusoarm.space/iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
Frame ID: C0F1269D6A4BAA62E08D89F5DF7BB0E9
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fdailylenglui.blogspot.com
Frame ID: 6E3E2DC6DDDC207DA272E515016013CD
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Frame ID: 274C5C62F2CBFA5CFABB9490D05389B9
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Frame ID: 1043C5AABE2906959D5A1838DF5B7BC7
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 9E52AFA56E01507F1E73A3ECD08326DD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Frame ID: C963D24E5FDD5ABE9148C2C6AAACEEB0
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: CE0B8C9733150D2104047A42898524AD
Requests: 1 HTTP requests in this frame

Frame: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Frame ID: 12FC4437499B03F5EA3B746C26430A70
Requests: 3 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 4295AB4385B6158DF4753F1D8E771897
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

url /^https?:\/\/[^/]+\.blogspot\.com/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /^https?:\/\/[^/]+\.blogspot\.com/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

218
Requests

73 %
HTTPS

42 %
IPv6

56
Domains

90
Subdomains

66
IPs

8
Countries

6601 kB
Transfer

9772 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://apis.google.com/js/plusone.js HTTP 307
https://apis.google.com/js/plusone.js

Request Chain 7

http://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49 HTTP 301
https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49

Request Chain 36

http://www.intensedebate.com/widgets/acctComment/291108/10 HTTP 301
https://www.intensedebate.com/widgets/acctComment/291108/10

Request Chain 40

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 58

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1578098067&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396090006&utmac=UA-15433167-2&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1330973702&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1578098067&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396090006&utmac=UA-15433167-2&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1330973702&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 65

http://www.youtube.com/embed/Yl4ETw-TXos HTTP 307
https://www.youtube.com/embed/Yl4ETw-TXos

Request Chain 66

http://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light HTTP 307
https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light

Request Chain 69

http://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id= HTTP 301
https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=

Request Chain 79

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978 HTTP 307
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978

Request Chain 84

https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://dailylenglui.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__ HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D638100801402959337%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://dailylenglui.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.en_US._62Wsnwv-UM.O/am%253DwQ/d%253D1/ct%253Dzgms/rs%253DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D638100801402959337%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://dailylenglui.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/apps-static/_/js/k%253Doz.gapi.en_US._62Wsnwv-UM.O/am%253DwQ/d%253D1/ct%253Dzgms/rs%253DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/m%253D__features__%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__&bpli=1

Request Chain 85

http://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light HTTP 307
https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light

Request Chain 110

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 139

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

Request Chain 141

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Request Chain 143

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=2505658982353507933

Request Chain 144

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2122809797 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2122809797 HTTP 302
https://sync.1rx.io/usersync/tradedesk/75c19649-90b2-45d2-babc-32b5c35bd033 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003

Request Chain 146

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 148

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fdailylenglui.blogspot.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fdailylenglui.blogspot.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=1288906941228643427

Request Chain 150

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP80039076-8adb-11eb-bf82-06bcd721beb8 HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP80039076-8adb-11eb-bf82-06bcd721beb8&verify=true HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-dVjM0d5E2uGS0.yUYvGkKlNaBDYMwhXZ~A~UP80039076-8adb-11eb-bf82-06bcd721beb8

Request Chain 151

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=91678df2a84ef1e3d97cde58

Request Chain 152

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjM4ODI4QjgtNDVBNC00MTk4LTlBMzMtQUUzNEYwQjE0ODY5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 153

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjVCNkJGNjItNjNDQi00RDhFLUFFOUItQUFDMjVGODU5NUIx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DB38828B8-45A4-4198-9A33-AE34F0B14869 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=B38828B8-45A4-4198-9A33-AE34F0B14869

Request Chain 154

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D HTTP 302
https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550

Request Chain 156

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1871597493636164912

Request Chain 157

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=80eaee5c-8adb-11eb-8c9f-1384e0ef3106 HTTP 302
https://router.infolinks.com/dyn/sx-usync?uid=80eaee23-8adb-11eb-8c9f-1384e0ef3106

Request Chain 158

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-9d_mYzNE2uEYazSFC1VEC9iBJZRXJfxW.YI78SY-~A

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFg-O9WIL-Qoxadar7dDcAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAmKfIMDuwXl1z1zNaeWwNQ&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHuuIJI8ueXrqUJgp245x-s&google_cver=1

Request Chain 165

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB&dcc=t

Request Chain 169

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6696824921271802730&uid=Q6696824921271802730&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 174

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=000&ns__t=1616396091629&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1616396091629&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F&cs_ak_ss=1

Request Chain 179

https://www.google.com/s2/photos/public/AIbEiAIAAABDCOjH6P_3gvvlaCILdmNhcmRfcGhvdG8qKDgzOWUwN2EyNGNhMDZmZjBlYTAyYzAwZjdlNjNhYjQwMDE0NGQ0MWQwAfDuCviaO0QgCJZZXmsrZcucBxvk HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgI-0xiajkIAP5pm8RxO0RXy4nqL3bdkadF3E7MCQ=s96-p

Request Chain 181

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPTfxN2ytNG2USILdmNhcmRfcGhvdG8qKDUyZGY0OWVjYzU1MjA3YTBlYWNhOGViNzkyM2I3MGNhMDAyMjYzNGYwAalM-KFTNrrQh2At4Hq2FWHaOn7v HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p

Request Chain 182

https://www.google.com/s2/photos/public/AIbEiAIAAABECIT1wKvS-M-coAEiC3ZjYXJkX3Bob3RvKihjN2JkOGE1OGU4NWUxMGMwNGUxNzM0MTBlMzJhOGMzNDIwZDg4YmVlMAGIqzklXoWOgLTfBpAc-KGbmLCkpw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p

Request Chain 183

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPrN553y89yjHSILdmNhcmRfcGhvdG8qKGM4NjdmZTUyMTE1YWUwYjIwM2I1YTFkMWNmZmJlN2Y5YmE5MTJhZDQwAaan0GVzhW0Did0RfJ7nuzWshzoD HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p

Request Chain 184

https://www.google.com/s2/photos/public/AIbEiAIAAABDCKmKkvXW-OiJLiILdmNhcmRfcGhvdG8qKGVhZDBhNDM1YTg5NDUxMDc2ZTk1MTM3YjZiYTQyYjZjOWU4ZjBiZWUwATeXwoRAgSIIC0apbQFKJDkmYC6C HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p

Request Chain 185

https://www.google.com/s2/photos/public/AIbEiAIAAABECOWDqenlro6o0wEiC3ZjYXJkX3Bob3RvKigzMzBiNmUzYzIxY2QxOTA3MjlmMTVjNDdlY2Y1YTRjMmQwNTBkOTE1MAFElQ11LAw06J7zOEX4na8akbh0qA HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p

Request Chain 186

https://www.google.com/s2/photos/public/AIbEiAIAAABECMCmoen17arb5QEiC3ZjYXJkX3Bob3RvKig3ZDgzOWRlNTYyMzIwNjE3ZWRlMDNiYjNhNDMxMjFhNDQ0MjFkYThlMAGxFfFpVoUpUk3adgn_-IVPguf5dA HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p

Request Chain 187

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJTRibz5iZn-FCILdmNhcmRfcGhvdG8qKGYzYjI5YWNkN2M3NWYxNjQzNzc5ZmE0ZmY5MWFlNTYwY2QwYzVjYTMwAfN-Y_ipFyu3hvrcnPc3lP8L2t8- HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p

Request Chain 188

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJLPr5P_m7iNKiILdmNhcmRfcGhvdG8qKDgzOTNjMzUzNGVhNTUxYWU5MzhjOTFlNjM3OGM3MDk4YTUxOTE4NGYwAcRofZD4JFPHcXA1UYGPk9lApMkF HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p

Request Chain 189

https://www.google.com/s2/photos/public/AIbEiAIAAABDCL7K7qre4IraJiILdmNhcmRfcGhvdG8qKDIxODM1Njg1NjY3ZDZlMjc5YzU2YmY1NWJkM2M2ZmE2ZDMwOTVlMDMwAbEuckjHX-Vm3E9N1GsPwykcDtZf HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Gg_Gss6JXLuQJiPMP9olYATb-iNkOuZXfAB5ZNK-w=s96-p

Request Chain 190

https://www.google.com/s2/photos/public/AIbEiAIAAABDCK32zJe6gMqZPiILdmNhcmRfcGhvdG8qKDkwYTBlYWI4ZmE3MzhkNWIyMjE0ZGU2NzNmODg5ODY3MGNlOGMzOGYwAX-w7UZ1CCbx46_rjDB3upAOwuq8 HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p

Request Chain 191

https://www.google.com/s2/photos/public/AIbEiAIAAABECPrUiI-Vub29zQEiC3ZjYXJkX3Bob3RvKigxNzUwMzQzYjA4ZmQ0ZWE5ZjMzM2YwNzAzZjRkMTI2ZDM4NzIxOGQyMAEgaMkNCazF4JO2Q5vXoUmhcKxMpw HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p

Request Chain 194

https://www.google.com/s2/photos/public/AIbEiAIAAABDCK7iwabQprTrPCILdmNhcmRfcGhvdG8qKGNmMjQxODQ2YzZlZjhiNmViYjA2YWUxYzY0OGUzZjg4MDFlYjU1OGYwAcE8Iu9C9Z1Jzza4h7FCtQBof1sv HTTP 302
https://lh3.googleusercontent.com/a-/AOh14Gh6xKfRGdZzGx7gy2yHuqssLao3Hm-R6cSTk79TJA=s96-p

Request Chain 196

https://www.google.com/s2/photos/public/AIbEiAIAAABECPSe9e_bxOzbxgEiC3ZjYXJkX3Bob3RvKihhNmQxNTU2NzU2OThjYzdlNzdjODU5MmRlNmE3MDk1NzAwMjgwMjExMAE06YFQNHM5g5kMCjVdO3RorhQhYg HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GjQhydIECGISJZGkQpiHowyo7ICIdyLTfPsVg29=s96-p

Request Chain 197

https://www.google.com/s2/photos/public/AIbEiAIAAABECO2Cl8W17-ePvQEiC3ZjYXJkX3Bob3RvKig0ZTdjMjg0OWZkMjVhZTU5N2Q1MmY0NDUwNTk0YzJkMjY2ODIwMDZlMAF9jH3ESmM5eqjTBc07mvVvYLfcrQ HTTP 302
https://lh3.googleusercontent.com/a-/AOh14GhyuYwqy4rleW_-OvmZac7lsOch4oadx0TKCJnaaQ=s96-p

Request Chain 210

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1995467673&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396095985&utmac=UA-1645146-14&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1995467673&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396095985&utmac=UA-1645146-14&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~

218 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dailylenglui.blogspot.com/ 82 KB
17 KB 398ms
392ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

daffe242a3ce6e9e545ff49e1f90234553064addc03b5221821a2346a25e7a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: dailylenglui.blogspot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Mon, 22 Mar 2021 06:54:49 GMT
Date: Mon, 22 Mar 2021 06:54:49 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 22 Mar 2021 05:59:20 GMT
ETag: W/"eb62d20802d3d0e849ca1ce276863b7300d18e0dfa98d65e7d2692d95a41cd78"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16555
Server: GSE

GET
H2 200 14020288-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 31 KB
7 KB 28ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/14020288-widget_css_bundle.css

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab30da88a231117c2a5ec535b0c4caec1c1f86a680f3077b272ea7265b33cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 21:14:24 GMT
server: sffe
age: 491027
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6823
x-xss-protection: 0
expires: Wed, 16 Mar 2022 14:31:02 GMT

GET
H/1.1 200
OK buttons.js Show response
w.sharethis.com/button/ 59 KB
17 KB 19ms
9ms Script
application/javascript 2600:9000:2182:4200:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/buttons.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2600:9000:2182:4200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 01:00:28 GMT
Content-Encoding: gzip
Age: 194061
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16639
Server: nginx/1.16.1
ETag: W/"60256fd0-eabe"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: igh6p2f2lH0Xr8cxGCKqYvL518P2SmJKl8lIZpKAXk_HdD-WoNfThg==
Expires: Tue, 23 Mar 2021 01:00:28 GMT

GET
H/1.1 200
OK loader.js Show response
s.sharethis.com/ 19 KB
5 KB 32ms
9ms Script
application/javascript 2600:9000:2182:c200:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s.sharethis.com/loader.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2600:9000:2182:c200:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:51:34 GMT
Content-Encoding: gzip
Age: 467
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 20 Aug 2019 17:22:04 GMT
Server: AmazonS3
ETag: W/"a637698b696964cb3a292f5482138425"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: txuM-ff3--LZgxxwrQN8s9FXbbf72Vh8RMFvXmzb9ytmdHrh2K2dbw==

GET
H2

200

plusone.js Show response
apis.google.com/js/
Redirect Chain

http://apis.google.com/js/plusone.js
https://apis.google.com/js/plusone.js

54 KB
21 KB

45ms
27ms

Script
application/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5MFSzszUeKkUK7OEeyboeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-5MFSzszUeKkUK7OEeyboeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 22 Mar 2021 06:54:49 GMT

Redirect headers

Location: https://apis.google.com/js/plusone.js
Non-Authoritative-Reason: HSTS

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ojb2+NlhoEmhu4Y1o6uAvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Ojb2+NlhoEmhu4Y1o6uAvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 22 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK dl.png
lh6.ggpht.com/-SGcVHS8GL6g/TtKOmuClfWI/AAAAAAAAZow/RGjArUs37AM/s800/ 26 KB
27 KB 26ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-SGcVHS8GL6g/TtKOmuClfWI/AAAAAAAAZow/RGjArUs37AM/s800/dl.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95c77ee03fdb1491a7a5d5bdd29c1f91b8673390a6a478bf6683e57ff0107266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vc6bf"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dl.png"
Timing-Allow-Origin: *
Content-Length: 26704
X-XSS-Protection: 0
Expires: Fri, 12 Mar 2021 21:51:08 GMT

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 642 B
617 B 39ms
24ms Script
application/javascript 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1e0f23734c4968f14513447b96a6aa1303434786a8e821d870b5d96584b12b43

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2

200

bloggerTemplateLinkWrapper.php Show response
www.intensedebate.com/js/
Redirect Chain

http://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49

5 KB
1 KB

493ms
165ms

Script
text/javascript

192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 384aa3fb477ed1640ab5b28b263de9a3ab459bf631d1772033389e12098eafd2

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

Redirect headers

Location: https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
Date: Mon, 22 Mar 2021 06:54:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK jessica_chen_jieshi.jpg
lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/s800/ 45 KB
46 KB 25ms
18ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/s800/jessica_chen_jieshi.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e97fab623507015813482c6e4038d77b6e605b4beec0316fc763d3ae26d7e257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb0f2"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi.jpg"
Timing-Allow-Origin: *
Content-Length: 46495
X-XSS-Protection: 0
Expires: Mon, 15 Mar 2021 21:58:39 GMT

GET
H/1.1 200
OK cny_chinese_girl_red_owl.gif
lh6.ggpht.com/-zc7iXmu0IVE/UuInrW2mWmI/AAAAAAAAr-o/yiYNlmeDHUY/s800/ 2 MB
2 MB 33ms
25ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-zc7iXmu0IVE/UuInrW2mWmI/AAAAAAAAr-o/yiYNlmeDHUY/s800/cny_chinese_girl_red_owl.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

