plbmwak.webpin.com Open in urlscan Pro
142.44.138.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Submission Tags: falconsandbox
Submission: On February 05 via api (February 5th 2021, 2:42:05 am UTC) from US

Summary HTTP 33 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 33 HTTP transactions. The main IP is 142.44.138.195, located in Montreal, Canada and belongs to OVH, FR. The main domain is plbmwak.webpin.com.

This is the only time plbmwak.webpin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	142.44.138.195 142.44.138.195	16276 (OVH) (OVH)
9	207.182.143.52 207.182.143.52	10297 (ENET-2) (ENET-2)
1	209.17.116.160 209.17.116.160	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	151.101.12.95 151.101.12.95	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
33	13

2 142.44.138.195 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: s3.builder.pagina.mx

plbmwak.webpin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 207.182.143.52 (Columbus, United States)

ASN10297 (ENET-2, US)
PTR: 207-182-143-52.xlhdns.com

68.cdn.pagina.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pagina.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.17.116.160 (Jacksonville, United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)

www.thejeffreymacdonaldcase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.95 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static-content.springer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	pagina.mx 68.cdn.pagina.mx cdn.pagina.mx	167 KB
8	google.com www.google.com apis.google.com accounts.google.com	104 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
4	facebook.com 1 redirects www.facebook.com	440 B
2	facebook.net connect.facebook.net	60 KB
2	webpin.com plbmwak.webpin.com	7 KB
1	gstatic.com www.gstatic.com	130 KB
1	springer.com static-content.springer.com	413 B
1	thejeffreymacdonaldcase.com www.thejeffreymacdonaldcase.com	34 KB
0	no-ip.org Failed filex.no-ip.org Failed
33	10

	Domain	Requested by
8	68.cdn.pagina.mx	plbmwak.webpin.com
4	platform.twitter.com	plbmwak.webpin.com platform.twitter.com
4	apis.google.com	plbmwak.webpin.com apis.google.com
4	www.facebook.com	1 redirects plbmwak.webpin.com connect.facebook.net
3	www.google.com	plbmwak.webpin.com www.gstatic.com
2	connect.facebook.net	plbmwak.webpin.com connect.facebook.net
2	plbmwak.webpin.com	plbmwak.webpin.com
1	syndication.twitter.com	plbmwak.webpin.com
1	accounts.google.com	apis.google.com
1	www.gstatic.com	www.google.com
1	cdn.pagina.mx	68.cdn.pagina.mx
1	static-content.springer.com	plbmwak.webpin.com
1	www.thejeffreymacdonaldcase.com	plbmwak.webpin.com
0	filex.no-ip.org Failed	plbmwak.webpin.com
33	14

This site contains links to these domains. Also see Links.

Domain
mex.tl
filex.no-ip.org
knnrzol.nation2.com
andy-palmer.co.uk
support.jaunt.ca
aeterna.qip.ru

Subject Issuer	Validity	Valid
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Frame ID: A252576E8E6752AC67313AF961BCC4D6
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20href=http%3A%2F%2Fwww.plbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20send=false&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20layout=button_count&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20width=100&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20show_faces=false&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20action=like&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20colorscheme=light&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20font&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20height=21&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20appId=390177081063004
Frame ID: C465FFBDE8F457AB8C5644AF8B093FF3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
Frame ID: 20FFA4012C094133CEEE2677B47E6A30
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fplbmwak.webpin.com
Frame ID: 650E9AA4D048CB52654572F28C198754
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=none&hl=en&origin=http%3A%2F%2Fplbmwak.webpin.com&url=http%3A%2F%2Fplbmwak.webpin.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
Frame ID: 4CB2AD559736E5A2523AC652512676BD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfvyzMUAAAAAJnp_2Ie2pv2XnJ0SRWK-ZGaFCRs&co=aHR0cDovL3BsYm13YWsud2VicGluLmNvbTo4MA..&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=lyryza1zpy6g
Frame ID: C4A8AD70E1E91A40FBEFA137441CE81C
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fplbmwak.webpin.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
Frame ID: 3A269B5D5FCD752BAC9A566823A61FB0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 195509B5B4D1F628B3BA86BEB5C02D2B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfvyzMUAAAAAJnp_2Ie2pv2XnJ0SRWK-ZGaFCRs&cb=pd80jlj1zero
Frame ID: 2521C4C48EDA7B018D9CD91C6C45E592
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26origin%3Dhttp%253A%252F%252Fplbmwak.webpin.com%252Ff3a8f5a3fe7c5ec%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&locale=en_US&sdk=joey&width=768
Frame ID: F0DD3DB9D50A8F456E76062BC8FB7D64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

