controlc.com Open in urlscan Pro
2606:4700:3035::681c:17af Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://controlc.com/c19e4266
Submission Tags: demotag1 demotag2 Search All
Submission: On November 07 via api (November 7th 2020, 9:07:46 am UTC) from US

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 25 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3035::681c:17af, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2 6	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81f::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
11 22	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3036::6818:7039	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	2606:4700:303... 2606:4700:3035::681c:17af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.14.167 151.101.14.167	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.38.167 151.101.38.167	54113 (FASTLY) (FASTLY)
84	28

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.170.39.103 (New York, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tencentspervisitorthoughblog.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 173.192.101.24 (Dallas, United States) 11 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p153768.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6818:7039 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pasted.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3035::681c:17af (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

gql.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.38.167 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

player.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	controlc.com 1 redirects controlc.com	192 KB
11	infopicked.com beta.infopicked.com infopicked.com
11	clksite.com 11 redirects p153768.clksite.com	1 KB
7	google.com apis.google.com adservice.google.com www.google.com	98 KB
7	blogger.com www.blogger.com	66 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	144 KB
6	traffdaq.com 2 redirects traffdaq.com	6 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	122 B
4	blogblog.com resources.blogblog.com	2 KB
3	twitch.tv gql.twitch.tv player.twitch.tv	627 B
3	googleusercontent.com lh3.googleusercontent.com lh4.googleusercontent.com themes.googleusercontent.com	36 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.de adservice.google.de www.google.de	1 KB
2	blogspot.com tencentspervisitorthoughblog.blogspot.com	23 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	pasted.co 1 redirects pasted.co	751 B
1	t.co t.co	557 B
1	gstatic.com www.gstatic.com	19 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com partner.googleadservices.com	609 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
0	revdepo.com Failed cdn1.revdepo.com Failed
84	25

	Domain	Requested by
19	controlc.com	1 redirects t.co controlc.com
11	p153768.clksite.com	11 redirects
10	infopicked.com	tencentspervisitorthoughblog.blogspot.com
7	www.blogger.com	tencentspervisitorthoughblog.blogspot.com www.blogger.com apis.google.com
6	traffdaq.com	2 redirects speedflow.io traffdaq.com
5	apis.google.com	tencentspervisitorthoughblog.blogspot.com apis.google.com
4	pagead2.googlesyndication.com	tencentspervisitorthoughblog.blogspot.com pagead2.googlesyndication.com
4	resources.blogblog.com	tencentspervisitorthoughblog.blogspot.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	controlc.com www.google-analytics.com
2	gql.twitch.tv	controlc.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	tencentspervisitorthoughblog.blogspot.com	traffdaq.com tencentspervisitorthoughblog.blogspot.com
1	player.twitch.tv	controlc.com
1	www.google.de	controlc.com
1	www.google.com	controlc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pasted.co	1 redirects
1	t.co
1	www.gstatic.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	themes.googleusercontent.com	tencentspervisitorthoughblog.blogspot.com
1	beta.infopicked.com	tencentspervisitorthoughblog.blogspot.com
1	lh4.googleusercontent.com	tencentspervisitorthoughblog.blogspot.com
1	lh3.googleusercontent.com	tencentspervisitorthoughblog.blogspot.com
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
1	speedflow.io
0	cdn1.revdepo.com Failed	tencentspervisitorthoughblog.blogspot.com
84	35

This site contains no links.

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.infopicked.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
twitch.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-28` - `2021-04-18`	7 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://controlc.com/c19e4266
Frame ID: 11188139F168D06FE8A5CECCA4E172E3
Requests: 70 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604740031063&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 7750280A0EAEBEC26BD0A3B2EA7AF498
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 28C49D037EEF9B1E8152A6CF12165BBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: FEC08414E11C63303ECAE7B1F7A8C038
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1080951626448944691&blogName=Proven+Seo+Trick+4+1500$+A+Month+Free...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tencentspervisitorthoughblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tencentspervisitorthoughblog.blogspot.com/&vt=-4944007469417932589&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: A66F15C3C93937E7D7E32D8D525BDFE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&h=600&slotname=6026245082&adk=102773910&adf=4233503496&pi=t.ma~as.6026245082&w=275&fwrn=4&fwrnh=100&lmt=1591487910&rafmt=1&psa=0&format=275x600&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740033867&bpp=10&bdt=170&idt=64&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8251302044856&frm=20&pv=2&ga_vid=1609046306.1604740034&ga_sid=1604740034&ga_hid=1940207589&ga_fc=0&iag=0&icsg=133768&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1950686710087360&pem=492&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fsJHjX6jyS&p=https%3A//tencentspervisitorthoughblog.blogspot.com&dtd=85
Frame ID: 03003784D9F978E7FFBBF39E66A04DF4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&adk=1812271804&adf=3025194257&lmt=1591487910&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740035988&bpp=1&bdt=2290&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=275x600&nras=1&correlator=8251302044856&pv_h_ch=L0001&frm=20&pv=1&ga_vid=1609046306.1604740034&ga_sid=1604740034&ga_hid=1940207589&ga_fc=0&iag=0&icsg=584822292492&dssz=30&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1950686710087360&pem=492&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=6
Frame ID: 781FCD426D7E7BDE38EAE943A6981440
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 8A79166528AEC9A6FAC5FDF13C2CA578
Requests: 1 HTTP requests in this frame

Frame: https://controlc.com/c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
Frame ID: B022804BC4021C8B0E9C8592E0D62B96
Requests: 5 HTTP requests in this frame