364a9f26140813151990539bc23bb8fa5248675084f5465540c6b3d6ebcded98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vafea"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cny_chinese_girl_red_owl.gif"
Timing-Allow-Origin: *
Content-Length: 1623559
X-XSS-Protection: 0
Expires: Tue, 23 Mar 2021 06:54:49 GMT

GET
H2 200 cny_singapore_girl_in_red.gif
lh6.googleusercontent.com/-q6eU464vRWo/UuInlznQP1I/AAAAAAAAr-A/FXYqmccyjfk/s800/ 1 MB
1 MB 153ms
89ms Image
image/gif 2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-q6eU464vRWo/UuInlznQP1I/AAAAAAAAr-A/FXYqmccyjfk/s800/cny_singapore_girl_in_red.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac5979e2cc0e74af50ffc664f5412dbf1e6a28253c835d3b974ff82772cf4d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
x-content-type-options: nosniff
server: fife
etag: "vafe0"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cny_singapore_girl_in_red.gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1137327
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:50 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-001.jpg
lh6.ggpht.com/-D6D8kbCRVN8/UuInMqmNTtI/AAAAAAAAr9I/tV1FlSqbSzI/s800/ 41 KB
42 KB 22ms
18ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-D6D8kbCRVN8/UuInMqmNTtI/AAAAAAAAr9I/tV1FlSqbSzI/s800/jessica_chen_jieshi-001.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7eb77b674a3d3a00e997e449c9899437a41a185cc5bc2fcf1c03f3d863a20019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb116"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-001.jpg"
Timing-Allow-Origin: *
Content-Length: 42361
X-XSS-Protection: 0
Expires: Tue, 23 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-002.jpg
lh6.ggpht.com/-z_1SfmK6Mcs/UuInQ5PwN1I/AAAAAAAAr9Q/utWf-YG4yEc/s800/ 40 KB
40 KB 24ms
17ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-z_1SfmK6Mcs/UuInQ5PwN1I/AAAAAAAAr9Q/utWf-YG4yEc/s800/jessica_chen_jieshi-002.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

38b516c9246e0a9a7e2ffc1c9eca4865046baa8985fc13c53aa1a6e8ac0a0db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb0d2"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-002.jpg"
Timing-Allow-Origin: *
Content-Length: 40939
X-XSS-Protection: 0
Expires: Tue, 23 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-003.jpg
lh4.ggpht.com/--wiLMyFNCPU/UuInUqu7RsI/AAAAAAAAr9Y/e13xtMgwcJA/s800/ 55 KB
56 KB 25ms
18ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/--wiLMyFNCPU/UuInUqu7RsI/AAAAAAAAr9Y/e13xtMgwcJA/s800/jessica_chen_jieshi-003.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

452a5ac7b950e6c6705c03a66e6dcb9609c7c3178439e0b416df1548df2c8f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb0e4"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-003.jpg"
Timing-Allow-Origin: *
Content-Length: 56401
X-XSS-Protection: 0
Expires: Tue, 23 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-004.jpg
lh4.ggpht.com/-DIEosLzib1o/UuInYMil5gI/AAAAAAAAr9g/Wdn5-B08iJM/s800/ 47 KB
48 KB 23ms
18ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-DIEosLzib1o/UuInYMil5gI/AAAAAAAAr9g/Wdn5-B08iJM/s800/jessica_chen_jieshi-004.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f34901c768ab9c7505777a0fede86ccce6b12d4dcbdad84abdfad5e3683e6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb114"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-004.jpg"
Timing-Allow-Origin: *
Content-Length: 48314
X-XSS-Protection: 0
Expires: Tue, 23 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK jessica_chen_jieshi-005.jpg
lh5.ggpht.com/-4Rntfu1mLhA/UuInbk4gQNI/AAAAAAAAr9o/1tU15jEqMfg/s800/ 39 KB
39 KB 24ms
18ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh5.ggpht.com/-4Rntfu1mLhA/UuInbk4gQNI/AAAAAAAAr9o/1tU15jEqMfg/s800/jessica_chen_jieshi-005.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

294369c82d831799b4e873a82f34e42fb00de5d1dd73032494efb9914df6d245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "vb113"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi-005.jpg"
Timing-Allow-Origin: *
Content-Length: 39888
X-XSS-Protection: 0
Expires: Tue, 23 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK rating.js Show response
i.polldaddy.com/ratings/ 15 KB
5 KB 56ms
31ms Script
application/javascript 192.0.77.36
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: http://i.polldaddy.com/ratings/rating.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 192.0.77.36 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 753317c58e485fe930390c7d2b9a30e6609a274456a37384506950283004664b

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-nc: HIT ams 2
Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2020 17:20:36 GMT
Server: nginx
ETag: W/"5e4c1ce4-3b42"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 25 Mar 2021 05:45:23 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
281 B 27ms
6ms Image
image/gif 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:05:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 15:10:26 GMT
server: sffe
age: 449332
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Wed, 24 Mar 2021 02:05:57 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 96 KB
35 KB 29ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbfbedeaa94fbff654f4edef88642359e75f767f7cf590cf073f5f4a1b8870bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 17714132142724221944
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 34835
X-XSS-Protection: 0
Expires: Mon, 22 Mar 2021 06:54:49 GMT

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 645 B
619 B 42ms
24ms Script
application/javascript 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e438f51b474134f435f788639f800142905b92f92c2c1532fda26dfdd75ae4f

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/ 746 B
1 KB 97ms
25ms Image
image/webp 184.25.114.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.114.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-114-184.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

bc86ad345c2cf51298d5cb2352c6a19f7c3f0292ac81d231f09186cadfebe2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 688
etag: "U3pl0/XCujlHacl+n45I4YfostqG/gKwMB9VmB+OaEg"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Tue, 02 Feb 2021 01:49:55 GMT
content-length: 746
server: Akamai Image Manager
expires: Mon, 22 Mar 2021 18:54:50 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
290 B 83ms
26ms Image
image/gif 184.25.114.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.114.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-114-184.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 03:24:09 GMT
server: Akamai Image Manager
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-transform, max-age=43200
content-length: 42
expires: Mon, 22 Mar 2021 18:54:50 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
833 B 7ms
6ms Image
image/png 2a00:1450:4001:829::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:26:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 17:10:47 GMT
server: sffe
age: 448125
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 24 Mar 2021 02:26:04 GMT

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 645 B
619 B 41ms
23ms Script
application/javascript 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 98333f20bc1a03ce8fa68b0b8cb1bdc3ecd5af33b6a3548b398604b413f4d19f

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK OutbrainRater.js Show response
widgets.outbrain.com/ 114 KB
30 KB 77ms
58ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/OutbrainRater.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 553f29d085717e2a47e26c32b3f8bb0e9691e5287c30f1270fa78597070965e4

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Cookie: CheetahStaging=true
Connection: keep-alive
Content-Length: 30328
Last-Modified: Wed, 13 Nov 2019 01:43:26 GMT
Server: AkamaiNetStorage
ETag: "c1cf63691b92d21272762c5104a797f8:1566138647"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Timing-Allow-Origin: *, *

GET
H/1.1 200
OK claim.js Show response
widgets.outbrain.com/ 1 KB
1 KB 48ms
28ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/claim.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: af67ea2f6471994fe966d2d72642ee2f3ca0533e0020fb15a36c33e647ee737f

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Cookie: CheetahStaging=true
Connection: keep-alive
Content-Length: 614
Last-Modified: Sun, 18 Aug 2019 14:30:48 GMT
Server: AkamaiNetStorage
ETag: "09608c20f0e8d380577a6d25941c2cf5:1566138648"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Timing-Allow-Origin: *, *

GET
H/1.1 200
OK ads.php Show response
syndication.exoclick.com/ 645 B
615 B 42ms
24ms Script
application/javascript 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1e73f89046548162918d0907470e29b3c891ee2f716ec1ac3e22fceac16572b9

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK oh%252520in%252520hye%252520sexy%252520slip.jpg
lh6.ggpht.com/-rf-BKXCDhAI/TvOUewdTh_I/AAAAAAAAaZs/VeArQef6IFQ/w72-h72-p-k-no-nu/ 3 KB
4 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-rf-BKXCDhAI/TvOUewdTh_I/AAAAAAAAaZs/VeArQef6IFQ/w72-h72-p-k-no-nu/oh%252520in%252520hye%252520sexy%252520slip.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

060e5633dac520a0412dcdf65d6e4ad7de7116ffc7ab7c270a1c1712129e814d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb534"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="oh in hye sexy slip.jpg"
Timing-Allow-Origin: *
Content-Length: 3527
X-XSS-Protection: 0
Expires: Fri, 19 Mar 2021 16:40:00 GMT

GET
H/1.1 200
OK jessica_chen_jieshi.jpg
lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/w72-h72-p-k-no-nu/ 4 KB
5 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh6.ggpht.com/-9_5GeMILAEg/UuIn9MFjpFI/AAAAAAAAsBo/UjTjlMVf3fk/w72-h72-p-k-no-nu/jessica_chen_jieshi.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1b17647333bd1be44dac7be0b9eba786bcfccf3774e2d4250affeeaa29100ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb0f2"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="jessica_chen_jieshi.jpg"
Timing-Allow-Origin: *
Content-Length: 4341
X-XSS-Protection: 0
Expires: Fri, 19 Mar 2021 16:40:00 GMT

GET
H/1.1 200
OK ganlulu.jpg
lh4.ggpht.com/-HNHXMfK9uak/TvOc-HBMRyI/AAAAAAAAaZ0/4RBJv_giiPs/w72-h72-p-k-no-nu/ 2 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-HNHXMfK9uak/TvOc-HBMRyI/AAAAAAAAaZ0/4RBJv_giiPs/w72-h72-p-k-no-nu/ganlulu.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

660aa09f512df3e6bbff0599a2c9d61d76996bcb5ba1aca8520c9fad94a07fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:45:28 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 561
ETag: "vcad0"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ganlulu.jpg"
Timing-Allow-Origin: *
Content-Length: 2402
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:58 GMT

GET
H/1.1 200
OK yoyo%252520xu%252520xiangting.jpg
lh5.ggpht.com/-VNruHz_f3vQ/TvOLQweqSgI/AAAAAAAAaJY/n2Q7QtnPorc/w72-h72-p-k-no-nu/ 3 KB
3 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh5.ggpht.com/-VNruHz_f3vQ/TvOLQweqSgI/AAAAAAAAaJY/n2Q7QtnPorc/w72-h72-p-k-no-nu/yoyo%252520xu%252520xiangting.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a0857b9520e13161b12f5acfb0a1ce1248064812768efeebd1917d5ef5b7799f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vd064"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="yoyo xu xiangting.jpg"
Timing-Allow-Origin: *
Content-Length: 2735
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:58 GMT

GET
H/1.1 404
Not Found celia_kwok.jpg
lh4.ggpht.com/-MJYdSE1wJBc/UQDktfm-z_I/AAAAAAAAALk/7UtMv0EgLuM/w72-h72-p-k-no-nu/ 1 KB
2 KB 113ms
112ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-MJYdSE1wJBc/UQDktfm-z_I/AAAAAAAAALk/7UtMv0EgLuM/w72-h72-p-k-no-nu/celia_kwok.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
X-Content-Type-Options: nosniff
Server: fife
Content-Type: image/png
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 1492
X-XSS-Protection: 0

GET
H/1.1 404
Not Found jahziel_manabat.jpg
lh3.ggpht.com/-SApHzQZ-keA/UQpDBObk4kI/AAAAAAAAH-s/JROg_oJkw9U/w72-h72-p-k-no-nu/ 1 KB
2 KB 122ms
116ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/-SApHzQZ-keA/UQpDBObk4kI/AAAAAAAAH-s/JROg_oJkw9U/w72-h72-p-k-no-nu/jahziel_manabat.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
X-Content-Type-Options: nosniff
Server: fife
Content-Type: image/png
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 1492
X-XSS-Protection: 0

GET
H/1.1 404
Not Found daniella_wang_lidan.jpg
lh4.ggpht.com/-L9TBMMJZO_U/UTOZQy29ckI/AAAAAAAANMM/LM87RlR5OVA/w72-h72-p-k-no-nu/ 1 KB
2 KB 113ms
112ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-L9TBMMJZO_U/UTOZQy29ckI/AAAAAAAANMM/LM87RlR5OVA/w72-h72-p-k-no-nu/daniella_wang_lidan.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
X-Content-Type-Options: nosniff
Server: fife
Content-Type: image/png
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 1492
X-XSS-Protection: 0

GET
H2 404 Hzs8k_MrJze7MkZSQoAaUmnQy8NRNr9HfrPFt6ly5uQSDONTvhGtpfC9ZbEcbJ-YytQ0ttgGiWGAVyPSXgubu0sNaETGvTcSx4W4QOV3tAb2aMs=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ 0
0 47ms
44ms Image
text/html 2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/proxy/Hzs8k_MrJze7MkZSQoAaUmnQy8NRNr9HfrPFt6ly5uQSDONTvhGtpfC9ZbEcbJ-YytQ0ttgGiWGAVyPSXgubu0sNaETGvTcSx4W4QOV3tAb2aMs=w72-h72-p-k-no-nu
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H/1.1 200
OK zhang%20xinyu27.jpg
lh5.ggpht.com/_j56sqgz-BSs/TBnPonB91ZI/AAAAAAAAEr4/LqzOST8bqcU/w72-h72-p-k-no-nu/ 3 KB
4 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh5.ggpht.com/_j56sqgz-BSs/TBnPonB91ZI/AAAAAAAAEr4/LqzOST8bqcU/w72-h72-p-k-no-nu/zhang%20xinyu27.jpg

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77ccf4909a0b4a6c710ff567a5334966ea4bbe832df84bec2c6e424f854204e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "vb7d3"
Vary: Origin
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="zhang xinyu27.jpg"
Timing-Allow-Origin: *
Content-Length: 3376
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:58 GMT

GET
H2

200

10 Show response
www.intensedebate.com/widgets/acctComment/291108/
Redirect Chain

http://www.intensedebate.com/widgets/acctComment/291108/10
https://www.intensedebate.com/widgets/acctComment/291108/10

20 KB
5 KB

384ms
164ms

Script
text/javascript

192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/widgets/acctComment/291108/10
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 2bf8e2708feece6bcf770af5689316e6713f1c68b8e804dfa7f42c1218e271e2

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

Redirect headers

Location: https://www.intensedebate.com/widgets/acctComment/291108/10
Date: Mon, 22 Mar 2021 06:54:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 51ms
32ms Script
application/javascript 104.22.2.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77cb48ffb31cd35a18168a80615304f506d67969ff8e3c17e5168b2f712deaa6

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 10505
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip
cf-request-id: 08fa50122900004c8585301000000001
Last-Modified: Sun, 21 Mar 2021 07:59:34 GMT
Server: cloudflare
ETag: W/"b3f-5be07546cc06f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
CF-RAY: 633d82c9d8454c85-AMS
Expires: Mon, 22 Mar 2021 04:59:44 GMT

GET
H/1.1 200
OK cookienotice.js Show response
dailylenglui.blogspot.com/js/ 6 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://dailylenglui.blogspot.com/js/cookienotice.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:45:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 21 Mar 2021 22:04:32 GMT
Server: sffe
Age: 561
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Mon, 29 Mar 2021 06:45:28 GMT