33
Requests

55 %
HTTPS

58 %
IPv6

10
Domains

14
Subdomains

13
IPs

4
Countries

534 kB
Transfer

1394 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://mex.tl/
Title:

Search URL Search Domain Scan URL

URL: http://filex.no-ip.org/en?keyword=dd+form+1574+instructions&charset=utf-8
Title: Download Dd form 1574 instructions

Search URL Search Domain Scan URL

URL: http://knnrzol.nation2.com/index.php?page=1531112036
Title: Social learning theory example

Search URL Search Domain Scan URL

URL: http://andy-palmer.co.uk/index.php?option=com_k2&view=itemlist&task=user&id=5683
Title: Outlook helpdesk form

Search URL Search Domain Scan URL

URL: https://support.jaunt.ca/entries/89656107-Inconsistent-audio-sample-rate
Title: Inconsistent audio sample rate

Search URL Search Domain Scan URL

URL: http://aeterna.qip.ru/blogs/post/5157266/
Title: Maytag a612 manual

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35 HTTP 307
https://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

Request Chain 16

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 31

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26origin%3Dhttp%253A%252F%252Fplbmwak.webpin.com%252Ff3a8f5a3fe7c5ec%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&locale=en_US&sdk=joey&width=768 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26origin%3Dhttp%253A%252F%252Fplbmwak.webpin.com%252Ff3a8f5a3fe7c5ec%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&locale=en_US&sdk=joey&width=768

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set blog_dd-form-1574-instructions.html Show response
plbmwak.webpin.com/ 15 KB
5 KB 338ms
213ms Document
text/html 142.44.138.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 142.44.138.195 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: s3.builder.pagina.mx
Software: Apache/2.4.6 (CentOS) PHP/7.4.9 / PHP/7.4.9
Resource Hash: e7d63c3971da07250e0c2101c61048e34b6a2bec59128ac1facfc3b22edf95d1

Request headers

Host: plbmwak.webpin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:39 GMT
Server: Apache/2.4.6 (CentOS) PHP/7.4.9
X-Powered-By: PHP/7.4.9
Set-Cookie: PHPSESSID=abv3hv74alianrv26fajl9281i; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4859
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK common.css
68.cdn.pagina.mx/sites/css/ 42 KB
8 KB 245ms
220ms Stylesheet
text/css 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://68.cdn.pagina.mx/sites/css/common.css
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 11a2209d5e358cd39518f79f5b601a96d3788ce3092976a699e4ef77705ba1c8

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2015 16:16:42 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 7291
Expires: Sat, 05 Feb 2022 02:41:40 GMT

GET
H/1.1 200
OK 0c5a240e99e113f8e3a44744cfc91c69.js Show response
68.cdn.pagina.mx/jscripts/build/ 326 KB
97 KB 254ms
229ms Script
text/javascript 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://68.cdn.pagina.mx/jscripts/build/0c5a240e99e113f8e3a44744cfc91c69.js
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 14c0da85f525cb7a39bd0e5389ae9ea398cc1ff45e704bbb69236fb474cdd2ef

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 May 2017 18:25:39 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Expires: Sat, 05 Feb 2022 02:41:40 GMT

GET
H/1.1 200
OK Banner-728-25.gif
68.cdn.pagina.mx/images/ 8 KB
8 KB 113ms
113ms Image
image/gif 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://68.cdn.pagina.mx/images/Banner-728-25.gif
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 9c9ac211708b82fc07a8b28a9e11bb4767008f2e9e9695389e6e0f0994609b10

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 17 Apr 2015 22:44:07 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 8257
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET download.jpg
filex.no-ip.org/ 0
0