Frame: https://player.twitch.tv/?channel=harkdan&parent=controlc.com
Frame ID: 59CE58B8C9904EE089464F729997D5BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsI... Page URL
https://tencentspervisitorthoughblog.blogspot.com/ Page URL
https://t.co/mm03i7OoDW Page URL
http://pasted.co/c19e4266 HTTP 301
http://controlc.com/c19e4266 HTTP 301
https://controlc.com/c19e4266 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

84
Requests

95 %
HTTPS

64 %
IPv6

25
Domains

35
Subdomains

28
IPs

5
Countries

646 kB
Transfer

1710 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://tencentspervisitorthoughblog.blogspot.com/ Page URL
https://t.co/mm03i7OoDW Page URL
http://pasted.co/c19e4266 HTTP 301
http://controlc.com/c19e4266 HTTP 301
https://controlc.com/c19e4266 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://traffdaq.com/delivery/pu/71463?category=gay_dating HTTP 301
https://traffdaq.com/delivery/pu/71463?category=gay_dating

Request Chain 5

http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating

Request Chain 20

https://p153768.clksite.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center HTTP 301
https://beta.infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center

Request Chain 21

https://p153768.clksite.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center

Request Chain 22

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

Request Chain 23

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

Request Chain 24

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_0

Request Chain 25

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

Request Chain 43

https://p153768.clksite.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center

Request Chain 44

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

Request Chain 45

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

Request Chain 47

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_0

Request Chain 49

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37 HTTP 301
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 180ms
180ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 8e693fa0d2c43bf239ede94012b511a10c388fb96c12c84f855b18df13dbcfe1

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 07 Nov 2020 09:07:10 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=49910; path=/ time_start=1604740030.974; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=49910; path=/ ip=185.212.171.67 mobile=0 country=++ visits_todayi=0; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=49910; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 570
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 7ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 09:07:11 GMT
Content-Encoding: gzip
X-HW: 1604740026.dop029.fr8.shc,1604740026.dop029.fr8.t,1604740031.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1

200
OK

71463 Show response
traffdaq.com/delivery/pu/
Redirect Chain

http://traffdaq.com/delivery/pu/71463?category=gay_dating
https://traffdaq.com/delivery/pu/71463?category=gay_dating

5 KB
2 KB

296ms
115ms

Script
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/pu/71463?category=gay_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 55d866ad395fbbff0916d69d07b221acbd3c5cf1b982de9c48f01aa05160ffeb

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 09:07:11 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://traffdaq.com/delivery/pu/71463?category=gay_dating
Connection: close
Content-length: 0

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 7750 0
0 36ms
24ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604740031063&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 07 Nov 2020 09:07:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa663bf15e4d2.964342042118300027%22%3B%7D; expires=Mon, 07 Nov 2022 09:07:11 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame 28C4 0
0 166ms
166ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 09:07:11 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=02918f1ecd9f56e9143411809180fbb4; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1219
content-type: text/html

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=gay_dating
https://traffdaq.com/delivery/dl/47382?category=gay_dating

3 KB
2 KB

371ms
197ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 4dbd3c4d0ca0cead2d356a166f22df0cd5c2d8b4c2b16595278e01ffb67016b4

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 09:07:12 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Connection: close

GET
H/1.1 200
OK eyJpdiI6IkNFQlAwSXQySGRiam9LMzVLSzJ1S1E9PSIsInZhbHVlIjoiaWw5Wjc1T1c5TWs5QmJPb0w5NzMyTDdlRUsyWHlcL1VHaWcwRnNFSGRFYmhia3VpWTFPd2Z0SitiWnpcL2ZZSlZxYnM1a3FhOTFqSytpakY2aVJtMjdUUT09IiwibWFjIjoiZDBhYzJlN...
traffdaq.com/users/track/ 0
858 B 431ms
257ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6IkNFQlAwSXQySGRiam9LMzVLSzJ1S1E9PSIsInZhbHVlIjoiaWw5Wjc1T1c5TWs5QmJPb0w5NzMyTDdlRUsyWHlcL1VHaWcwRnNFSGRFYmhia3VpWTFPd2Z0SitiWnpcL2ZZSlZxYnM1a3FhOTFqSytpakY2aVJtMjdUUT09IiwibWFjIjoiZDBhYzJlNjZhNjhmZDMwNmFmYTBjNGQwNmNlYjUwYTMyM2UwNjM2MzZkN2M4YmVjZTVmMTU5YmMwMDg4NzVhNCJ9
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 09:07:12 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 30ms
29ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa663bfe46e1&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 09:07:12 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 824020
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4058-HHN
date: Sat, 07 Nov 2020 09:07:12 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 1055ms
862ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: e8369dc1d0deae8e63788047c1b44ee55222c8742ce84894e99b609392f68dd8

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=gay_dating

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 09:07:13 GMT
Content-Encoding: gzip

GET
H2 200 / Show response
tencentspervisitorthoughblog.blogspot.com/ 81 KB
21 KB 288ms
268ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tencentspervisitorthoughblog.blogspot.com/

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e03b0a1f19e188d833adfe4316244e19c4fcce0c85246a6176df68d017d8c582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tencentspervisitorthoughblog.blogspot.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Sat, 07 Nov 2020 09:07:13 GMT
date: Sat, 07 Nov 2020 09:07:13 GMT
cache-control: private, max-age=0
last-modified: Sat, 06 Jun 2020 23:58:30 GMT
etag: W/"26a889b4c20e69ae9c36bbd78c138d8ddd25156f435e1913a3f5f200aae66c75"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20551
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 15:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 20:13:23 GMT
server: sffe
age: 149081
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7982
x-xss-protection: 0
expires: Fri, 05 Nov 2021 15:42:32 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ol9kbemBnW9/E8Vp8fc1sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3e801f1b1d67e6ea720d7c6a799ff679"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ol9kbemBnW9/E8Vp8fc1sA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
646 B 146ms
132ms Stylesheet
text/css 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1080951626448944691&zx=ed6c97de-18f1-4912-a50d-f49f2374248e