GET
H3-Q050 200 2080820689-widgets.js Show response
www.blogger.com/static/v1/widgets/ 143 KB
52 KB 37ms
20ms Script
text/javascript 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2080820689-widgets.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54101ac05b6045cf011eecd0c6ffcbbc98b84391f68af8bf4885d69f956f67f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 01:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 00:13:59 GMT
server: sffe
age: 536886
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53149
x-xss-protection: 0
expires: Wed, 16 Mar 2022 01:46:43 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4343
date: Mon, 22 Mar 2021 05:42:26 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 22 Mar 2021 07:42:26 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 30ms
9ms Script
application/javascript 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 02:47:58 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 14812
etag: W/"60257011-16245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 18815
x-amz-cf-id: noYYoIyeY3VgdPylBs3vB8P1vxS-qWvHDReZ0M3oNKurEXkNJCkl7g==
expires: Thu, 25 Mar 2021 02:47:58 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
665 B 641ms
627ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=638100801402959337&zx=0f9d8588-4ad1-4e30-9085-a4b7a587e684

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 06:54:50 GMT
server: GSE
date: Mon, 22 Mar 2021 06:54:50 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 144 KB
50 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: http://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 491675
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Wed, 16 Mar 2022 14:20:14 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 53 KB
18 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b453517c2e7cfa36bd4d9aec61fbee2e5dd84aedf5f10f8e60cabe211579d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 299711
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17667
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:39:38 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 07:46:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 83280
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sun, 04 Apr 2021 07:46:49 GMT

GET
H/1.1 200
OK bg.gif
1.bp.blogspot.com/_qJFbsMHBJNg/Spoijyw9xAI/AAAAAAAAAOQ/eSz2lk30ij0/s1600/ 378 B
829 B 12ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_qJFbsMHBJNg/Spoijyw9xAI/AAAAAAAAAOQ/eSz2lk30ij0/s1600/bg.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2b1fe21c6d3074fa4f3e3a22fc8608d1877bfe8b6e34aeb03a8eef12da34a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:47 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1eb"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bg.gif"
Timing-Allow-Origin: *
Content-Length: 378
X-XSS-Protection: 0
Expires: Mon, 22 Mar 2021 15:54:00 GMT

GET
H/1.1 200
OK fld.gif
3.bp.blogspot.com/_qJFbsMHBJNg/SpokIyKnpbI/AAAAAAAAAPo/h1AUPk8j94U/s400/ 564 B
1016 B 13ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/SpokIyKnpbI/AAAAAAAAAPo/h1AUPk8j94U/s400/fld.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d4a8b6b96a1dca75c633779df58e6bbb05380bbbc3f052cb08aeb71fe59ef5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:47 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1e7"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fld.gif"
Timing-Allow-Origin: *
Content-Length: 564
X-XSS-Protection: 0
Expires: Wed, 17 Mar 2021 16:10:45 GMT

GET
H/1.1 200
OK go.gif
2.bp.blogspot.com/_qJFbsMHBJNg/SpokBKDl0tI/AAAAAAAAAPg/eIHbrHAAA98/s400/ 442 B
893 B 13ms
5ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/_qJFbsMHBJNg/SpokBKDl0tI/AAAAAAAAAPg/eIHbrHAAA98/s400/go.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91563af678cd860504972452b008a3d18595de97b147a5734335df31485a8cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:47 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1ad"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="go.gif"
Timing-Allow-Origin: *
Content-Length: 442
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:59 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 8552 2 KB
1 KB 27ms
5ms Document
text/html 2600:9000:206f:8600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Mon, 22 Mar 2021 06:18:21 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Qhnu-Hn-pJhVkUB69gxhYngnI2Vq8fIgDXRLzL9BMNbXbRHrDejv3A==
age: 2188

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame 6BB2 3 KB
2 KB 34ms
34ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396089901
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 276d892768b91420a9f8193e47a92ffbdd8652c87e21c5a6b857419f581a885a

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Mon, 22 Mar 2021 06:54:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260583f39de54f3.076313033367882387%22%3B%7D; expires=Wed, 22 Mar 2023 06:54:49 GMT; path=; domain=.exoclick.com;
Content-Encoding: gzip

GET
H/1.1 200
OK pink-right.gif
4.bp.blogspot.com/_qJFbsMHBJNg/SpojIITjclI/AAAAAAAAAOw/j1ouDFMQR9c/s400/ 313 B
769 B 24ms
16ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_qJFbsMHBJNg/SpojIITjclI/AAAAAAAAAOw/j1ouDFMQR9c/s400/pink-right.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

796066ce92d05ec134b324f69c0eeb68d0388d78e28b5ddaa2a8a2308409dfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1a5"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pink-right.gif"
Timing-Allow-Origin: *
Content-Length: 313
X-XSS-Protection: 0
Expires: Wed, 17 Mar 2021 16:10:45 GMT

GET
H/1.1 200
OK pink-rep.gif
4.bp.blogspot.com/_qJFbsMHBJNg/SpojSU7W0dI/AAAAAAAAAO4/z8Z4rYjhVMY/s400/ 154 B
608 B 25ms
17ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/_qJFbsMHBJNg/SpojSU7W0dI/AAAAAAAAAO4/z8Z4rYjhVMY/s400/pink-rep.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d985648b31dd5d6de7c01f3400b8e8b81c38168d385bf133a6357ea5a9220629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v1c9"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pink-rep.gif"
Timing-Allow-Origin: *
Content-Length: 154
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:59 GMT

GET
H/1.1 200
OK li-bg.gif
2.bp.blogspot.com/_qJFbsMHBJNg/Spojclu_osI/AAAAAAAAAPA/X1zrkpEVuLI/s400/ 45 B
498 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/_qJFbsMHBJNg/Spojclu_osI/AAAAAAAAAPA/X1zrkpEVuLI/s400/li-bg.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d610cd6aa5e508062ed1da5af6b9d106791efdfede822a06ec3101d00be961b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:47 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1f5"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="li-bg.gif"
Timing-Allow-Origin: *
Content-Length: 45
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:06:59 GMT

GET
H/1.1 200
OK active.gif
3.bp.blogspot.com/_qJFbsMHBJNg/Spoju2STS5I/AAAAAAAAAPQ/lZzES_ejEFE/s400/ 181 B
636 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/Spoju2STS5I/AAAAAAAAAPQ/lZzES_ejEFE/s400/active.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ecfcc8810e08d1313ad57015b6a2f141beda5cd9dcde99d29ae3b243edb4d9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:47 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1fb"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="active.gif"
Timing-Allow-Origin: *
Content-Length: 181
X-XSS-Protection: 0
Expires: Wed, 17 Mar 2021 16:10:45 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
346 B 98ms
26ms XHR
text/plain 52.58.221.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1616396089825.37610&hostname=dailylenglui.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&bsamesite=true&consent_cookie_duration=98&consent_duration=98&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fdailylenglui.blogspot.com%2F&title=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&sop=false&description=Daily%20Lenglui%20is%20a%20website%20aimed%20at%20promoting%20beautiful%20Asian%20women%20to%20its%20viewers%20around%20the%20world.%20No%20girls%20were%20harmed%20during%20the%20making%20of%20this%20site.
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://dailylenglui.blogspot.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 200 navbar.g Show response
www.blogger.com/ Frame CC27 7 KB
3 KB 580ms
579ms Document
text/html 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee731c787998d613383c67cb00f5f9c9835df9cb20e51c533fbd6c17447cc5a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2612
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 206
Partial Content da15c31947c0e66ce336a044e89b48a5ad663dba.mp4
s3t3d2y7.ackcdn.net/library/41682/ Frame 6BB2 10 KB
11 KB 17ms
9ms Media
video/mp4 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://s3t3d2y7.ackcdn.net/library/41682/da15c31947c0e66ce336a044e89b48a5ad663dba.mp4
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=728x90&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828782&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396089901
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c4653c1d0b1e996044d06458e13cb6bbcbf1ce8486fe0a83e205eaf8552ec507

Request headers

Referer: http://syndication.exoclick.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 Mar 2021 06:54:49 GMT
Last-Modified: Fri, 27 Mar 2020 14:13:19 GMT
Access-Control-Allow-Origin: *
ETag: "1585318399"
X-HW: 1616396089.dop223.fr8.t,1616396089.cds247.fr8.c
Content-Type: video/mp4
Content-Range: bytes 0-10623/10624
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10624

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1578098067&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1578098067&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...

35 B
378 B

42ms
28ms

Image
image/gif

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1578098067&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396090006&utmac=UA-15433167-2&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1330973702&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1578098067&utmhn=dailylenglui.blogspot.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396090006&utmac=UA-15433167-2&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1330973702&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 9ms
8ms Stylesheet
text/css 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 08:19:40 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
age: 81310
etag: W/"60257012-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: FcMtajXiz92spfV9s7YeLM0appMB4Rmem4EuuFn7IP7M0wh0Nkin2A==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 32ms
32ms Image
text/plain 52.58.221.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1616396089825.37610&hostname=dailylenglui.blogspot.com&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&bsamesite=true&consent_cookie_duration=98&consent_duration=98&gdpr_domain=.consensu.org&gdpr_method=cookie&url=http%3A%2F%2Fdailylenglui.blogspot.com%2F&title=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&sop=false&description=Daily%20Lenglui%20is%20a%20website%20aimed%20at%20promoting%20beautiful%20Asian%20women%20to%20its%20viewers%20around%20the%20world.%20No%20girls%20were%20harmed%20during%20the%20making%20of%20this%20site.&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Daily%20Lenglui%20is%20a%20website%20aimed%20at%20promoting%20beautiful%20Asian%20women%20to%20its%20viewers%20around%20the%20world.%20No%20girls%20were%20harmed%20during%20the%20making%20of%20this%20site.&img_pview=true
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.221.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-221-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
46 B 112ms
111ms Stylesheet
text/css 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=638100801402959337&zx=0f9d8588-4ad1-4e30-9085-a4b7a587e684

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 06:54:50 GMT
server: GSE
date: Mon, 22 Mar 2021 06:54:50 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame CC27 54 KB
21 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=638100801402959337&blogName=Pretty+%2B+Sexy+%2B+Cute+%2B++Hot+%2B+Beautif...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://dailylenglui.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://dailylenglui.blogspot.com/&vt=-3064674441125410852&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57f3082a73b84b78b29e16d0d12c6f4de20da9b5aee1ecacd46612927e12fcf5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vc0/N06A06HBRFz5AS0zNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "985876dfe14fb060dc1aa7f0a0614081"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-vc0/N06A06HBRFz5AS0zNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 22 Mar 2021 06:54:50 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame CC27 121 KB
41 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02aebdddafdbd538758d645bf59f86c2766c1661fc07f55751bfc644721235e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 449608
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41820
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:22 GMT

GET
H2 200 remoteVisit.php
www.intensedebate.com/ 58 B
102 B 163ms
163ms Image
image/gif 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/remoteVisit.php?acct=0&time=1616396090688
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
server: nginx
content-type: image/gif
content-length: 58
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2

200

Yl4ETw-TXos Show response
www.youtube.com/embed/ Frame F513
Redirect Chain

http://www.youtube.com/embed/Yl4ETw-TXos
https://www.youtube.com/embed/Yl4ETw-TXos

51 KB
22 KB

59ms
40ms

Document
text/html

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Yl4ETw-TXos

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56e5fe422bfba622ee04cd7ff34efdfe6a32045bf2166b27878fb840fb68cef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Yl4ETw-TXos
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Mar 2021 06:54:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0QDGGdc1Axo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=3ttdLYRaCgw; Domain=.youtube.com; Expires=Sat, 18-Sep-2021 06:54:50 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+984; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/Yl4ETw-TXos
Non-Authoritative-Reason: HSTS

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 241B
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&c...
https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&...

15 KB
7 KB

89ms
75ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ef473e6e5d0ac460c6786e95f545a4cb9a930116a5b03817ea3cb60ef2b3f4b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: Hjge0g5o7B/ICvWM8Ofk+ILgpXSuH7fjiwteYm5bkGy6o8yqBVL5V8O82Q/U5KKZFAm1ddSoMc02wdGkoZe5PQ==
date: Mon, 22 Mar 2021 06:54:50 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK box-rep.gif
lh4.ggpht.com/-ub9MH2wHXXA/TmC1yVCS68I/AAAAAAAAUs8/x4ncRkME3yM/s800/ 59 B
514 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh4.ggpht.com/-ub9MH2wHXXA/TmC1yVCS68I/AAAAAAAAUs8/x4ncRkME3yM/s800/box-rep.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

96140c2860e42f2db32cd8526d27deed771002ce86cab070e1a975fb1448c077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:45:27 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 563
ETag: "vaf02"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="box-rep.gif"
Timing-Allow-Origin: *
Content-Length: 59
X-XSS-Protection: 0
Expires: Mon, 15 Mar 2021 21:58:40 GMT

GET
H/1.1 200
OK box-top.gif
lh3.ggpht.com/-klnMj_zGDk8/TmCz07oTA_I/AAAAAAAAUso/lCPtdE7ThPw/s800/ 193 B
649 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/-klnMj_zGDk8/TmCz07oTA_I/AAAAAAAAUso/lCPtdE7ThPw/s800/box-top.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d8d022bfafc5db3e38832ef2f4ce66f82b62f41dcf4be93195f7174fb91d26a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:45:27 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 563
ETag: "vaf83"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="box-top.gif"
Timing-Allow-Origin: *
Content-Length: 193
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:59 GMT

GET
H2

200

rate.php
polldaddy.com/ratings/
Redirect Chain

http://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=
https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=

1 KB
531 B

492ms
165ms

Script
application/javascript

192.0.123.248
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.248 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: polldaddy.com
Software: nginx /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript
vary: Accept-Encoding
content-language: en

Redirect headers

Location: https://polldaddy.com/ratings/rate.php?cmd=get&id=5669184&uid=1593957281965108439&item_id=
Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 55ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-3836567914934111&plah=dailylenglui.blogspot.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 06:54:50 GMT

GET
H2 200 2ueii3t.png
sites.google.com/site/eatlahsite/Home/ 7 KB
8 KB 158ms
138ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sites.google.com/site/eatlahsite/Home/2ueii3t.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2c2b5467d76098a4dbd6a22597ee2f8bdbdf44de1b7ad3484729b49430e3ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Oct 2010 05:47:54 GMT
server: GSE
etag: "1286603274116"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noarchive
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7329
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sexysprite.png
lh3.ggpht.com/_j56sqgz-BSs/SvkWDafMV5I/AAAAAAAAAm8/Spuupx_jRc8/s800/ 40 KB
41 KB 19ms
19ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://lh3.ggpht.com/_j56sqgz-BSs/SvkWDafMV5I/AAAAAAAAAm8/Spuupx_jRc8/s800/sexysprite.png

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7531b01031d70b3232e4301e7f2dafb57c5d6393c6c7b265882a452134b6f973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v4b88"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sexysprite.png"
Timing-Allow-Origin: *
Content-Length: 41231
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:12:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 63A1 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 04:26:34 GMT
expires: Mon, 05 Apr 2021 04:26:34 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 8896
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame CA1A 396 B
2 KB 47ms
47ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090774
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: eadd9f2915764589ae48c622bc9f5b7cefef4623336af9f897e736e917674529