GET
H/1.1 200
OK article-32_rock_1970-10-13_p08.gif
www.thejeffreymacdonaldcase.com/assets/images/ 34 KB
34 KB 1383ms
1246ms Image
image/gif 209.17.116.160
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.thejeffreymacdonaldcase.com/assets/images/article-32_rock_1970-10-13_p08.gif

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

HTTP/1.1

Server

209.17.116.160 Jacksonville, United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.17.8.2 /

Resource Hash

360fa7688fcd0f8ac17cc691d746424bb295bcd2ebda506713add717299335f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 07 Nov 2014 22:58:08 GMT
Server: openresty/1.17.8.2
X-Webcom-Cache-Status: BYPASS
ETag: "86ee-5074cbf10a000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
X-XSS-Protection: "1; mode=block"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34542
X-Content-Type-Options: nosniff

GET
H/1.1 404
Not Found 000.png
static-content.springer.com/lookinside/chp%25253A10.1007%25252F978-1-4614-6531-7_8/ 9 B
413 B 55ms
40ms Image
text/plain 151.101.12.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static-content.springer.com/lookinside/chp%25253A10.1007%25252F978-1-4614-6531-7_8/000.png
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 151.101.12.95 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Via: 1.1 google, 1.1 varnish
X-Timer: S1612492900.479816,VS0,VE11
X-Served-By: cache-fra19158-FRA
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: text/plain; charset=UTF-8
X-Vcap-Request-Id: 25cd6c08-a26a-4593-4ab9-510c0c1db971
Connection: keep-alive
X-Cdn-Origin: SNPaaS
Accept-Ranges: bytes
Content-Length: 9
X-Cache-Hits: 0

GET
H/1.1 200
OK head.jpg
plbmwak.webpin.com/images/ 1 KB
2 KB 216ms
203ms Image
image/jpeg 142.44.138.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://plbmwak.webpin.com/images/head.jpg
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 142.44.138.195 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: s3.builder.pagina.mx
Software: Apache/2.4.6 (CentOS) PHP/7.4.9 /
Resource Hash: c7c42fd136a8761eb0ff31584ec9e02bdb7efd4be3ae4b2ddb683eee7a9d5ac5

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Mon, 16 Apr 2012 00:41:59 GMT
Server: Apache/2.4.6 (CentOS) PHP/7.4.9
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 1520
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 34ms
15ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 02:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Fri, 05 Feb 2021 02:41:40 GMT

GET
H/1.1 200
OK gen_bimage.jpg
68.cdn.pagina.mx/css-files/templates/518/ 51 KB
51 KB 114ms
114ms Image
image/jpeg 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://68.cdn.pagina.mx/css-files/templates/518/gen_bimage.jpg
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 6a5b589d20b9f8546ba8f9fcaebf50be7c282c9b65456dfad642181986bced4a

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 10 Oct 2014 18:13:50 GMT
Server: Apache
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 52085
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame C465 0
0 293ms
280ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20href=http%3A%2F%2Fwww.plbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20send=false&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20layout=button_count&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20width=100&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20show_faces=false&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20action=like&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20colorscheme=light&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20font&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20height=21&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20appId=390177081063004

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20href=http%3A%2F%2Fwww.plbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20send=false&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20layout=button_count&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20width=100&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20show_faces=false&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20action=like&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20colorscheme=light&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20font&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20height=21&%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20appId=390177081063004
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: LjstgIy0PQn6BnGYYpPP+TOJUCt6u92War3scG2mIsrH1u9WCOfh0j/g1rZN6y808gozUcZzCsxPXocUAA4vlg==
date: Fri, 05 Feb 2021 02:41:40 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 48ms
28ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d54294a6014df645a307b1ddcc2647e902b58333bc92a30d65ea1786d77457d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J+kLkvU2m/cQtlTX1t5lGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 02:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "3c51cc543292f02d30879e16f46128be"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-J+kLkvU2m/cQtlTX1t5lGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 05 Feb 2021 02:41:40 GMT

GET
H/1.1 200
OK yellow_bimage.png
68.cdn.pagina.mx/css-files/templates/518/ 642 B
988 B 117ms
116ms Image
image/png 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://68.cdn.pagina.mx/css-files/templates/518/yellow_bimage.png
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 0e32b8bf03d95ce4e83d93df4432f9f991b2cb1394604f6a5753a82f52e09c56