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Nov 2020 09:07:13 GMT
server: GSE
date: Sat, 07 Nov 2020 09:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 birds-2toned-bg.png
resources.blogblog.com/blogblog/data/1kt/ethereal/ 486 B
597 B 28ms
7ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/ethereal/birds-2toned-bg.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06eb13218426e0e280cdd790ee55945334498186483cff716e090ed2b840a4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 18:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 09:13:29 GMT
server: sffe
age: 397904
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 486
x-xss-protection: 0
expires: Mon, 09 Nov 2020 18:35:29 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
312 B 26ms
7ms Image
image/gif 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:38:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Nov 2020 21:08:12 GMT
server: sffe
age: 408552
content-type: image/gif
status: 200
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Mon, 09 Nov 2020 15:38:01 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
44 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45426
x-xss-protection: 0
server: cafe
etag: 10562869928832476540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
822 B 25ms
6ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 19:16:31 GMT
server: sffe
age: 234976
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 11 Nov 2020 15:50:57 GMT

GET
H2 200 LxaAxjRABS3LMcBS067ifyTAaQ42ewBTz6Yz3K3E1PEbi4Ymuyoq04yS15BWIEHt_Fnv3MzXO1pTwxxZbFNiqPqX2ana_LPwo554W9RtYMUuwwA6o2w3Lw=s0-d
lh3.googleusercontent.com/proxy/ 35 KB
35 KB 40ms
17ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/LxaAxjRABS3LMcBS067ifyTAaQ42ewBTz6Yz3K3E1PEbi4Ymuyoq04yS15BWIEHt_Fnv3MzXO1pTwxxZbFNiqPqX2ana_LPwo554W9RtYMUuwwA6o2w3Lw=s0-d

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4f7b204ae3c888823e2ba49f9b37b22246782c3fe9f51d964a37921fb14850f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35859
x-xss-protection: 0
expires: Sun, 08 Nov 2020 09:07:13 GMT

GET
H2 200 gVP_o4P3jn0kC2GekwHUbgqOA7rWdXcM10DsVDQ7sSpXD93fsFJChIRb2THcee-kmeV9TzIZDzXZU5-ZkLbc4ySpOsDFU_WBAdZEa649Uktd2XDJ_NKCTyzDvs33ALA=s0-d
lh4.googleusercontent.com/proxy/ 43 B
273 B 752ms
729ms Image
image/gif 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/gVP_o4P3jn0kC2GekwHUbgqOA7rWdXcM10DsVDQ7sSpXD93fsFJChIRb2THcee-kmeV9TzIZDzXZU5-ZkLbc4ySpOsDFU_WBAdZEa649Uktd2XDJ_NKCTyzDvs33ALA=s0-d

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:14 GMT
x-content-type-options: nosniff
status: 200
content-disposition: attachment;filename="unnamed.gif"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

403

banners
beta.infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center
https://beta.infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center

0
0

433ms
148ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 178
location: https://beta.infopicked.com/adServe/banners?tid=153768_514894_4&type=floating_banner&size=6&side=center&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center

0
0

413ms
137ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 178
location: https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

0
0

414ms
138ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

0
0

413ms
138ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0
https://infopicked.com/adServe/banners?tid=153768_514894_0

0
0

413ms
137ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_0
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_0
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

0
0

413ms
136ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
content-type: text/html

GET
H3-Q050 200 cookienotice.js Show response
tencentspervisitorthoughblog.blogspot.com/js/ 6 KB
2 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tencentspervisitorthoughblog.blogspot.com/js/cookienotice.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Sat, 07 Nov 2020 08:21:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 14 Nov 2020 09:07:13 GMT

GET
H3-Q050 200 3613744382-widgets.js Show response
www.blogger.com/static/v1/widgets/ 141 KB
52 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3613744382-widgets.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f926684fd770877ff27f536756a94061022d54e214aad1547e94ecd6e1651f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 04:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 04:19:16 GMT
server: sffe
age: 274104
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52520
x-xss-protection: 0
expires: Thu, 04 Nov 2021 04:58:49 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 138 KB
48 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384731
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49481
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:02 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 54 KB
18 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67be4fed19676d44bde7ccb93cfb018abde00ea85c57bcf71de9681ef0762832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384716
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17813
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:17 GMT

GET
H3-Q050 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
181 B 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 23:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Nov 2020 23:12:47 GMT

GET
H2 403 image
themes.googleusercontent.com/ 0
0 42ms
39ms Image
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 bird-2toned-blue-fade.png
resources.blogblog.com/blogblog/data/1kt/ethereal/ 135 B
468 B 34ms
21ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/ethereal/bird-2toned-blue-fade.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f97c4d5d5252e3495e1c998a66396d69ff1dc40e77e857bddb5106abcea6251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:08:27 GMT
x-content-type-options: nosniff
last-modified: Sat, 07 Nov 2020 00:13:24 GMT
server: sffe
age: 14326
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
expires: Sat, 14 Nov 2020 05:08:27 GMT