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Mon, 22 Mar 2021 06:54:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260583f3abf6df7.102202724205296352%22%3B%7D; expires=Wed, 22 Mar 2023 06:54:50 GMT; path=; domain=.exoclick.com; impressions=x%9C%8D%93IN%C3%40%10E%EF%92u%2C%D5%3Cp%15%C4%0D%10%3BV%88%BBSvlw%DBNG%2C%BB%F5%F5j%F8%BF%7En%AC+%CC8qF8%A0%DF%DE%DE%F1%8E%86%2A%2C%28q%FF%FA%FE%FC%FC%B8%DF8%28%14s%12%C8%00%B7%DCd%06B%F5%3C%C8H%1F%B2%60%1D%C9%92X%8D%26%C1%14U%A5%BD%A8%02%8B%9Fh%BE%D2%94%074%01w%04%98D%88%14%C8%5E%F4%26%C9%0FZ%8D%F7j%04Xe6%94%09%02%2BJ%15u%B6%90%18%8C%B0%F4%C6%F4%E8%8D%12F%93%9A%B8%B9%97%0B%18%1E%86%BB%CCj%B0%80M%86%E9%9E%B5%B7%C5%2C%89%1C%C8%84%00%14k%21%E6%A0%80%7BQ%E3P%0F%3D%C8h%95%A14%17%2C%91%90%8E%B4Xi%29%1D-%1D%F8H%A3%95%A6%CD%05Df%A1%E7E%99%5E%D1%B6%A2%08%7Dob-%96%27%D9%FF%26%E5f%96%A7%10%C3s%19EG%03%A2%D1%A4%8D%16VO%1D%F4%D6%CB2%90%07%9E%B6%03%8C%9CS%DA%F2%E6%0EKo%04%06a%03%D9%12r%C75%E40%BC%D3d%AB%82S%F5%A8%C9-%BD%E7%90%1F%265%EA%3C%25l%9E%D69c%01%E7s%E6%B2%B4%F3%14-BjF%11%B8-%BC4%8D%2A%5B%A3%CE%A9hB%2F%9E%F7%C2%BE%B0%C4%28%25%10%5E%EB%A8%EB%AA%F3%12%9Fe%B4%F1%EA%FF%3E%E3.e%7B_%3D%00%CEe%F7%C3%B9%0A%F7%B5%F4%3C%B8%E4%E4%C4%DB%23%60%C3%40u%3C%D28%A7%F8%B4%96%FDb%C7q%EF%FB%C3%CB%C5%EE%3C%AE%3F%91%25-%C0%A8--%9CV_%9B%F0%F7%0F%15%AB_f; expires=Tue, 23 Mar 2021 06:54:50 GMT; path=/; domain=.exoclick.com;
Content-Encoding: gzip

GET
H/1.1 200
OK sidebar.gif
3.bp.blogspot.com/_qJFbsMHBJNg/Spois08XmoI/AAAAAAAAAOY/FoHLb9yJfDY/s1600/ 57 B
512 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/Spois08XmoI/AAAAAAAAAOY/FoHLb9yJfDY/s1600/sidebar.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

384a34ff3a05872b2b10bd2e2f177f89a30fe6fff15c220916804f2a17449976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:48 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v203"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sidebar.gif"
Timing-Allow-Origin: *
Content-Length: 57
X-XSS-Protection: 0
Expires: Mon, 15 Mar 2021 21:58:41 GMT

GET
H/1.1 200
OK sidebar-top.gif
3.bp.blogspot.com/_qJFbsMHBJNg/SpokRklkgxI/AAAAAAAAAPw/USQYGpJK2cs/s400/ 151 B
611 B 12ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/_qJFbsMHBJNg/SpokRklkgxI/AAAAAAAAAPw/USQYGpJK2cs/s400/sidebar-top.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4b1d31f600c5e526e7d0276d32bcf5e8009b6b9ad4ffa1c838f380778c2cba49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:48 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1d0"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sidebar-top.gif"
Timing-Allow-Origin: *
Content-Length: 151
X-XSS-Protection: 0
Expires: Sun, 21 Mar 2021 18:11:59 GMT

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame 3D09 397 B
814 B 31ms
31ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090784
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0f54745ddc27a9183f55ed9a0aec88f847621fa7a059dd5ae89e8621726d563f

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Mon, 22 Mar 2021 06:54:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260583f3ac20c68.503542983452013516%22%3B%7D; expires=Wed, 22 Mar 2023 06:54:50 GMT; path=; domain=.exoclick.com;
Content-Encoding: gzip

GET
H/1.1 200
OK get Show response
odb.outbrain.com/utils/ 1 KB
1 KB 163ms
148ms Script
text/x-json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fdailylenglui.blogspot.com%2F&srcUrl=http%3A%2F%2Fdailylenglui.blogspot.com%2Ffeeds%2Fposts%2Fdefault&settings=true&recs=false&widgetJSId=NA&key=AYQHSUWJ8576&idx=-1&version=01010326&rand=0.4044641135938696&sig=V3mD7FUz
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5089ccef4e7b0e486e3ead385be28c9c9554bec31d06beb8ee7da90724154fa8

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Via: 1.1 varnish, 1.1 varnish
Traffic-Path: CHIDC2, MDW, HHN, Europe2
X-Cache: MISS, MISS
Backend-IP: 157.52.75.56
X-Cache-Hits: 0, 0
Connection: keep-alive
X-TraceId: 9248e229c6a1799d7713006c965bee90
content-encoding: gzip
Content-Length: 717
X-Served-By: cache-mdw17356-MDW, cache-hhn4069-HHN
X-Timer: S1616396091.822757,VS0,VE122
Vary: Accept-Encoding, User-Agent
Content-Type: text/x-json; charset=UTF-8
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame B147
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=1045...
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104...

44 KB
13 KB

66ms
66ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bc070066a5cd2f13a1ce53e682fabf5e2409b9bfe532c7c590f69fc7c5fd12e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: KlBzbM4Ud4e4eHyeS5RBX8EOge5wQfjIgGA0w1Cs0AKNEZla9IgBvCVQk9CumQn1qEr2AUpXAmqaJM460qN7Xg==
date: Mon, 22 Mar 2021 06:54:50 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK Cookie set ads-iframe-display.php Show response
syndication.exoclick.com/ Frame 9660 1 KB
1 KB 30ms
29ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exoclick.com/ads-iframe-display.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090794
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 75468df7440eff46b099e7e08c29410c77a54673fc256709d2e644b94ded0358

Request headers

Host: syndication.exoclick.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

Server: nginx
Date: Mon, 22 Mar 2021 06:54:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2260583f3ac46a68.69982419196314504%22%3B%7D; expires=Wed, 22 Mar 2023 06:54:50 GMT; path=; domain=.exoclick.com;
Content-Encoding: gzip

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plus/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 14 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plus/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c1f6a682fd1b92ce664dfc6514a68678c02d68818bf4682c8ad1ca72ea84b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 00:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 282797
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4997
x-xss-protection: 0
expires: Sat, 19 Mar 2022 00:21:33 GMT

GET
H3-Q050 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plus,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 74 KB
26 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plus,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c98c8e7ad580fb35a387eef52d646ddc6210f05e17635a566779a6435701b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 04:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 439338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26579
x-xss-protection: 0
expires: Thu, 17 Mar 2022 04:52:32 GMT

GET
H3-Q050 404 badge Show response
apis.google.com/_/widget/render/ Frame 8138 2 KB
1 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c85473c746c5340a518c375c3ca223baec144ce89e9c938c2ca215933537241

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BMbrZuTKfT2rzD4dME7fYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=S101rXcC0gBAq0EV8LSWHY64-fvYYxsBeQ4HM2gBa4j89uFndXAcZNUgurR48saDFCAEIjxJqpKygVQ4bBdiTVDq6JjMqJWSb3zMCHQcviuTql50Q8Zi4glNRE4-ZhMAMK_OoXaWaC1MDBT2nJJMQ5YqkMd8ji99k7FMh5De0nY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Mar 2021 06:54:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-BMbrZuTKfT2rzD4dME7fYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

followers.g
www.blogger.com/ Frame E10E
Redirect Chain

https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4...
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/followers.g?blogID%3D638100801402959337%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYy...
https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4...

14 KB
4 KB

568ms
568ms

Document
text/html

2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__&bpli=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4285
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Mar 2021 06:54:50 GMT
location: https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-gb5n+pJHlZZBE4M4vemi+g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 489
server: GSE
set-cookie: __Host-GAPS=1:cGBiBteXwX-C3Zc_OxULMnN4zZpXrA:LgRdI3k25VG99fU0;Path=/;Expires=Wed, 22-Mar-2023 06:54:50 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

recommendations.php Show response
www.facebook.com/plugins/ Frame F5AE
Redirect Chain

http://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light

13 B
162 B

39ms
38ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
content-type: text/html; charset="utf-8"
x-fb-debug: KGeOGPRdtwT1CeaRmM94F7nbxqyPdgIM+V72ljp/O9ww/0FEi1YYjCAK7LnkP07YTZvjlxSBjr0hIG2LKokCvQ==
date: Mon, 22 Mar 2021 06:54:50 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/recommendations.php?site=dailylenglui.blogspot.com&width=260&height=460&header=true&colorscheme=light
Non-Authoritative-Reason: HSTS

GET
H2 200 getCommentCounts.php
www.intensedebate.com/js/ 1 KB
472 B 166ms
165ms Script
text/javascript 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/js/getCommentCounts.php?acct=0&links=&ids=&titles=
Requested by: Host: www.intensedebate.com
URL: http://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e9e518a179f0ebb12ed0209cb4371a49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H/1.1 200
OK bull.gif
1.bp.blogspot.com/_qJFbsMHBJNg/SpojAH0sNnI/AAAAAAAAAOo/CXuWaakR1cI/s400/ 290 B
743 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/_qJFbsMHBJNg/SpojAH0sNnI/AAAAAAAAAOo/CXuWaakR1cI/s400/bull.gif

Requested by

Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5512d80f311835666d837ec9cc7b2e07c268253eaf6b26bb978585ea87084dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:26:48 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 1682
ETag: "v1a7"
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bull.gif"
Timing-Allow-Origin: *
Content-Length: 290
X-XSS-Protection: 0
Expires: Mon, 22 Mar 2021 15:54:01 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/223a7479/ Frame F513 341 KB
51 KB 34ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 11:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 71285
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Mon, 21 Mar 2022 11:06:45 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/223a7479/www-embed-player.vflset/ Frame F513 161 KB
58 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 85619
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59641
x-xss-protection: 0
expires: Mon, 21 Mar 2022 07:07:51 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame F513 2 MB
2 MB 41ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 00:11:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 24175
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1617663
x-xss-protection: 0
expires: Tue, 22 Mar 2022 00:11:55 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/ Frame F513 8 KB
3 KB 39ms
26ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 05:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 3781
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 22 Mar 2022 05:51:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F513 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 299605
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H/1.1 200
OK js15.js Show response
s10.histats.com/ 11 KB
5 KB 59ms
43ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 22 Mar 2021 06:52:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "980881274"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32943
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
X-IPLB-Request-ID: 52661388:B22A_2E69C9F0:0050_60583F3A_30BE06:173FD
Content-Length: 4405
X-Request-ID: 118001694

GET
H2 200 4n1iciZYFk-.css
www.facebook.com/rsrc.php/v3/yi/l/0,cross/ Frame 241B 15 KB
4 KB 6ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yi/l/0,cross/4n1iciZYFk-.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79d9f69c4f3f93af3c92326d568a44e31ced0afcc40fe60a790942c2b9a3ca2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/like.php?href=http://dailylenglui.blogspot.com/2014/01/jessica-tan-chen-jieshi-from-singapore.html&layout=standard&show-faces=false&width=530&height=30&action=like&colorscheme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 16:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: buwbTjcJ7Nv3xnyW2/NbUw==
cross-origin-resource-policy: cross-origin
content-length: 4101
x-fb-rlafr: 0
x-fb-debug: joMfeS00gccCyPgtiLp0bOm9cOCF36MZz+SCwj37sFDyy66ZUFi92WsPWUljCMNHohPNbY0Y3vpoqifvTsVNGg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 21 Mar 2022 16:54:12 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame D03D 566 B
863 B 60ms
40ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plus,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o6cki1LnfHTufUGP5rfPZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=S101rXcC0gBAq0EV8LSWHY64-fvYYxsBeQ4HM2gBa4j89uFndXAcZNUgurR48saDFCAEIjxJqpKygVQ4bBdiTVDq6JjMqJWSb3zMCHQcviuTql50Q8Zi4glNRE4-ZhMAMK_OoXaWaC1MDBT2nJJMQ5YqkMd8ji99k7FMh5De0nY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Mar 2021 06:54:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-o6cki1LnfHTufUGP5rfPZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5dd3cd0ada12c
warumbistdusoarm.space/iframe/ Frame 1642 1 KB
1 KB 219ms
197ms Document
text/html 2606:4700:3034::ac43:de75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warumbistdusoarm.space/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=160x600&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=1&sub=&text_only=0&show_thumb=&idzone=828798&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090784
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:de75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: warumbistdusoarm.space
:scheme: https
:path: /iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://syndication.exoclick.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://syndication.exoclick.com/

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-type: text/html
set-cookie: __cfduid=d37b574b8729280d8ba008a08490390521616396090; expires=Wed, 21-Apr-21 06:54:50 GMT; path=/; domain=.warumbistdusoarm.space; HttpOnly; SameSite=Lax c_9c9c885158a67952c34fd930a61bf145=1; Expires=Tue, 23-Mar-21 06:54:51 GMT; Domain=warumbistdusoarm.space; Path=/; Secure; SameSite=None z_ff9369bc2e87414c079a92eba1aa292a=1; Expires=Tue, 23-Mar-21 06:54:51 GMT; Domain=warumbistdusoarm.space; Path=/; Secure; SameSite=None __cf_bm=9e74399b4b700cde4ea8573220c37a3eb3724a66-1616396091-1800-AYBIsxdqHPEhrwgsxLHLO18iv0hxE2HjGqjpRZ78b+KenvsXV9JuBnGBynCciVTE6h7sED8leGIHGIx+9ylvd90=; path=/; expires=Mon, 22-Mar-21 07:24:51 GMT; domain=.warumbistdusoarm.space; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 08fa50161600000609dd082000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z8g3VU3UKJCqMYeV89VcxYQZ2g72aPUf4VN3U22gsFyBuJXqlSJhfLEkY8X%2BOkAdP%2Fb7qaS2xcM28qCrcqWsk21rTdIje5QmibOYSFC%2FIa%2F8rhwiJBxlsP0xLkENRKjAQ12r"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 633d82d028bb0609-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5dd3cd2543577
warumbistdusoarm.space/iframe/ Frame C0F1 1 KB
2 KB 199ms
185ms Document
text/html 2606:4700:3034::ac43:de75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warumbistdusoarm.space/iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=300x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828790&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090774
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:de75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: warumbistdusoarm.space
:scheme: https
:path: /iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://syndication.exoclick.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://syndication.exoclick.com/

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-type: text/html
set-cookie: __cfduid=d37b574b8729280d8ba008a08490390521616396090; expires=Wed, 21-Apr-21 06:54:50 GMT; path=/; domain=.warumbistdusoarm.space; HttpOnly; SameSite=Lax c_4750dc7ed9252f25b5d2aca40bfa30f8=1; Expires=Tue, 23-Mar-21 06:54:51 GMT; Domain=warumbistdusoarm.space; Path=/; Secure; SameSite=None z_ec3533aed8300637579f665e17228f8b=1; Expires=Tue, 23-Mar-21 06:54:51 GMT; Domain=warumbistdusoarm.space; Path=/; Secure; SameSite=None __cf_bm=bbbbeb791e564172238347c65a672ab6e4a1916e-1616396091-1800-Ae/vyZ9k/ExbcrjNVm/rTkdQxnW6Z//93xAxfD32P2mqlFLvsa5RCiLRh5OJPTEJPGt4BWNEhJG/YG8NOZXg3jQ=; path=/; expires=Mon, 22-Mar-21 07:24:51 GMT; domain=.warumbistdusoarm.space; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 08fa50161500000609b5042000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xNBKwqjkKvzyLmE2EWJLEAVkFmxImoAHP7awafiLe8cIVaTZq3HXj%2B1obK8rd%2FXufekdGrIaQ3753Hozpqjbc%2Bt03ZBHr7go%2FMOJYsk6ZIYUNHBDxiWM%2BOdJDse9wYtLxv18"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 633d82d028bc0609-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK baf6b3a5f7465f51a7fa944e0b4a0dbca6bb7e11.jpg
s3t3d2y7.ackcdn.net/library/272844/ Frame 9660 10 KB
11 KB 10ms
8ms Image
image/jpeg 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s3t3d2y7.ackcdn.net/library/272844/baf6b3a5f7465f51a7fa944e0b4a0dbca6bb7e11.jpg
Requested by: Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?type=250x250&login=jiahau&cat=472&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=828786&idsite=269728&p=http%3A//dailylenglui.blogspot.com/&dt=1616396090794
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 57826b476fde905ceb25e3472c1f52bd5d2e55cdd92c018f56bb76f0413f2e77

Request headers

Referer: http://syndication.exoclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Last-Modified: Tue, 14 Jan 2020 08:20:01 GMT
ETag: "1578990001"
X-HW: 1616396090.dop223.fr8.t,1616396090.cds261.fr8.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10512

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 8138 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/widget/render/badge?usegapi=1&width=260&rel=publisher&origin=http%3A%2F%2Fdailylenglui.blogspot.com&url=http%3A%2F%2Fplus.google.com%2F113831359489018023234&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Mon, 22 Mar 2021 06:54:50 GMT

GET
H2 200 P8LmXKVtACb.css
www.facebook.com/rsrc.php/v3/yH/l/0,cross/ Frame B147 35 KB
9 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/P8LmXKVtACb.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a2dafdb78735973d4588d3d59f2dbac8e784ed4f3a39c710a862386056afd4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 17:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: z/fDM1sdVzUlTnx3d+0DLw==
cross-origin-resource-policy: cross-origin
content-length: 9225
x-fb-rlafr: 0
x-fb-debug: oSGKQn7GCj2CNkeCIDLj/XMYL4sUQfOKCWlGJxRhn4/TYlo0DSuoz79THAgyU1GZp5+J55U69DMrEPpgRyaEhw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 17:00:29 GMT

GET
H2 200 PdwbQu-vcSZ.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame B147 268 KB
71 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Fbh/Qe0PM/qC6duxJKeuKvGMpmWzbJNmXPHVO+YT1RfPoHg/5mZS1Z/CVX2wLWJhk3q8O358D47eyA3jHTEO7Q==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: nzVqOlCzvtmsFYlxXLwesg==
date: Thu, 18 Mar 2021 20:22:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72319
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 20:22:29 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame B147 65 KB
20 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b402c1a7a2efd185a6d15196f7997e3d18f06abac9c47557b7ba3f164f8287ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:31:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0ud0gBJxyt7dbTMSHUAkbQ==
cross-origin-resource-policy: cross-origin
content-length: 20253
x-fb-rlafr: 0
x-fb-debug: e04AfhdXs9iDCANsUY/QFRwSZ1CKnX/ZazIAiudsf/xJ/J4zYGJS/z7cgxj//0vTzkuO51NC+ZeJCw6cWnRgdA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 15:31:14 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/ Frame B147 122 KB
34 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03e9d0d62b70ae8d31478335a324c17109d6e673237bc65bf6c72272c407cf7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 11:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aLql3jS0vbk1V25PSAAHKQ==
cross-origin-resource-policy: cross-origin
content-length: 34739
x-fb-rlafr: 0
x-fb-debug: P6Z1CnAlUCYAVQYuVNGmx7Cr+C2LMMIMYNJJ18uelzZLqGmBjc0sUD0GnxDATEoh6cAs+Lm6GLuP7r3OOnj82w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 11:08:30 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame B147 7 KB
2 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAMp5DhlJ2pej3twf5dwWw==
cross-origin-resource-policy: cross-origin
content-length: 2304
x-fb-rlafr: 0
x-fb-debug: eVW6d3n2p0DMLiabruQE2ErhwOmtZEw272AleFiDS0d0gppA/BiovexUXFmyDG94LRG1mneDJ0Yc+AAEMIld9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:35 GMT

GET
H2 200 546448_10150613661595936_1792293668_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/p130x130/ Frame B147 3 KB
3 KB 20ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-0/p130x130/546448_10150613661595936_1792293668_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=a61e81&_nc_ohc=A420BHiKflQAX8g59T7&_nc_ht=scontent-frt3-1.xx&tp=6&oh=bc9277adfe0d5bba8fe9280ad513c00d&oe=607E36CE
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3309999711
date: Mon, 22 Mar 2021 06:54:51 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3086220460
x-fb-config-version-olb-prod: 1049
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 3224

GET
H2 200 305869_10150373568115936_2055056898_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/c29.29.367.367a/s50x50/ Frame B147 2 KB
2 KB 20ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/c29.29.367.367a/s50x50/305869_10150373568115936_2055056898_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=Uv9r6K2NG8MAX_oL7OS&_nc_ht=scontent-frt3-2.xx&tp=28&oh=da25253cf461123dccff7f2d586cbf76&oe=607F0238
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fdailylenglui&width=250&height=290&show_faces=true&colorscheme=light&stream=false&border_color&header=true&appId=104507022925978
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1741071610
date: Mon, 22 Mar 2021 06:54:51 GMT
x-fb-trip-id: 686109401
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1379147560
x-fb-config-version-olb-prod: 2dee580334c349b28254b5de29a02d5a
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1570

GET
H/1.1 200
OK 991008.php
s4.histats.com/stats/ 74 B
208 B 327ms
111ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/991008.php?991008&@f16&@g1&@h1&@i1&@j1616396090923&@k0&@l1&@mPretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&@n0&@o1000&@q0&@r0&@s605&@ten-US&@u1600&@b1:-115665672&@b3:1616396091&@b4:js15.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fdailylenglui.blogspot.com%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.27 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Connection: close
Content-Length: 74
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK ice.js Show response
resources.infolinks.com/js/1736.006-3.012/ 588 KB
189 KB 54ms
37ms Script
application/javascript 104.22.2.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151c06087f0bc38ab8f678e2ae0d0c7898d1057112476c6fbd29cbc193500a

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 13482
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip
cf-request-id: 08fa5016500000fa6c7a125000000001
Last-Modified: Sun, 14 Mar 2021 07:20:51 GMT
Server: cloudflare
ETag: W/"93152-5bd79f91c3b36"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
CF-RAY: 633d82d08c6ffa6c-AMS
Expires: Wed, 21 Apr 2021 03:10:08 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 33ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7F) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6B7F)
Age: 1308
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H3-Q050

200

id
googleads.g.doubleclick.net/pagead/ Frame F513
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
430 B

14ms
14ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame F513 29 B
406 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:48:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 400
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 22 Mar 2021 07:03:11 GMT

GET
H3-Q050 200 remote.js
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame F513 97 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 06:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 87677
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32697
x-xss-protection: 0
expires: Mon, 21 Mar 2022 06:33:34 GMT

GET
H3-Q050 200 EZf8jxdwqkL23uxFPDBdTiNZzxbWfe97GgGOcmp5ap4.js
www.google.com/js/bg/ Frame F513 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/EZf8jxdwqkL23uxFPDBdTiNZzxbWfe97GgGOcmp5ap4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 22:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 116557
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5658
x-xss-protection: 0
expires: Sun, 20 Mar 2022 22:32:14 GMT

GET
H3-Q050 200 embed.js
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame F513 23 KB
23 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 449324
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23645
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:06:07 GMT

GET
DATA 200
OK truncated
/ Frame F513 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnh5Zt-Jwa13BldBr_plcGaZhjUn6zgE42MfXeEW=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F513 2 KB
3 KB 25ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnh5Zt-Jwa13BldBr_plcGaZhjUn6zgE42MfXeEW=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:26:49 GMT
x-content-type-options: nosniff
age: 1682
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2209
x-xss-protection: 0
server: fife
etag: "v57"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 23 Mar 2021 06:26:49 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Yl4ETw-TXos/ Frame F513 49 KB
49 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Yl4ETw-TXos/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:26:49 GMT
x-content-type-options: nosniff
server: sffe
age: 1682
etag: "1389634051"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50230
x-xss-protection: 0
expires: Mon, 22 Mar 2021 08:26:49 GMT

GET
H2 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame B147 573 B
792 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/P8LmXKVtACb.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/P8LmXKVtACb.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: SaQlx/huvbQbRDjiTlvBB22rzg719B6U7UX2+mYHc8mG5UVojMs5R2AYlJQ5bwLZ67s8i7my5NUTHZWCIEV6Vw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Thu, 18 Mar 2021 19:18:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 19:18:54 GMT

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html
platform.twitter.com/widgets/ Frame 6E3E 320 KB
104 KB 54ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fdailylenglui.blogspot.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 986643
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Mar 2021 06:54:51 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H2 200 2038943760-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame D03D 10 KB
5 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdailylenglui.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 17:30:24 GMT
server: sffe
age: 41529
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:22:42 GMT

GET
H3-Q050 200 rpc:shindig_random.js
apis.google.com/js/ Frame D03D 12 KB
5 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EElNE/XDHSMUGoaLzsJXbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "c489adc86eb80e5d71f9e88a3dbbf731"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-EElNE/XDHSMUGoaLzsJXbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H2 200 pbice.js
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 78ms
34ms Script
application/javascript 104.22.2.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 633d82d27c864c79-AMS
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 9835
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
cf-request-id: 08fa50178c00004c79c6283000000001
expires: Wed, 21 Apr 2021 04:10:56 GMT

GET
H2 200 manage
router.infolinks.com/usync/ Frame 274C 9 KB
2 KB 176ms
133ms Document
text/html 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=98804&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=dae68b57653248ad3f70673d6da5166aa1616396091; expires=Wed, 21-Apr-21 06:54:51 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 08fa5017a000004c8589b51000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 633d82d298704c85-AMS
content-encoding: gzip

GET
H2 200 lcmanage
router.infolinks.com/usync/ 0
324 B 164ms
126ms Script
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=98804&wsid=0
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 633d82d298724c85-AMS
content-length: 0
cf-request-id: 08fa5017a000004c85ab84a000000001

GET
H/1.1 200
OK get
odb.outbrain.com/utils/ 1 KB
1 KB 249ms
249ms Script
text/x-json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://odb.outbrain.com/utils/get?url=http%3A%2F%2Fdailylenglui.blogspot.com%2F2014%2F01%2Fjessica-tan-chen-jieshi-from-singapore.html&srcUrl=http%3A%2F%2Fdailylenglui.blogspot.com%2Ffeeds%2Fposts%2Fdefault&settings=true&recs=true&widgetJSId=NA&key=AYQHSUWJ8576&idx=0&version=01010326&ref=&apv=false&rand=0.17708813397149625&sig=V3mD7FUz
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Via: 1.1 varnish, 1.1 varnish
Traffic-Path: CHIDC2, MDW, HHN, Europe2
X-Cache: MISS, MISS
Backend-IP: 157.52.75.61
X-Cache-Hits: 0, 0
Connection: keep-alive
X-TraceId: e8922578c405486cdb866b1b7a46cc1f
content-encoding: gzip
Content-Length: 721
X-Served-By: cache-mdw17361-MDW, cache-hhn4069-HHN
X-Timer: S1616396091.270275,VS0,VE229
Vary: Accept-Encoding, User-Agent
Content-Type: text/x-json; charset=UTF-8
Accept-Ranges: bytes
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame D03D 51 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 18:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 476257
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18054
x-xss-protection: 0
expires: Wed, 16 Mar 2022 18:37:14 GMT

GET
H2 200 16baf883f197f53caa05a4918bd2bef2.png
stimmtso.space/bnr/4/16b/af883f/ Frame C0F1 96 KB
97 KB 34ms
11ms Image
image/png 2606:4700:3032::6815:2385
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stimmtso.space/bnr/4/16b/af883f/16baf883f197f53caa05a4918bd2bef2.png
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 46243
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98011
cf-request-id: 08fa5017a200004ebc4c1c4000000001
last-modified: Thu, 16 Jan 2020 09:40:21 GMT
server: cloudflare
etag: "5e202f85-17edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qwwoEhUUVfW5SH6flFy4Eudz9Ce%2ByJ%2BuEJ5dK%2FVO%2BjzWjnu2yuQurNUNzhcVtkwOn58iN8G5pmJKgcki0yYMYaBgFdkG%2Fn0ftwfd%2FlKxgKUfV9MFhQU%2B6q%2BIEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 633d82d29e294ebc-FRA
expires: Mon, 22 Mar 2021 18:04:08 GMT

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame C0F1 0
419 B 69ms
24ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame C0F1 0
419 B 72ms
28ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame C0F1 0
418 B 70ms
25ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd2543577?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 3bd6375d306622fd463606c1253373eb.png
spagat.space/bnr/4/3bd/6375d3/ Frame 1642 143 KB
144 KB 43ms
17ms Image
image/png 2606:4700:3033::6815:5362
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spagat.space/bnr/4/3bd/6375d3/3bd6375d306622fd463606c1253373eb.png
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2219
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 146289
cf-request-id: 08fa5017a600009778d706f000000001
last-modified: Thu, 21 May 2020 13:54:37 GMT
server: cloudflare
etag: "5ec6881d-23b71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KxIYPuvd54spBvnmI6KTk5r3I9kLBaQyZO2izUnSg8pyme%2BmKO52Tktvow1adk5Gj1yFIiiHbbDLvKhid%2BxFBG2VTBB1ZiJLUoyd5aO1OlnbjFpd2KlneeA%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 633d82d2a9309778-FRA
expires: Tue, 23 Mar 2021 06:17:52 GMT

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 1642 0
419 B 69ms
26ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 1642 0
419 B 68ms
25ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 1642 0
418 B 68ms
26ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=eea564a66f809bfecfdddb23eba6c846
Requested by: Host: warumbistdusoarm.space
URL: https://warumbistdusoarm.space/iframe/5dd3cd0ada12c?iframe&ag_custom_domain=dailylenglui.blogspot.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warumbistdusoarm.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F513 4 KB
2 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H2 200 cc_605.js
s10.histats.com/counters/ 13 KB
4 KB 87ms
29ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_605.js
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:51:44 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 51.254.41.192/26
etag: "49411206"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4312
x-request-id: 22677770

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame F513 0
38 B 6ms
5ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?oWiN8w
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Yl4ETw-TXos
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.youtube.com/embed/Yl4ETw-TXos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 settings
syndication.twitter.com/ Frame 6E3E 183 B
411 B 187ms
135ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5b94a5dff05a770a20acb4466fc84a573a373735

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fdailylenglui.blogspot.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 06:54:51 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c545c751b547f0d0abeaf96a8c1cc62f
strict-transport-security: max-age=631138519
content-length: 152

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 1043
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=infolinks&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east

281 B
554 B

73ms
23ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Mar 2021 06:54:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Date: Mon, 22 Mar 2021 06:54:51 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
de.tynt.com/deb/ Frame 9E52 75 B
289 B 349ms
111ms Document
text/html 208.100.17.185
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip185.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Tue, 23 Mar 2021 06:54:30 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 22 Mar 2021 06:54:29 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C963
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