GET
H3-Q050 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 8ms
6ms Image
image/png 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 06:18:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 17:22:06 GMT
server: sffe
age: 96545
content-type: image/png
status: 200
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
expires: Fri, 13 Nov 2020 06:18:08 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
86 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame FEC0 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3JmFAkzklNEotFZkhHzpvZx9yXpK_hvk7CrSo9RhP1SsZGlRzTxyg3OM-
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Nov 2020 18:17:45 GMT
expires: Fri, 20 Nov 2020 18:17:45 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 53368
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 navbar.g
www.blogger.com/ Frame A66F 0
0 455ms
455ms Document
text/html 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=1080951626448944691&blogName=Proven+Seo+Trick+4+1500$+A+Month+Free...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tencentspervisitorthoughblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tencentspervisitorthoughblog.blogspot.com/&vt=-4944007469417932589&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=1080951626448944691&blogName=Proven+Seo+Trick+4+1500$+A+Month+Free...&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://tencentspervisitorthoughblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://tencentspervisitorthoughblog.blogspot.com/&vt=-4944007469417932589&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 07 Nov 2020 09:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2668
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
69 B 620ms
620ms Stylesheet
text/css 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1080951626448944691&zx=ed6c97de-18f1-4912-a50d-f49f2374248e

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Nov 2020 09:07:14 GMT
server: GSE
date: Sat, 07 Nov 2020 09:07:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
609 B 72ms
44ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tencentspervisitorthoughblog.blogspot.com&callback=_gfp_s_&client=ca-pub-5084329235057490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

48f15fb51a1d8fbc60ef161ad92bc7904070972f2ed0a432ec452e6b929c9a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
810 B 42ms
29ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tencentspervisitorthoughblog.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
810 B 45ms
31ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tencentspervisitorthoughblog.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0300 0
0 31ms
30ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&h=600&slotname=6026245082&adk=102773910&adf=4233503496&pi=t.ma~as.6026245082&w=275&fwrn=4&fwrnh=100&lmt=1591487910&rafmt=1&psa=0&format=275x600&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740033867&bpp=10&bdt=170&idt=64&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8251302044856&frm=20&pv=2&ga_vid=1609046306.1604740034&ga_sid=1604740034&ga_hid=1940207589&ga_fc=0&iag=0&icsg=133768&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1950686710087360&pem=492&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fsJHjX6jyS&p=https%3A//tencentspervisitorthoughblog.blogspot.com&dtd=85

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&h=600&slotname=6026245082&adk=102773910&adf=4233503496&pi=t.ma~as.6026245082&w=275&fwrn=4&fwrnh=100&lmt=1591487910&rafmt=1&psa=0&format=275x600&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740033867&bpp=10&bdt=170&idt=64&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8251302044856&frm=20&pv=2&ga_vid=1609046306.1604740034&ga_sid=1604740034&ga_hid=1940207589&ga_fc=0&iag=0&icsg=133768&dssz=15&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1950686710087360&pem=492&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fsJHjX6jyS&p=https%3A//tencentspervisitorthoughblog.blogspot.com&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3JmFAkzklNEotFZkhHzpvZx9yXpK_hvk7CrSo9RhP1SsZGlRzTxyg3OM-
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 07 Nov 2020 09:07:13 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604665402527796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27920
x-xss-protection: 0
expires: Sat, 07 Nov 2020 09:07:13 GMT

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center

0
0

137ms
137ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 178
location: https://infopicked.com/adServe/banners?tid=153768_514894_3&type=slider&side=right&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center

0
0

140ms
139ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:14 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_2&type=slider&size=4&position=center
content-type: text/html

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true

0
0

141ms
140ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:15 GMT
server: nginx
content-length: 178
location: https://infopicked.com/adServe/banners?tid=153768_514894_1&tagid=2&hybridPop=true
content-type: text/html

GET advertisement.js
cdn1.revdepo.com/static/ 0
0

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_0
https://infopicked.com/adServe/banners?tid=153768_514894_0

0
0

140ms
140ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_0
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:15 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_0
content-type: text/html

GET
H3-Q050 200 logo-16.png
www.blogger.com/img/ 279 B
380 B 6ms
6ms Image
image/png 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 22:18:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 10:13:58 GMT
server: sffe
age: 298127
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Tue, 10 Nov 2020 22:18:28 GMT

GET
H2

403

banners
infopicked.com/adServe/
Redirect Chain

https://p153768.clksite.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37

0
0

140ms
140ms

Script
text/html

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
Requested by: Host: tencentspervisitorthoughblog.blogspot.com
URL: https://tencentspervisitorthoughblog.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 301
date: Sat, 07 Nov 2020 09:07:15 GMT
server: nginx
content-length: 162
location: https://infopicked.com/adServe/banners?tid=153768_514894_5&type=footer&size=37
content-type: text/html

GET
H2 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 24 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aebdc4bccca9950a2c12e2e3106cbcf3a98853a9f3943f4ff4192d0e21b9f4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384723
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8485
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 781F 0
0 16ms
16ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&adk=1812271804&adf=3025194257&lmt=1591487910&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740035988&bpp=1&bdt=2290&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=275x600&nras=1&correlator=8251302044856&pv_h_ch=L0001&frm=20&pv=1&ga_vid=1609046306.1604740034&ga_sid=1604740034&ga_hid=1940207589&ga_fc=0&iag=0&icsg=584822292492&dssz=30&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1950686710087360&pem=492&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&guci=1.2.0.0.2.1.0.0&client=ca-pub-5084329235057490&output=html&adk=1812271804&adf=3025194257&lmt=1591487910&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftencentspervisitorthoughblog.blogspot.com%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604740035988&bpp=1&bdt=2290&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=275x600&nras=1&correlator=8251302044856&pv_h_ch=L0001&frm=20&pv=1&ga_vid=1609046306.1604740034&ga_sid=1604740034&ga_hid=1940207589&ga_fc=0&iag=0&icsg=584822292492&dssz=30&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1950686710087360&pem=492&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Iko2Tm15YlZHd2l2MXhQdlhtZFJqdUE9PSIsInZhbHVlIjoiYVVTK2kzdVFFcDR5ckFZT0JzV0JjZ1FqQ2I3XC8yZkx5UHQ0cmk5eDV1S0dUR1N5eUJLSDY1SklzcEtMajJQN1V4S01YTmVFS3dPS0h6SVZGUEd3dnEyYjc5eHVQcWRIK1N6RFBNUUhGSGMrN0ZuTWFrcGFOaXBnbFFHY0NtcmtlTGtOclRUVlRadHE3S3VkbjhTVHBNeDRmenVtUWtBUjVNUmJEOGNuRExva1wveGVqUmpkWXViU0RsQVwvR1pSWnRLUjBJQndQdUFpcnRDRlFvK1I3WGlwNFwvTVJKaDJWc3Q5OGR4d1dUQ21kUGJVWnVxMHJkTHc4NGVwcHJNM3M5bDEwQjZsYTMwOUZLQVlLTksxVThxYVhuTFR0QTBUbVp3VHQ2MFdxUXJKbVIyTG8zQVVCUEhPekM4OURqalcxbFVmIiwibWFjIjoiMWI1NWU5OGJjZDFhOGZkZTMzNjAwMGU5YzNlYjhhYmRlN2M2MWZmYTk4YTBmNzE2MjBjMmU4ZTI1NDc1MTYyYyJ9%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 07 Nov 2020 09:07:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Nov-2020 09:22:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 07 Nov 2020 09:07:16 GMT
cache-control: private