2 KB
3 KB

37ms
37ms

Document
text/html

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YFg-O9WIL-Qoxadar7dDcAAA; CMPS=1132
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|39|241|111|156|46|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1742
Expires: Mon, 22 Mar 2021 06:54:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Connection: keep-alive
Set-Cookie: CMID=YFg-O9WIL-Qoxadar7dDcAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Mar 2022 06:54:51 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Jun 2021 06:54:51 GMT CMPRO=1162;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Jun 2021 06:54:51 GMT CMST=YFg-O2BYPzsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Mar 2021 06:54:51 GMT CMRUM3=2760583f3b0b40&6f60583f3b05a0&f160583f3b05a00&e660583f3b27600&9c60583f3b05a00&2e60583f3b05a0&2d60583f3b05a0&1f60583f3b05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Mar 2022 06:54:51 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 22 Mar 2021 06:54:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Connection: keep-alive
Set-Cookie: CMID=YFg-O9WIL-Qoxadar7dDcAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Mar 2022 06:54:51 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 20 Jun 2021 06:54:51 GMT

GET
H2 200 /
onetag-sys.com/usync/ Frame CE0B 2 KB
818 B 68ms
22ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=2505658982353507933

35 B
389 B

145ms
144ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=2505658982353507933
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d41b014c85-AMS
content-length: 35
cf-request-id: 08fa50188f00004c856a1ef000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 1faf96dc-292b-494a-be77-026602c95923
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=2505658982353507933
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2122809797
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2122809797
https://sync.1rx.io/usersync/tradedesk/75c19649-90b2-45d2-babc-32b5c35bd033
https://sync.targeting.unrulymedia.com/csync/RX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003

35 B
254 B

199ms
199ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d5edf44c85-AMS
content-length: 35
cf-request-id: 08fa5019b400004c8568854000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

Redirect headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: Tengine
ETag: RX6987579f9a6d464cb59fae6b1ef0a8c5003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://router.infolinks.com/dyn/r1-usync?uid=RX-6987579f-9a6d-464c-b59f-ae6b1ef0a8c5-003
Connection: keep-alive
Content-Type: text/html

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 274C 0
72 B 342ms
105ms Image
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status: 2000208
date: Mon, 22 Mar 2021 06:54:29 GMT
server: 33XP003

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
204 B

131ms
131ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d5ddce4c85-AMS
content-length: 35
cf-request-id: 08fa5019ac00004c859c2ef000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 274C 0
478 B 78ms
18ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 274C
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fdailylenglui.blogspot.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fdailylenglui.blogspot.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=1288906941228643427

95 B
945 B

138ms
34ms

Image
image/png

54.77.10.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=1288906941228643427

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.10.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-10-176.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 22 Mar 2021 06:54:51 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 22 Mar 2021 06:54:51 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid: 19018341-1aba-4e16-8635-2c7d41750130
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2Fdailylenglui.blogspot.com%2F&pid=12306&adnxs_uid=1288906941228643427
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 274C 42 B
233 B 272ms
89ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP80039076-8adb-11eb-bf82-06bcd721beb8
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP80039076-8adb-11eb-bf82-06bcd721beb8&verify=true
https://router.infolinks.com/dyn/outh-usync?uid=y-dVjM0d5E2uGS0.yUYvGkKlNaBDYMwhXZ~A~UP80039076-8adb-11eb-bf82-06bcd721beb8

35 B
262 B

128ms
125ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-dVjM0d5E2uGS0.yUYvGkKlNaBDYMwhXZ~A~UP80039076-8adb-11eb-bf82-06bcd721beb8
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d51ca94c85-AMS
content-length: 35
cf-request-id: 08fa50192c00004c85d8ba1000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

Redirect headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-dVjM0d5E2uGS0.yUYvGkKlNaBDYMwhXZ~A~UP80039076-8adb-11eb-bf82-06bcd721beb8
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=91678df2a84ef1e3d97cde58

35 B
220 B

133ms
133ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=91678df2a84ef1e3d97cde58
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d42b194c85-AMS
content-length: 35
cf-request-id: 08fa50189b00004c857f021000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

Redirect headers

Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=91678df2a84ef1e3d97cde58
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

ImgSync
image8.pubmatic.com/AdServer/ Frame 274C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjM4ODI4QjgtNDVBNC00MTk4LTlBMzMtQUUzNEYwQjE0ODY5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
75 B

18ms
18ms

Image
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:50 GMT
Content-Length: 0

Redirect headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
X-lat: lhrpug015:0:612
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjVCNkJGNjItNjNDQi00RDhFLUFFOUItQUFDMjVGODU5NUIx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DB38828B8-45A4-4198-9A33-AE34F0B14869
https://router.infolinks.com/dyn/usersync?pmuservalue=B38828B8-45A4-4198-9A33-AE34F0B14869

0
405 B

139ms
138ms

Image
text/plain

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=B38828B8-45A4-4198-9A33-AE34F0B14869
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 633d82d7c94b4c85-AMS
content-length: 0
cf-request-id: 08fa501ada00004c8569086000000001

Redirect headers

Location: https://router.infolinks.com/dyn/usersync?pmuservalue=B38828B8-45A4-4198-9A33-AE34F0B14869
Date: Mon, 22 Mar 2021 06:54:51 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

bizzc-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://us.ck-ie.com/nfol263.gif?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fbizzc-usync%3Fuid%3D%7B%24PARTNER_UID%7D
https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550

35 B
298 B

126ms
125ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d86a594c85-AMS
content-length: 35
cf-request-id: 08fa501b4200004c85853a7000000001
expires: Sun, 22 Mar 2020 06:54:52 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://router.infolinks.com/dyn/bizzc-usync?uid=7c745f513af845ca62a40364d8e04a85accdd0a7039e76d04a7ae12a0d9b0550
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 274C 0
167 B 126ms
125ms Image
text/plain 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 633d82d39a2a4c85-AMS
content-length: 0
cf-request-id: 08fa50184100004c8589b5d000000001

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1871597493636164912

35 B
259 B

141ms
141ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1871597493636164912
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82dbe8f34c85-AMS
content-length: 35
cf-request-id: 08fa501d7200004c856b07a000000001
expires: Sun, 22 Mar 2020 06:54:52 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1871597493636164912
Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sx-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8851&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsx-usync%3Fuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=80eaee5c-8adb-11eb-8c9f-1384e0ef3106
https://router.infolinks.com/dyn/sx-usync?uid=80eaee23-8adb-11eb-8c9f-1384e0ef3106

35 B
378 B

136ms
136ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sx-usync?uid=80eaee23-8adb-11eb-8c9f-1384e0ef3106
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82ddbc334c85-AMS
content-length: 35
cf-request-id: 08fa501e9800004c85d5228000000001
expires: Sun, 22 Mar 2020 06:54:53 GMT

Redirect headers

Date: Mon, 22 Mar 2021 06:54:53 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sx-usync?uid=80eaee23-8adb-11eb-8c9f-1384e0ef3106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 83
Connection: keep-alive
Content-Length: 0

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 274C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://router.infolinks.com/dyn/VR-usync?uid=y-9d_mYzNE2uEYazSFC1VEC9iBJZRXJfxW.YI78SY-~A

35 B
237 B

264ms
264ms

Image
image/gif

172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-9d_mYzNE2uEYazSFC1VEC9iBJZRXJfxW.YI78SY-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=98804&wsid=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d57d3f4c85-AMS
content-length: 35
cf-request-id: 08fa50196a00004c85b4832000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

Redirect headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-9d_mYzNE2uEYazSFC1VEC9iBJZRXJfxW.YI78SY-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK outbrainWidget.css
widgets.outbrain.com/mu/css/ 16 KB
4 KB 52ms
52ms Stylesheet
text/css 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/mu/css/outbrainWidget.css?v=01010326
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Cookie: CheetahStaging=true
Connection: keep-alive
Content-Length: 3333
Last-Modified: Sun, 18 Aug 2019 14:32:06 GMT
Server: AkamaiNetStorage
ETag: "32bea34dd5eb870d71a0fe6924ae2e9f:1566138726"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=345600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Timing-Allow-Origin: *, *

GET
H/1.1 200
OK Cookie set comScore.htm
widgets.outbrain.com/nanoWidget/3rd/comScore/ Frame 12FC 1 KB
1 KB 51ms
49ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/OutbrainRater.js
Protocol: HTTP/1.1
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: widgets.outbrain.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://dailylenglui.blogspot.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "c8168943484af9b72a02b35c90882b46:1458203027"
Last-Modified: Thu, 17 Mar 2016 08:23:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=345600
Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Length: 720
Connection: keep-alive
Timing-Allow-Origin: * *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Cookie: CheetahStaging=true
Set-Cookie: akacd_widgets_routing=1616396091~rv=70~id=22a96295c4b443b59b70f35c8e994147; path=/; Expires=Mon, 22 Mar 2021 06:54:51 GMT

GET
H/1.1 200
OK beacon.js
b.scorecardresearch.com/ Frame 12FC 1 KB
1 KB 54ms
39ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/nanoWidget/3rd/comScore/comScore.htm
Protocol: HTTP/1.1
Server: 2.16.186.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: http://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 23 Mar 2021 06:54:51 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C963
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YFg-O9WIL-Qoxadar7dDcAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAmKfIMDuwXl1z1zNaeWwNQ&google_cver=1

43 B
1 KB

28ms
28ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAmKfIMDuwXl1z1zNaeWwNQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Mar 2021 06:54:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAmKfIMDuwXl1z1zNaeWwNQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame C963
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHuuIJI8ueXrqUJgp245x-s&google_cver=1

43 B
315 B

62ms
30ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHuuIJI8ueXrqUJgp245x-s&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 22 Mar 2021 06:54:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEHuuIJI8ueXrqUJgp245x-s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame C963 70 B
264 B 53ms
33ms Image
image/gif 34.249.70.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&gdpr=1&cm_dsp_id=70&cm_user_id=YFg-O9WIL-Qoxadar7dDcAAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.70.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-70-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C963
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB&dcc=t

43 B
720 B

122ms
122ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFg_O9WIL_Qoxadar7dDcAAABIoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame C963 0
188 B 1112ms
31ms Image
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame C963 35 B
380 B 1388ms
94ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:35 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame C963 0
0 1071ms
19ms Image
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame C963
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6696824921271802730&uid=Q6696824921271802730&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

23ms
23ms

Image
image/gif

88.221.62.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.62.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-62-154.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 22 Mar 2021 06:54:52 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame C963 35 B
329 B 126ms
125ms Image
image/gif 172.67.39.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YFg-O9WIL-Qoxadar7dDcAAA%261162
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.39.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 06:54:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 633d82d47ba24c85-AMS
content-length: 35
cf-request-id: 08fa5018c800004c856787b000000001
expires: Sun, 22 Mar 2020 06:54:51 GMT

GET
H/1.1 200
OK usync.js
eus.rubiconproject.com/ Frame 1043 31 KB
10 KB 26ms
25ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 06:54:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56911
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Mon, 22 Mar 2021 22:43:22 GMT

GET
H3-Q050 200 plusone.js
apis.google.com/js/ Frame E10E 54 KB
20 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/followers.g?blogID=638100801402959337&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fdailylenglui.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__&bpli=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NvJGzFHWh5NzcIQ/QU1bPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-NvJGzFHWh5NzcIQ/QU1bPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1043 284 B
536 B 104ms
26ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=infolinks&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 12FC
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=000&ns__t=1616396091629&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1616396091629&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.ht...

0
528 B

24ms
24ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1616396091629&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F&cs_ak_ss=1
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: http://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=000&ns__t=1616396091629&ns_c=windows-1252&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2F3rd%2FcomScore%2FcomScore.htm&c9=http%3A%2F%2Fdailylenglui.blogspot.com%2F&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 22 Mar 2021 06:54:51 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame E10E 144 KB
51 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 14:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 491677
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Wed, 16 Mar 2022 14:20:14 GMT

GET
H3-Q050 200 cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame E10E 39 KB
13 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=gapi_iframes,gapi_iframes_style_common/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 10:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 417999
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13172
x-xss-protection: 0
expires: Thu, 17 Mar 2022 10:48:12 GMT

GET
H3-Q050 200 AIbEiAIAAABDCNKr6dyd2Z6vAyILdmNhcmRfcGhvdG8qKDRiMDJhYzhkYWM0YjQxYWI3ZWI2N2EyOTBkNThjNTA3N2VjMzJiMWQwAaWGdPUv4xwRp3FiaqtDEDxU28S7
www.google.com/s2/photos/public/ Frame E10E 3 KB
3 KB 37ms
33ms Image
image/jpeg 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/s2/photos/public/AIbEiAIAAABDCNKr6dyd2Z6vAyILdmNhcmRfcGhvdG8qKDRiMDJhYzhkYWM0YjQxYWI3ZWI2N2EyOTBkNThjNTA3N2VjMzJiMWQwAaWGdPUv4xwRp3FiaqtDEDxU28S7

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 16:23:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 13:23:47 GMT
server: GSE
age: 52291
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=2419200
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3413
x-xss-protection: 1; mode=block
expires: Wed, 24 Mar 2021 13:23:47 GMT

GET
H3-Q050 200 AIbEiAIAAABECOD7n-jR0KCO-gEiC3ZjYXJkX3Bob3RvKihmYmM0ZWJkOTNkN2FhNzAzZTgwYjFiOTE5YzgyYTBjN2ZkYzkxNTdiMAEx9wlpjXOv8jgoMCEmTazIn6l6Sg
www.google.com/s2/photos/public/ Frame E10E 4 KB
4 KB 36ms
32ms Image
image/jpeg 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/s2/photos/public/AIbEiAIAAABECOD7n-jR0KCO-gEiC3ZjYXJkX3Bob3RvKihmYmM0ZWJkOTNkN2FhNzAzZTgwYjFiOTE5YzgyYTBjN2ZkYzkxNTdiMAEx9wlpjXOv8jgoMCEmTazIn6l6Sg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 08:03:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 02:35:02 GMT
server: GSE
age: 82290
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=2419200
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3912
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 02:35:02 GMT

GET
H3-Q050

200

AOh14GgI-0xiajkIAP5pm8RxO0RXy4nqL3bdkadF3E7MCQ=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCOjH6P_3gvvlaCILdmNhcmRfcGhvdG8qKDgzOWUwN2EyNGNhMDZmZjBlYTAyYzAwZjdlNjNhYjQwMDE0NGQ0MWQwAfDuCviaO0QgCJZZXmsrZcucBxvk
https://lh3.googleusercontent.com/a-/AOh14GgI-0xiajkIAP5pm8RxO0RXy4nqL3bdkadF3E7MCQ=s96-p

5 KB
5 KB

147ms
146ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgI-0xiajkIAP5pm8RxO0RXy4nqL3bdkadF3E7MCQ=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1e9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5134
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GgI-0xiajkIAP5pm8RxO0RXy4nqL3bdkadF3E7MCQ=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050 200 photo.jpg
lh3.googleusercontent.com/-104eqB00hcA/AAAAAAAAAAI/AAAAAAAAAiw/WL3uU41WmkE/s45-c/ Frame E10E 316 B
684 B 111ms
65ms Image
image/png 2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-104eqB00hcA/AAAAAAAAAAI/AAAAAAAAAiw/WL3uU41WmkE/s45-c/photo.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:22:47 GMT
x-content-type-options: nosniff
server: fife
age: 1924
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:22:47 GMT

GET
H3-Q050

200

AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPTfxN2ytNG2USILdmNhcmRfcGhvdG8qKDUyZGY0OWVjYzU1MjA3YTBlYWNhOGViNzkyM2I3MGNhMDAyMjYzNGYwAalM-KFTNrrQh2At4Hq2FWHaOn7v
https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p

7 KB
7 KB

92ms
90ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2087"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14Ghzyf6SQUOTxpJ_qjj9bktE8AlHsRA8uPkvpea7dQ=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECIT1wKvS-M-coAEiC3ZjYXJkX3Bob3RvKihjN2JkOGE1OGU4NWUxMGMwNGUxNzM0MTBlMzJhOGMzNDIwZDg4YmVlMAGIqzklXoWOgLTfBpAc-KGbmLCkpw
https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p

4 KB
4 KB

95ms
93ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "vade"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4506
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GjW1mQscn1vHWxHSljF4QND1BqbMYTLJZWVvJN1UQ=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCPrN553y89yjHSILdmNhcmRfcGhvdG8qKGM4NjdmZTUyMTE1YWUwYjIwM2I1YTFkMWNmZmJlN2Y5YmE5MTJhZDQwAaan0GVzhW0Did0RfJ7nuzWshzoD
https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p

3 KB
3 KB

186ms
186ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v50e6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3301
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GjDiuAT0qkf9MgN2KxmlFvqlvZWrNpU-PdR3PxCRzw=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCKmKkvXW-OiJLiILdmNhcmRfcGhvdG8qKGVhZDBhNDM1YTg5NDUxMDc2ZTk1MTM3YjZiYTQyYjZjOWU4ZjBiZWUwATeXwoRAgSIIC0apbQFKJDkmYC6C
https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p

3 KB
3 KB

198ms
198ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3086
x-xss-protection: 0
server: fife
etag: "v1699"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Mar 2021 13:03:10 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GiHk6pR47_zFjiEiJZc87Prc6etZ4hcjceVHwExRw=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECOWDqenlro6o0wEiC3ZjYXJkX3Bob3RvKigzMzBiNmUzYzIxY2QxOTA3MjlmMTVjNDdlY2Y1YTRjMmQwNTBkOTE1MAFElQ11LAw06J7zOEX4na8akbh0qA
https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p

3 KB
3 KB

94ms
92ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v6ca"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3006
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GgW4cGE5fBwByQl5rysuX7V6NL2oGfzvhOjNbqZXg=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECMCmoen17arb5QEiC3ZjYXJkX3Bob3RvKig3ZDgzOWRlNTYyMzIwNjE3ZWRlMDNiYjNhNDMxMjFhNDQ0MjFkYThlMAGxFfFpVoUpUk3adgn_-IVPguf5dA
https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p

2 KB
2 KB

222ms
221ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2385"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1801
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GhRPOGUCjmRl6waxWNZSKToktdkOJX6QMt34TCQLg=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJTRibz5iZn-FCILdmNhcmRfcGhvdG8qKGYzYjI5YWNkN2M3NWYxNjQzNzc5ZmE0ZmY5MWFlNTYwY2QwYzVjYTMwAfN-Y_ipFyu3hvrcnPc3lP8L2t8-
https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p

3 KB
3 KB

185ms
185ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v5c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3496
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14Gh65ibEJIjp5so-8hpadd7fTPiGffzvHIyBfx0A=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCJLPr5P_m7iNKiILdmNhcmRfcGhvdG8qKDgzOTNjMzUzNGVhNTUxYWU5MzhjOTFlNjM3OGM3MDk4YTUxOTE4NGYwAcRofZD4JFPHcXA1UYGPk9lApMkF
https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p

3 KB
3 KB

198ms
197ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: fife
etag: "v9b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Mar 2021 19:47:54 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GiUfLeQtJXKy9O3svkYiPbhtQFqrzon6LqupNlAtw=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14Gg_Gss6JXLuQJiPMP9olYATb-iNkOuZXfAB5ZNK-w=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCL7K7qre4IraJiILdmNhcmRfcGhvdG8qKDIxODM1Njg1NjY3ZDZlMjc5YzU2YmY1NWJkM2M2ZmE2ZDMwOTVlMDMwAbEuckjHX-Vm3E9N1GsPwykcDtZf
https://lh3.googleusercontent.com/a-/AOh14Gg_Gss6JXLuQJiPMP9olYATb-iNkOuZXfAB5ZNK-w=s96-p

4 KB
4 KB

90ms
88ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gg_Gss6JXLuQJiPMP9olYATb-iNkOuZXfAB5ZNK-w=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2e0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4006
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14Gg_Gss6JXLuQJiPMP9olYATb-iNkOuZXfAB5ZNK-w=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCK32zJe6gMqZPiILdmNhcmRfcGhvdG8qKDkwYTBlYWI4ZmE3MzhkNWIyMjE0ZGU2NzNmODg5ODY3MGNlOGMzOGYwAX-w7UZ1CCbx46_rjDB3upAOwuq8
https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p

4 KB
5 KB

97ms
96ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v59"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4574
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GhoTQmSFsVUVcecIrn2bKaFbFKp5FokfXDaAwe2=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECPrUiI-Vub29zQEiC3ZjYXJkX3Bob3RvKigxNzUwMzQzYjA4ZmQ0ZWE5ZjMzM2YwNzAzZjRkMTI2ZDM4NzIxOGQyMAEgaMkNCazF4JO2Q5vXoUmhcKxMpw
https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p

3 KB
3 KB

94ms
92ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3507
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GjamKONFcc7JlyCqOg_vdH_qlMMZKsQfUuLgTWp=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H2 200 rZlqhlfVh2.jpg
1.bp.blogspot.com/-_I7XIZMluwQ/W3KBcD8UBXI/AAAAAAAADCU/wlLdgPXxRGAFrvjMB5EHDStCh5WRQfULQCK4BGAYYCw/s45-c/ Frame E10E 4 KB
5 KB 52ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_I7XIZMluwQ/W3KBcD8UBXI/AAAAAAAADCU/wlLdgPXxRGAFrvjMB5EHDStCh5WRQfULQCK4BGAYYCw/s45-c/rZlqhlfVh2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:26:49 GMT
x-content-type-options: nosniff
age: 1682
content-disposition: inline;filename="rZlqhlfVh2.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4501
x-xss-protection: 0
server: fife
etag: "vc28"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Mar 2021 17:22:08 GMT

GET
H3-Q050 200 AF1QipNkxCbxHUbFc0jjxT8RuLrc5bv1z8rudb5jdmaD=s45-c
lh3.googleusercontent.com/p/ Frame E10E 4 KB
4 KB 311ms
268ms Image
image/png 2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNkxCbxHUbFc0jjxT8RuLrc5bv1z8rudb5jdmaD=s45-c?key=CPvLg4Kc-In7jAE

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v73"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

AOh14Gh6xKfRGdZzGx7gy2yHuqssLao3Hm-R6cSTk79TJA=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABDCK7iwabQprTrPCILdmNhcmRfcGhvdG8qKGNmMjQxODQ2YzZlZjhiNmViYjA2YWUxYzY0OGUzZjg4MDFlYjU1OGYwAcE8Iu9C9Z1Jzza4h7FCtQBof1sv
https://lh3.googleusercontent.com/a-/AOh14Gh6xKfRGdZzGx7gy2yHuqssLao3Hm-R6cSTk79TJA=s96-p

4 KB
4 KB

97ms
96ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gh6xKfRGdZzGx7gy2yHuqssLao3Hm-R6cSTk79TJA=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "va7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4238
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14Gh6xKfRGdZzGx7gy2yHuqssLao3Hm-R6cSTk79TJA=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050 200 AF1QipMAmYuvidnMcWneiTvNRjYBZ3EPlPUzHqqkSt8=s45-c
lh3.googleusercontent.com/p/ Frame E10E 4 KB
4 KB 335ms
292ms Image
image/png 2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipMAmYuvidnMcWneiTvNRjYBZ3EPlPUzHqqkSt8=s45-c?key=CJTjpvPBkIv8UA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4394
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

AOh14GjQhydIECGISJZGkQpiHowyo7ICIdyLTfPsVg29=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECPSe9e_bxOzbxgEiC3ZjYXJkX3Bob3RvKihhNmQxNTU2NzU2OThjYzdlNzdjODU5MmRlNmE3MDk1NzAwMjgwMjExMAE06YFQNHM5g5kMCjVdO3RorhQhYg
https://lh3.googleusercontent.com/a-/AOh14GjQhydIECGISJZGkQpiHowyo7ICIdyLTfPsVg29=s96-p

4 KB
4 KB

200ms
200ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GjQhydIECGISJZGkQpiHowyo7ICIdyLTfPsVg29=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4318
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GjQhydIECGISJZGkQpiHowyo7ICIdyLTfPsVg29=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H3-Q050

200

AOh14GhyuYwqy4rleW_-OvmZac7lsOch4oadx0TKCJnaaQ=s96-p
lh3.googleusercontent.com/a-/ Frame E10E
Redirect Chain

https://www.google.com/s2/photos/public/AIbEiAIAAABECO2Cl8W17-ePvQEiC3ZjYXJkX3Bob3RvKig0ZTdjMjg0OWZkMjVhZTU5N2Q1MmY0NDUwNTk0YzJkMjY2ODIwMDZlMAF9jH3ESmM5eqjTBc07mvVvYLfcrQ
https://lh3.googleusercontent.com/a-/AOh14GhyuYwqy4rleW_-OvmZac7lsOch4oadx0TKCJnaaQ=s96-p

7 KB
7 KB

202ms
202ms

Image
image/jpeg

2a00:1450:400d:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GhyuYwqy4rleW_-OvmZac7lsOch4oadx0TKCJnaaQ=s96-p

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v30f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7074
x-xss-protection: 0
expires: Tue, 23 Mar 2021 06:54:51 GMT

Redirect headers

date: Mon, 22 Mar 2021 06:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://lh3.googleusercontent.com/a-/AOh14GhyuYwqy4rleW_-OvmZac7lsOch4oadx0TKCJnaaQ=s96-p
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 1; mode=block
expires: Mon, 22 Mar 2021 06:54:51 GMT

GET
H/1.1 200
OK star-yellow-lrg.png
i0.poll.fm/images/ratings/ 5 KB
5 KB 3084ms
23ms Image
image/png 192.0.77.36
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i0.poll.fm/images/ratings/star-yellow-lrg.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 192.0.77.36 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-nc: HIT ams 1
Date: Mon, 22 Mar 2021 06:54:54 GMT
Last-Modified: Thu, 24 Dec 2015 22:38:09 GMT
Server: nginx
ETag: "567c73d1-12e3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4835
Expires: Sat, 27 Mar 2021 14:03:48 GMT

GET
H/1.1 200
OK info.png
i0.poll.fm/images/ratings/ 1 KB
2 KB 3083ms
23ms Image
image/png 192.0.77.36
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i0.poll.fm/images/ratings/info.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: HTTP/1.1
Server: 192.0.77.36 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-nc: HIT ams 2
Date: Mon, 22 Mar 2021 06:54:54 GMT
Last-Modified: Thu, 24 Dec 2015 22:38:03 GMT
Server: nginx
ETag: "567c73cb-4ca"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1226
Expires: Thu, 25 Mar 2021 06:01:49 GMT

GET
H2 200 index.html
ws.sharethis.com/secure5x/ Frame 4295 14 KB
4 KB 9ms
9ms Document
text/html 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://dailylenglui.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://dailylenglui.blogspot.com/

Response headers

content-type: text/html
content-length: 4082
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 17:57:38 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Sun, 21 Mar 2021 15:36:35 GMT
etag: W/"60257012-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: QPU_STce38A9SRHifeMCeyALCSgcMmer7uC8jOkGaLIRveowp4DdKA==
age: 55096

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame 4295 16 KB
6 KB 9ms
9ms Script
application/javascript 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 02:23:08 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 621103
etag: W/"60257012-40f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
content-length: 5630
x-amz-cf-id: Ei7RMyF8AuMPId0iMgGkIijao-h9LcSHguTV7gdStiLxD1KVu-YsnA==
expires: Tue, 15 Mar 2022 02:23:08 GMT

GET
H2 200 st.5583d3f0facb4d4a55d1a93224fb446d.js
ws.sharethis.com/secure5x/js/ Frame 4295 132 KB
32 KB 9ms
9ms Script
application/javascript 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/js/st.5583d3f0facb4d4a55d1a93224fb446d.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 02:00:58 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 3214433
etag: W/"60257012-20eab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: RcHIEd9bMkE1qU3ZPNcG5CvZmh5XfaO8lzRN6kD8QpigEGpt6dwXKw==
expires: Sun, 13 Feb 2022 02:00:58 GMT

GET
H2 200 wCSS.php
www.intensedebate.com/ 5 KB
1 KB 163ms
162ms Stylesheet
text/css 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/wCSS.php?widget=1
Requested by: Host: www.intensedebate.com
URL: http://www.intensedebate.com/widgets/acctComment/291108/10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:54 GMT
content-encoding: gzip
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 200 avatar-compact.png
www.intensedebate.com/images/ 296 B
420 B 162ms
162ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/images/avatar-compact.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:54 GMT
last-modified: Tue, 07 Oct 2008 04:38:04 GMT
server: nginx
etag: "48eae7ac-128"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 296
expires: Wed, 21 Apr 2021 06:54:54 GMT

GET
H2 200 idc-c-h.png
www.intensedebate.com/themes/chameleon/images/ 1 KB
1 KB 163ms
162ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/themes/chameleon/images/idc-c-h.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/wCSS.php?widget=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.intensedebate.com/wCSS.php?widget=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:55 GMT
last-modified: Tue, 07 Oct 2008 04:50:34 GMT
server: nginx
etag: "48eaea9a-56f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1391
expires: Wed, 21 Apr 2021 06:54:55 GMT

GET
H2 200 idw-jump.png
www.intensedebate.com/widgets/images/ 812 B
887 B 163ms
163ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/widgets/images/idw-jump.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/wCSS.php?widget=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.intensedebate.com/wCSS.php?widget=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:55 GMT
last-modified: Sat, 17 May 2008 00:00:49 GMT
server: nginx
etag: "482e2031-32c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 812
expires: Wed, 21 Apr 2021 06:54:55 GMT

GET
H2 200 idw-c-m.png
www.intensedebate.com/widgets/images/ 187 B
240 B 163ms
163ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/widgets/images/idw-c-m.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/wCSS.php?widget=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.intensedebate.com/wCSS.php?widget=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:55 GMT
last-modified: Sat, 17 May 2008 00:00:49 GMT
server: nginx
etag: "482e2031-bb"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 187
expires: Wed, 21 Apr 2021 06:54:55 GMT

GET
H2 200 hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
sd.sharethis.com/disc/css/ 3 KB
1 KB 44ms
7ms Stylesheet
text/css 2600:9000:2156:7000:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Requested by: Host: s.sharethis.com
URL: http://s.sharethis.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7000:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:51:04 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:18:30 GMT
server: AmazonS3
age: 232
etag: W/"ab4b82703a55102eddefc01bb815f2ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: lLigYPuOBsxizlW2qxtnrV1WANproDaiPI5BJVzXzZc-JdbqQv0grA==

GET
H2 200 hoverbuttons.035267d71d894482eb413e5bea488ff5.js
sd.sharethis.com/disc/js/ 8 KB
3 KB 44ms
7ms Script
application/javascript 2600:9000:2156:7000:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.sharethis.com/disc/js/hoverbuttons.035267d71d894482eb413e5bea488ff5.js
Requested by: Host: s.sharethis.com
URL: http://s.sharethis.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7000:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:54:50 GMT
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 17:21:16 GMT
server: AmazonS3
age: 6
etag: W/"035267d71d894482eb413e5bea488ff5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 2ifWmRYUPuXCwROd75AwGVRN4uL_Kl9_9b_42LP5Snb5SLykUW8lpw==

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1995467673&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utms...
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1995467673&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utm...