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 49 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b48095d7d107ef9816c9f4338c8561cc2c35d3154efbd67221a229b88a1b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 08:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Sep 2020 23:45:01 GMT
server: sffe
age: 2448
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18809
x-xss-protection: 0
expires: Sat, 07 Nov 2020 09:16:28 GMT

GET
H3-Q050 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOP... 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f3f6dfbc59435d256eac5dba9ceb51f5393e7d022f1ce955c5bc8645537f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 384706
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3122
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:30 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6531
x-xss-protection: 0

GET
H2 200 mm03i7OoDW
t.co/ 269 B
557 B 187ms
145ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/mm03i7OoDW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /mm03i7OoDW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 194
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sat, 07 Nov 2020 09:07:39 GMT
expires: Sat, 07 Nov 2020 09:12:39 GMT
referrer-policy: unsafe-url
server: tsa_o
set-cookie: muc=e074dca5-468b-4d75-a9d5-3052670cde07; Max-Age=63072000; Expires=Mon, 07 Nov 2022 09:07:39 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 28eaf339cbf1c94d3c0f3ced63da89eb
x-response-time: 123
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 07 Nov 2020 09:07:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 8A79 0
0 13ms
11ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tencentspervisitorthoughblog.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tencentspervisitorthoughblog.blogspot.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 07 Nov 2020 08:03:02 GMT
expires: Sun, 07 Nov 2021 08:03:02 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3877
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Primary Request c19e4266 Show response
controlc.com/
Redirect Chain

http://pasted.co/c19e4266
http://controlc.com/c19e4266
https://controlc.com/c19e4266

10 KB
4 KB

87ms
70ms

Document
text/html

2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/c19e4266
Requested by: Host: t.co
URL: https://t.co/mm03i7OoDW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 0cddef7dfe70b48c71105fa77dc971faa179b20270b9abf2d1fea54029b540f8

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /c19e4266
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/mm03i7OoDW
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://t.co/mm03i7OoDW

Response headers

status: 200
date: Sat, 07 Nov 2020 09:07:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc1e00faae0c5029d45b1575ef5bea6751604740059; expires=Mon, 07-Dec-20 09:07:39 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=452376a5a7c32c437da71c15c1a13696; path=/ tinychat_box=1604740059; expires=Sun, 08-Nov-2020 09:07:39 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 06438f2a6d00002b1ec30e5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cvc2iC23Ft%2BAuceJMcOlqqQsYyPX1Cu5UA27NaCtFWiAJsCyOJH61EsyH28M2N1rFwhHxptfjBJ5v%2FO2Fa%2FUXfX50tWqblR9vu%2FJcq%2BjW6olpkod2qFiFEc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee5e7bd7f762b1e-FRA
content-encoding: br

Redirect headers

Date: Sat, 07 Nov 2020 09:07:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 07 Nov 2020 10:07:39 GMT
Location: https://controlc.com/c19e4266
cf-request-id: 06438f2a4a00001772ff1cf000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aJtMrx%2FroHlh4cHUul%2Bwkw2%2F10oXUCeNcZPg6uTLd4mDOqu0%2B0HotzwFLI4KNABftgbJJtaZMRUHTDXOT27QlI%2BXXPLZH3YxfULA5%2BqT6tiLx%2BCRUmh6Bjg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5ee5e7bd496e1772-FRA

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 14ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5260
cf-polished: origSize=15109
status: 200
cf-request-id: 06438f2acb00002b1ec30ed000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eccf0Nii3ti9Fw8l5qIpaWUoIld0vN6asuBo%2Fgs0byUIdzxvinx5QkALQE1REMggvmgeT3LbBMjnJ18irlcWhCR2aN9yDNb79JFpi7EvOEjHiKaWzFcM8M4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee5e7be18bf2b1e-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 18ms
16ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6475
cf-polished: origSize=99036
status: 200
cf-request-id: 06438f2acc00002b1e6280f000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kc2xhme0ccPWnSLfzmvNtBqgvmZEtnbvaPcZmI6YxNeiXE5U7BMdopWzrhC2R%2BYZcOn254oqVLQSMfDjg%2Ba8Syim1yavw8zTH40%2Fdyr7NbtrTPF4caHuwW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee5e7be18c12b1e-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
3 KB 15ms
12ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1517
cf-polished: origSize=14308
status: 200
cf-request-id: 06438f2acc00002b1ed2853000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B4FAuRB8e5uD6S%2FJMhX07sTytbjaczzi6dcFaP%2FUwIE7d%2FwN31Lre%2Fn0Te3XhEQYrHVYLLFx3UmqJE7RKFIne6706a1dsEqQeEv1IzoBvgFSGaIl0QJBKlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee5e7be18c22b1e-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
575 B 17ms
15ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5987
cf-polished: origSize=752
status: 200
cf-request-id: 06438f2acc00002b1e57b64000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r7%2BuQGM4dN1L6fMA3zjqPEtFjZ4IK7ri6Dko%2FmBPvhz%2F6TiwizpRXeA%2BH11Lu1ou07I1uaUgmDJuTUFjpbHZuhxMM6%2FvAQ9VV8F%2F4p0yz%2FwB0aTiS6XDrfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee5e7be18c32b1e-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 19ms
17ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=153534
status: 200
cf-request-id: 06438f2acc00002b1ec42ad000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SgBmScj5qhDWKKvYbd%2Bc5TWF66rAEOxd1vu8T0dOYXzCF2RiaLG3K2mn9KmCn7KfrinQNX7itWNuoT3Qa3AyrkiMGQ%2BE1P1nvC1Sf9q0FzNHq6GfpDHuygU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5ee5e7be18c42b1e-FRA
cf-bgj: minify

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
971 B 48ms
46ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1604740059
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H9iSSeuSsJ%2FcDEqrSSHzUpTHbbKj0pw7VMW%2BdcwHMRbtmf4fwLWnYYNle0dhtI51gP5Tlwif6fuSWU99nZXehjHf6xdKBmQjLkyFo8H%2F5AwgedO0nyvcp2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ee5e7be18c52b1e-FRA
cf-request-id: 06438f2acc00002b1e96be1000000001

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
7 KB 14ms
14ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1517
status: 200
content-length: 6510
cf-request-id: 06438f2ae300002b1eb537c000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hwkX5PhfjflkRoHvLDGmWDdmXpX9yhohxuvzlW0BDLa3GAA%2BHEvFwao7BCqPnTf5cQ20OmilV5EIrnKu8SLV%2B5Jdc4Mj7sEl12oKI5INVpqDVbRZScEoRf8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee5e7be39472b1e-FRA

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 12ms
12ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2963
status: 200
content-length: 12078
cf-request-id: 06438f2af200002b1ea886f000000001
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GD7%2B7c8ywXbA3lTvmCZ%2B5p26kJgsYvShYELGlTIWpxuIFfrgOpOZ7fbQiQHEpx%2Bh%2F91UfxVyXbySdBlWnK9yvDR0utrWHje8cn37nZEc2TarDIqfoMzZ76k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee5e7be59942b1e-FRA

GET
H2 200 ab.png
controlc.com/ 67 KB
67 KB 12ms
11ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/ab.png
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7114
status: 200
content-length: 68149
cf-request-id: 06438f2afc00002b1e5c173000000001
last-modified: Mon, 30 Mar 2020 10:19:31 GMT
server: cloudflare
etag: "5e81c7b3-10a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zFJjXrV1IHhMbBmIXS9gFMTTqfqkq7aCGafF7vqy1cmP1EcQRQBFVdIkKnPk41n9U2KMyEZ6o8uLWiiHsfIuT5dsSsM3k6j%2BLxjP35FZqVAtoOdG3hUQxvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee5e7be59b72b1e-FRA

OPTIONS
H/1.1 200
OK gql
gql.twitch.tv/ Frame 0
0 245ms
198ms Other 151.101.14.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Protocol: HTTP/1.1
Server: 151.101.14.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: client-id,content-type
Origin: https://controlc.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Headers: Accept-Language, Accept, Authorization, Client-Id, Content-Type, Device-Id, X-Csrf-Token, X-Device-Id, X-Forwarded-Proto, Forced-Rollouts
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Date: Sat, 07 Nov 2020 09:07:40 GMT
Age: 0

POST
H/1.1 200
OK gql Show response
gql.twitch.tv/ 462 B
627 B 245ms
245ms Fetch
application/json 151.101.14.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gql.twitch.tv/gql
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c43008693937f7f1e612b6b9efe8d9f064ff08e95ddb1ae7ce30aeed777c089b

Request headers

Accept: application/json
Referer: http://speedflow.io/adult/a=rr
Client-ID: kimne78kx3ncx6brgo4mv6wki5h1ko
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Nov 2020 09:07:40 GMT
Connection: keep-alive
Content-Length: 462
Content-Type: application/json

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 15ms
14ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5985
status: 200
content-length: 987
cf-request-id: 06438f2afe00002b1ec30f3000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qWqjtNWAe0BCturEroecShuWtHfuniwNOHuypgjQVt2iZQcySd082Pi6vHpr4nVfMpd1XfIkBDY28DV0GWco467VemtleY8aNWyImsN0GwKK1QUKc%2F5BgcE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee5e7be69c42b1e-FRA

GET
H2 200 ab.js Show response
controlc.com/ 5 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/ab.js
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 176
status: 200
cf-request-id: 06438f2b1100002b1e692aa000000001
last-modified: Sun, 29 Mar 2020 09:43:08 GMT
server: cloudflare
etag: W/"5e806dac-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Bdla%2Fy%2B52TAb1LNKQas2d4%2B%2BBUxU3hNdbq9EQe%2FMSaqp7WJVY61Fmi60Tn0JTUm1snPn18rnzwojthoZWm4xbhmZW53sGDMMueV3jmAQcCl%2F19rvEhaLUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5ee5e7be8a0a2b1e-FRA
cf-bgj: minify