35 B
109 B

6ms
6ms

Image
image/gif

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1995467673&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396095985&utmac=UA-1645146-14&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 18:55:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43158
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1995467673&utmhn=dailylenglui.blogspot.com&utmt=event&utme=5(HoveringButtons%20-%20Load*dailylenglui.blogspot.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pretty%20%2B%20Sexy%20%2B%20Cute%20%2B%20Hot%20%2B%20Beautiful%20Asian%20Girls&utmhid=1492178389&utmr=-&utmp=%2F&utmht=1616396095985&utmac=UA-1645146-14&utmcc=__utma%3D205858566.372850680.1616396090.1616396090.1616396090.1%3B%2B__utmz%3D205858566.1616396090.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAICQAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H2 200 mini_Top_Cap.png
sd.sharethis.com/disc/images/ 1 KB
1 KB 9ms
7ms Image
image/png 2600:9000:2156:7000:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_Top_Cap.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7000:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:48:44 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:12 GMT
server: AmazonS3
age: 372
etag: "3c02395a29d645dfa785a7c7bbff28c6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1035
x-amz-cf-id: 3Qf5-DDueLbv8HAjKECzSbqtEZk8_lVJ0avKJxCsZDsbH0OsmwYvXQ==

GET
H2 200 mini_BG.png
sd.sharethis.com/disc/images/ 952 B
1 KB 11ms
9ms Image
image/png 2600:9000:2156:7000:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_BG.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7000:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:53:17 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:07 GMT
server: AmazonS3
age: 203
etag: "e07cd92ddc599b79b31648fe5de2e702"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 952
x-amz-cf-id: 0wgciOwZswlk8jIG_IELL2K-YRxNPSKRnpmT3QUEt6kVmChFSbZsIQ==

GET
H2 200 mini_Bottom_Cap.png
sd.sharethis.com/disc/images/ 1 KB
1 KB 11ms
9ms Image
image/png 2600:9000:2156:7000:16:876:8540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sd.sharethis.com/disc/images/mini_Bottom_Cap.png
Requested by: Host: sd.sharethis.com
URL: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7000:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 06:53:18 GMT
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2019 17:20:09 GMT
server: AmazonS3
age: 203
etag: "f103c1bf9b9c26e07f47abbe0936408c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1084
x-amz-cf-id: ZTQ0VDCf9EDF_Sflh7VJo6wPTdlsi3x0up5yGT_ryYD9MF6EYhVucQ==

GET
H2 200 facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
1 KB 12ms
10ms Image
image/png 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_32.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 04:06:48 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 442087
etag: "60256fcb-497"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1175
x-amz-cf-id: Su_VmQdNyU0UT3gKfgIvC6BIEfrWPdfkrQfTfzFK0NZ-IwiWIe6aBg==
expires: Thu, 17 Mar 2022 04:06:48 GMT

GET
H2 200 twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 12ms
10ms Image
image/png 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_32.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 21:47:31 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 3229644
etag: "60256fcb-53a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1338
x-amz-cf-id: RwmvuzlMX1A9swmLjSZj_4KZE-m1cJp1k399_J7GNEqvwgDRPB1UNA==
expires: Sat, 12 Feb 2022 21:47:31 GMT

GET
H2 200 googleplus_32.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 12ms
10ms Image
image/png 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_32.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 3325669
etag: "60256fcb-9a4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2468
x-amz-cf-id: vieCnpAfscZ3OtOR-UzmjFIzVIOv805C39KYuGDg8U_akdx4WBjf0A==
expires: Fri, 11 Feb 2022 19:07:06 GMT

GET
H2 200 pinterest_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 12ms
10ms Image
image/png 2600:9000:2182:9c00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/pinterest_32.png
Requested by: Host: dailylenglui.blogspot.com
URL: http://dailylenglui.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9c00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: http://dailylenglui.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 19:07:06 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 3325669
etag: "60256fcb-59b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1435
x-amz-cf-id: Rtn-H9pSzTwXJ62ZVeD_6lHGHkOXthCEQAKloLU8-4N4RGIU8548BA==
expires: Fri, 11 Feb 2022 19:07:06 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js(Line 1) Message: [object Object]
console-api	log	URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "http://dailylenglui.blogspot.com" from accessing a cross-origin frame.
console-api	log	URL: http://resources.infolinks.com/js/1736.006-3.012/ice.js(Line 1) Message: Failed log data: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
ap.lijit.com
apis.google.com
b.scorecardresearch.com
b1sync.zemanta.com
bttrack.com
c.sharethis.mgr.consensu.org
c1.adform.net
cm.g.doubleclick.net
dailylenglui.blogspot.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.polldaddy.com
i.ytimg.com
i0.poll.fm
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
l.sharethis.com
lh3.ggpht.com
lh3.googleusercontent.com
lh4.ggpht.com
lh5.ggpht.com
lh6.ggpht.com
lh6.googleusercontent.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
match.adsrvr.org
odb.outbrain.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.advertising.com
platform.twitter.com
polldaddy.com
px.owneriq.net
resources.blogblog.com
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
s.sharethis.com
s10.histats.com
s3t3d2y7.ackcdn.net
s4.histats.com
sb.scorecardresearch.com
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
sd.sharethis.com
secure-assets.rubiconproject.com
secure.adnxs.com
sites.google.com
spagat.space
ssc-cms.33across.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.doubleclick.net
stimmtso.space
sync.1rx.io
sync.go.sonobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
syndication.exoclick.com
syndication.twitter.com
token.rubiconproject.com
ups.analytics.yahoo.com
us.ck-ie.com
w.sharethis.com
warumbistdusoarm.space
widgets.outbrain.com
ws.sharethis.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.intensedebate.com
www.paypalobjects.com
www.youtube.com
yt3.ggpht.com
104.117.200.100
104.22.2.144
104.244.42.8
142.250.186.66
151.101.114.132
172.67.39.17
174.137.133.49
178.162.133.149
18.156.0.31
184.25.114.184
184.25.115.49
185.33.221.14
185.33.221.91
185.64.189.114
185.64.189.216
185.64.190.80
185.94.180.125
192.0.123.247
192.0.123.248
192.0.77.36
192.132.33.46
192.99.8.27
193.0.160.128
2.16.186.51
2001:4de0:ac19::1:b:3a
208.100.17.171
208.100.17.185
213.19.147.150
216.52.2.48
23.218.208.246
23.218.209.87
23.37.42.132
2600:9000:206f:8600:c:a9b7:ddc0:93a1
2600:9000:2156:7000:16:876:8540:93a1
2600:9000:2182:4200:3:c04e:c780:93a1
2600:9000:2182:9c00:3:c04e:c780:93a1
2600:9000:2182:c200:16:876:8540:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3032::6815:2385
2606:4700:3033::6815:5362
2606:4700:3034::ac43:de75
2a00:1450:4001:800::200d
2a00:1450:4001:808::2016
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2009
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2009
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:400d:809::2001
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.63.176
34.249.70.28
37.157.6.247
46.105.201.240
51.89.9.254
52.58.221.124
52.94.232.32
54.77.10.176
64.202.112.63
69.173.144.165
88.214.193.83
88.221.62.154
95.211.229.246
95.211.229.247
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02aebdddafdbd538758d645bf59f86c2766c1661fc07f55751bfc644721235e7
03e9d0d62b70ae8d31478335a324c17109d6e673237bc65bf6c72272c407cf7e
060e5633dac520a0412dcdf65d6e4ad7de7116ffc7ab7c270a1c1712129e814d
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c85473c746c5340a518c375c3ca223baec144ce89e9c938c2ca215933537241
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f54745ddc27a9183f55ed9a0aec88f847621fa7a059dd5ae89e8621726d563f
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a2dafdb78735973d4588d3d59f2dbac8e784ed4f3a39c710a862386056afd4d
1c1f6a682fd1b92ce664dfc6514a68678c02d68818bf4682c8ad1ca72ea84b09
1e0f23734c4968f14513447b96a6aa1303434786a8e821d870b5d96584b12b43
1e73f89046548162918d0907470e29b3c891ee2f716ec1ac3e22fceac16572b9
276d892768b91420a9f8193e47a92ffbdd8652c87e21c5a6b857419f581a885a
294369c82d831799b4e873a82f34e42fb00de5d1dd73032494efb9914df6d245
2bf8e2708feece6bcf770af5689316e6713f1c68b8e804dfa7f42c1218e271e2
31c98c8e7ad580fb35a387eef52d646ddc6210f05e17635a566779a6435701b4
364a9f26140813151990539bc23bb8fa5248675084f5465540c6b3d6ebcded98
384a34ff3a05872b2b10bd2e2f177f89a30fe6fff15c220916804f2a17449976
384aa3fb477ed1640ab5b28b263de9a3ab459bf631d1772033389e12098eafd2
38b516c9246e0a9a7e2ffc1c9eca4865046baa8985fc13c53aa1a6e8ac0a0db6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
429e7004f3f8fbe42cacb984c36a9cda33efdacc100a276b12e82c6ab78bf7ec
452a5ac7b950e6c6705c03a66e6dcb9609c7c3178439e0b416df1548df2c8f17
4b1d31f600c5e526e7d0276d32bcf5e8009b6b9ad4ffa1c838f380778c2cba49
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
5089ccef4e7b0e486e3ead385be28c9c9554bec31d06beb8ee7da90724154fa8
54101ac05b6045cf011eecd0c6ffcbbc98b84391f68af8bf4885d69f956f67f9
5512d80f311835666d837ec9cc7b2e07c268253eaf6b26bb978585ea87084dda
553f29d085717e2a47e26c32b3f8bb0e9691e5287c30f1270fa78597070965e4
56e5fe422bfba622ee04cd7ff34efdfe6a32045bf2166b27878fb840fb68cef7
57826b476fde905ceb25e3472c1f52bd5d2e55cdd92c018f56bb76f0413f2e77
57f3082a73b84b78b29e16d0d12c6f4de20da9b5aee1ecacd46612927e12fcf5
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
660aa09f512df3e6bbff0599a2c9d61d76996bcb5ba1aca8520c9fad94a07fb5
67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e
6b453517c2e7cfa36bd4d9aec61fbee2e5dd84aedf5f10f8e60cabe211579d60
6e438f51b474134f435f788639f800142905b92f92c2c1532fda26dfdd75ae4f
6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879
6f34901c768ab9c7505777a0fede86ccce6b12d4dcbdad84abdfad5e3683e6cc
7531b01031d70b3232e4301e7f2dafb57c5d6393c6c7b265882a452134b6f973
753317c58e485fe930390c7d2b9a30e6609a274456a37384506950283004664b
75468df7440eff46b099e7e08c29410c77a54673fc256709d2e644b94ded0358
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
77cb48ffb31cd35a18168a80615304f506d67969ff8e3c17e5168b2f712deaa6
77ccf4909a0b4a6c710ff567a5334966ea4bbe832df84bec2c6e424f854204e9
796066ce92d05ec134b324f69c0eeb68d0388d78e28b5ddaa2a8a2308409dfd5
79d9f69c4f3f93af3c92326d568a44e31ced0afcc40fe60a790942c2b9a3ca2e
7d4a8b6b96a1dca75c633779df58e6bbb05380bbbc3f052cb08aeb71fe59ef5b
7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7
7eb77b674a3d3a00e997e449c9899437a41a185cc5bc2fcf1c03f3d863a20019
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bc070066a5cd2f13a1ce53e682fabf5e2409b9bfe532c7c590f69fc7c5fd12e
91563af678cd860504972452b008a3d18595de97b147a5734335df31485a8cbc
9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f
95c77ee03fdb1491a7a5d5bdd29c1f91b8673390a6a478bf6683e57ff0107266
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
96140c2860e42f2db32cd8526d27deed771002ce86cab070e1a975fb1448c077
98333f20bc1a03ce8fa68b0b8cb1bdc3ecd5af33b6a3548b398604b413f4d19f
9ef473e6e5d0ac460c6786e95f545a4cb9a930116a5b03817ea3cb60ef2b3f4b
a0857b9520e13161b12f5acfb0a1ce1248064812768efeebd1917d5ef5b7799f
ac5979e2cc0e74af50ffc664f5412dbf1e6a28253c835d3b974ff82772cf4d14
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ad6d3a7546fb711e4d1574d37cd922b7a5b875d61cd23e0f10326172fdcb5413
af67ea2f6471994fe966d2d72642ee2f3ca0533e0020fb15a36c33e647ee737f
b402c1a7a2efd185a6d15196f7997e3d18f06abac9c47557b7ba3f164f8287ce
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bc86ad345c2cf51298d5cb2352c6a19f7c3f0292ac81d231f09186cadfebe2d2
c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c4653c1d0b1e996044d06458e13cb6bbcbf1ce8486fe0a83e205eaf8552ec507
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cab30da88a231117c2a5ec535b0c4caec1c1f86a680f3077b272ea7265b33cb0
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d2c2b5467d76098a4dbd6a22597ee2f8bdbdf44de1b7ad3484729b49430e3ef0
d610cd6aa5e508062ed1da5af6b9d106791efdfede822a06ec3101d00be961b5
d8d022bfafc5db3e38832ef2f4ce66f82b62f41dcf4be93195f7174fb91d26a5
d985648b31dd5d6de7c01f3400b8e8b81c38168d385bf133a6357ea5a9220629
daffe242a3ce6e9e545ff49e1f90234553064addc03b5221821a2346a25e7a06
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dbfbedeaa94fbff654f4edef88642359e75f767f7cf590cf073f5f4a1b8870bc
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e2b1fe21c6d3074fa4f3e3a22fc8608d1877bfe8b6e34aeb03a8eef12da34a62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151c06087f0bc38ab8f678e2ae0d0c7898d1057112476c6fbd29cbc193500a
e97fab623507015813482c6e4038d77b6e605b4beec0316fc763d3ae26d7e257
eadd9f2915764589ae48c622bc9f5b7cefef4623336af9f897e736e917674529
ecfcc8810e08d1313ad57015b6a2f141beda5cd9dcde99d29ae3b243edb4d9ed
ee731c787998d613383c67cb00f5f9c9835df9cb20e51c533fbd6c17447cc5a3
f1b17647333bd1be44dac7be0b9eba786bcfccf3774e2d4250affeeaa29100ae
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165

dailylenglui.blogspot.com Open in urlscan Pro 2a00:1450:4001:829::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

218 Requests

73 %HTTPS

42 %IPv6

56 Domains

90 Subdomains

66 IPs

8 Countries

6601 kBTransfer

9772 kBSize

0 Cookies

0 Outgoing links

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dailylenglui.blogspot.com Open in urlscan Pro
2a00:1450:4001:829::2001 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

73 %
HTTPS

42 %
IPv6

56
Domains

90
Subdomains

66
IPs

8
Countries

6601 kB
Transfer

9772 kB
Size

0
Cookies

218 HTTP transactions
1 data transactions