GET
H2 200 fullscreen.php Show response
controlc.com/c19e4266/ Frame B022 2 KB
1 KB 65ms
65ms Document
text/html 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 9ef2e6b2820247937bd1960956d482dd0abf1f3cee4250ddb440fec0d772ed9c

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/c19e4266
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc1e00faae0c5029d45b1575ef5bea6751604740059; PHPSESSID=452376a5a7c32c437da71c15c1a13696
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://controlc.com/c19e4266

Response headers

status: 200
date: Sat, 07 Nov 2020 09:07:39 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 06438f2b1300002b1ebb25a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wC8Vsv2dC7ABt%2FyD1BFsij%2Fm3k7EYP9I8PIkHujMjoXjvFvWGGzgW7X7qHGkg06JGzR5sDJyE9rpmNP%2Fn0U3UR6YfzRt5tuGtWoVMAAFJgNFVwNxRNCzmDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee5e7be8a102b1e-FRA
content-encoding: br

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 10ms
10ms Image
image/png 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/public/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2963
status: 200
content-length: 13826
cf-request-id: 06438f2b1500002b1ea8872000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6aOw%2FT2kUJ4b%2BL%2B9Dj12ulWLPlWlsLPwy8RhoU9YLhDtQbSN2M1ZYq3mRsNe7TOEI2t9ELl5aW6OByxH1CVaqlQSxNch%2BG2wfIu5fDEaEv251c3UnsHgtsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee5e7be8a1a2b1e-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/c19e4266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4694
date: Sat, 07 Nov 2020 07:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 07 Nov 2020 09:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
67 B 16ms
16ms XHR
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=77854776&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2Fc19e4266&dr=https%3A%2F%2Ft.co%2Fmm03i7OoDW&ul=en-us&de=UTF-8&dt=ibusinesspromoter-1204-crack%20-%20c19e4266&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=879553557&gjid=1591868124&cid=564091877.1604740060&tid=UA-62963607-1&_gid=1054947359.1604740060&_r=1&_slc=1&z=319815607

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 09:07:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
122 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-62963607-1&cid=564091877.1604740060&jid=879553557&gjid=1591868124&_gid=1054947359.1604740060&_u=IEBAAEAAAAAAAC~&z=2117329193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 07 Nov 2020 09:07:39 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 global.css
controlc.com/public/css/ Frame B022 12 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5260
cf-polished: origSize=15109
status: 200
cf-request-id: 06438f2b5a00002b1e9b8ca000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sHZFWg9d7yV5u5%2FNecTyNf8HgYTWfoe3XZtrRr2TDq4vrd%2B3TCPy3sfXlOZrut6n50uSQiwo65UfmgRSOCChYbwMysVtWJiL0iChSM7TuxK9vVtYlTAQtSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee5e7befb592b1e-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame B022 312 B
504 B 16ms
14ms Stylesheet
text/css 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=426
status: 200
cf-request-id: 06438f2b5d00002b1e699fc000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hr8uY0lynQDzXyMcdPfdxHKwfn9yJMTqTWs%2F8crqJSTQG7xqA%2Big1bqyUAfjXIeXbj%2F0onfj19crov8t8i4tm06o6ZszVnxrmrJU2UDblTwHUoqFAw2pPP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee5e7befb5c2b1e-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame B022 148 KB
30 KB 17ms
16ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2302
cf-polished: origSize=153534
status: 200
cf-request-id: 06438f2b5a00002b1eb5b26000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r0d2FnsODZIzc7dzmJiEXKhBh7DNCmBjPcyQ9NV5Ovbkgukqhxaca3N8Y%2BTqJ8fHg2AjncKwazc28Ph4JTrLwjd2veHnJpvr7s3MDEvgtNhvhpHEJkLw1BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5ee5e7befb5f2b1e-FRA
cf-bgj: minify

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame B022 3 KB
1 KB 13ms
12ms Script
application/javascript 2606:4700:3035::681c:17af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: controlc.com
URL: https://controlc.com/c19e4266/fullscreen.php?hash=cb4c73ffe869d3ce66fdd80600758986&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:17af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 09:07:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3593
cf-polished: origSize=3335
status: 200
cf-request-id: 06438f2b5b00002b1e8e171000000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VjPXoktnduaMYhAgpHOrPPOg9YQzX8CH6MB3l5qftFEIXWF0qaKORftlU31YitV1OucBQicyMZ0RXMLKucn8ya57kCWniiew4B5SW14SvDwai%2FLbjwenB84%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5ee5e7befb602b1e-FRA
cf-bgj: minify

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
253 B 20ms
18ms Image
image/gif 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-62963607-1&cid=564091877.1604740060&jid=879553557&_u=IEBAAEAAAAAAAC~&z=335692649

Requested by

Host: controlc.com
URL: https://controlc.com/c19e4266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 09:07:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
494 B 40ms
18ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-62963607-1&cid=564091877.1604740060&jid=879553557&_u=IEBAAEAAAAAAAC~&z=335692649

Requested by

Host: controlc.com
URL: https://controlc.com/c19e4266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 09:07:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set /
player.twitch.tv/ Frame 59CE 0
0 56ms
24ms Document
text/html 151.101.38.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.twitch.tv/?channel=harkdan&parent=controlc.com

Requested by

Host: controlc.com
URL: https://controlc.com/c19e4266

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.167 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://controlc.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.twitch.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/c19e4266
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://controlc.com/c19e4266

Response headers

Connection: keep-alive
Content-Type: text/html
Server: Kestrel
Content-Encoding: gzip
Set-Cookie: server_session_id=78385f1949d84ed0819b1bf9b8e6b910; domain=.twitch.tv; path=/; secure; samesite=none unique_id=LKNQBW1hLEAX0PNNDNQjNaHTBU4ORCzp; expires=Thu, 07 Nov 2030 09:07:40 GMT; domain=.twitch.tv; path=/; secure; samesite=none unique_id_durable=LKNQBW1hLEAX0PNNDNQjNaHTBU4ORCzp; expires=Thu, 07 Nov 2030 09:07:40 GMT; domain=.twitch.tv; path=/; secure; samesite=none; httponly unique_id=LKNQBW1hLEAX0PNNDNQjNaHTBU4ORCzp; domain=.twitch.tv; path=/; Secure; SameSite=None; expires=Tue, 05 Nov 2030 09:07:40 GMT; unique_id_durable=LKNQBW1hLEAX0PNNDNQjNaHTBU4ORCzp; domain=.twitch.tv; path=/; Secure; HttpOnly; SameSite=None; expires=Tue, 05 Nov 2030 09:07:40 GMT;
Content-Security-Policy: frame-ancestors https://controlc.com
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Release-Type: release
Accept-Ranges: bytes
Date: Sat, 07 Nov 2020 09:07:40 GMT
Via: 1.1 varnish
X-Served-By: cache-ams21024-AMS
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1604740060.433773,VS0,VE8
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
transfer-encoding: chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn1.revdepo.com
URL: https://cdn1.revdepo.com/static/advertisement.js

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.controlc.com/	1970-01-19 13:47:06	Name: _gid Value: GA1.2.1054947359.1604740060
.controlc.com/	1970-01-19 13:45:40	Name: _gat Value: 1
.controlc.com/	1970-01-20 07:16:52	Name: _ga Value: GA1.2.564091877.1604740060
controlc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 452376a5a7c32c437da71c15c1a13696
.controlc.com/	1970-01-19 14:28:52	Name: __cfduid Value: dc1e00faae0c5029d45b1575ef5bea6751604740059

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tencentspervisitorthoughblog.blogspot.com/(Line 1036) Message: [object HTMLImageElement]
console-api	log	URL: https://controlc.com/c19e4266(Line 101) Message: [object Response]
console-api	log	URL: https://controlc.com/c19e4266(Line 105) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
adservice.google.com
adservice.google.de
apis.google.com
beta.infopicked.com
c.securepaths.com
cdn.jsdelivr.net
cdn1.revdepo.com
controlc.com
googleads.g.doubleclick.net
gql.twitch.tv
infopicked.com
lh3.googleusercontent.com
lh4.googleusercontent.com
manyhit.com
p153768.clksite.com
pagead2.googlesyndication.com
partner.googleadservices.com
pasted.co
player.twitch.tv
resources.blogblog.com
speedflow.io
stats.g.doubleclick.net
syndication.realsrv.com
t.co
tencentspervisitorthoughblog.blogspot.com
themes.googleusercontent.com
tpc.googlesyndication.com
traffdaq.com
www.blogger.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
cdn1.revdepo.com
104.244.42.197
107.170.39.103
151.101.14.167
151.101.38.167
162.213.255.36
172.217.21.194
173.192.101.24
198.54.116.135
2001:4de0:ac19::1:b:3a
2606:4700:3035::681c:17af
2606:4700:3036::6818:7039
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:802::2009
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2009
2a00:1450:4001:821::2001
2a00:1450:400c:c0b::9b
2a04:4e42:1b::621
35.190.72.161
95.211.229.247
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06eb13218426e0e280cdd790ee55945334498186483cff716e090ed2b840a4e1
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
0cddef7dfe70b48c71105fa77dc971faa179b20270b9abf2d1fea54029b540f8
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
33f3f6dfbc59435d256eac5dba9ceb51f5393e7d022f1ce955c5bc8645537f08
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
48f15fb51a1d8fbc60ef161ad92bc7904070972f2ed0a432ec452e6b929c9a96
4dbd3c4d0ca0cead2d356a166f22df0cd5c2d8b4c2b16595278e01ffb67016b4
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
4f7b204ae3c888823e2ba49f9b37b22246782c3fe9f51d964a37921fb14850f5
4f97c4d5d5252e3495e1c998a66396d69ff1dc40e77e857bddb5106abcea6251
55d866ad395fbbff0916d69d07b221acbd3c5cf1b982de9c48f01aa05160ffeb
67be4fed19676d44bde7ccb93cfb018abde00ea85c57bcf71de9681ef0762832
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
8e693fa0d2c43bf239ede94012b511a10c388fb96c12c84f855b18df13dbcfe1
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
9ef2e6b2820247937bd1960956d482dd0abf1f3cee4250ddb440fec0d772ed9c
aebdc4bccca9950a2c12e2e3106cbcf3a98853a9f3943f4ff4192d0e21b9f4c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
c43008693937f7f1e612b6b9efe8d9f064ff08e95ddb1ae7ce30aeed777c089b
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
e03b0a1f19e188d833adfe4316244e19c4fcce0c85246a6176df68d017d8c582
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6b48095d7d107ef9816c9f4338c8561cc2c35d3154efbd67221a229b88a1b7d
e8369dc1d0deae8e63788047c1b44ee55222c8742ce84894e99b609392f68dd8
e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f926684fd770877ff27f536756a94061022d54e214aad1547e94ecd6e1651f00
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

controlc.com Open in urlscan Pro 2606:4700:3035::681c:17af Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

95 %HTTPS

64 %IPv6

25 Domains

35 Subdomains

28 IPs

5 Countries

646 kBTransfer

1710 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

controlc.com Open in urlscan Pro
2606:4700:3035::681c:17af Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

95 %
HTTPS

64 %
IPv6

25
Domains

35
Subdomains

28
IPs

5
Countries

646 kB
Transfer

1710 kB
Size

5
Cookies

84 HTTP transactions
0 data transactions