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 10 Oct 2014 18:13:50 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 642
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H/1.1 200
OK yellow_bulimage.png
68.cdn.pagina.mx/css-files/templates/518/ 315 B
662 B 231ms
217ms Image
image/png 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://68.cdn.pagina.mx/css-files/templates/518/yellow_bulimage.png
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 2679993d1b028f31e252f2f08de4a33c6b046097213f86a16ab15aa231ea990a

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 10 Oct 2014 18:13:50 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 315
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 29ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B82) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 777
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (amb/6B82)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2

200

like.php
www.facebook.com/plugins/ Frame 20FF
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
https://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

0
0

96ms
96ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: l+JAO6AtiaDn42unInmidKpDZHz3LHT5DcJYQCPOqgTqVvluFzb41raP7gn44gCj2x9HwhjT20tATMQfSmTA9Q==
date: Fri, 05 Feb 2021 02:41:40 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light&height=35
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg_com.png
cdn.pagina.mx/sites/images/ 109 B
456 B 235ms
214ms Image
image/png 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.pagina.mx/sites/images/bg_com.png
Requested by: Host: 68.cdn.pagina.mx
URL: http://68.cdn.pagina.mx/sites/css/common.css
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 2349505d2fae6c0c63529af50a338a77933b5ac480877eda8ba5fe7fbb48f7dc

Request headers

Referer: http://68.cdn.pagina.mx/sites/css/common.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 10 Oct 2014 18:13:51 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 109
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

42ms
29ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bfde106102023fe2325d8a4fe69a989ef2d715de07670af129796f33811e5952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sEQKqyJqcEZnfsb278Z+fA==
cross-origin-resource-policy: cross-origin
expires: Fri, 05 Feb 2021 02:44:36 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: I3LDEpu/BBuxxvOv+kqxcEcDTk3z7xJV2ENMamxwZPz8kd00WoteNbGosCl9IPoLyVf/9n8RFi7Nv87Hq09+Qw==
x-fb-trip-id: 686109401
x-fb-content-md5: 2aa2bc37142bf07d85dad95f10fddd46
date: Fri, 05 Feb 2021 02:41:40 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e472bb52d3fda8e09961a3bb7c66b5b4"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ 332 KB
130 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://plbmwak.webpin.com
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3094
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132389
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 05:06:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 01:50:06 GMT

GET
H/1.1 200
OK purple_bimage.png
68.cdn.pagina.mx/css-files/templates/518/ 179 B
526 B 230ms
216ms Image
image/png 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://68.cdn.pagina.mx/css-files/templates/518/purple_bimage.png
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 9bd1aad92d5c122cd33f3b95298248ce88a6827a47ff7538b4ad8d3e5fdac67b

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 10 Oct 2014 18:13:50 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 179
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H/1.1 200
OK purple_bulimage.png
68.cdn.pagina.mx/css-files/templates/518/ 548 B
895 B 261ms
247ms Image
image/png 207.182.143.52
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://68.cdn.pagina.mx/css-files/templates/518/purple_bulimage.png
Requested by: Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Protocol: HTTP/1.1
Server: 207.182.143.52 Columbus, United States, ASN10297 (ENET-2, US),
Reverse DNS: 207-182-143-52.xlhdns.com
Software: Apache /
Resource Hash: 29d0b45aa6021b026e578006e993cb0eff9ceca483f1c907a6b671eaa5f5c373

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Last-Modified: Fri, 10 Oct 2014 18:13:50 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 548
Expires: Sun, 07 Mar 2021 02:41:40 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 650E 0
0 57ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=http%3A%2F%2Fplbmwak.webpin.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B81) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 618876
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Feb 2021 02:41:40 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B81)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ 141 KB
50 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dbe94f24870455b60be49be9b72675f862260aa374086a786e893f59cb080b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 62495
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50334
x-xss-protection: 0
expires: Fri, 04 Feb 2022 09:20:05 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ 97 KB
34 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

274c5c962cd8ec53ac23d6d07978901972efd7b33e2eb0d1a7222c61fb7f907d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 03:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 82350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34392
x-xss-protection: 0
expires: Fri, 04 Feb 2022 03:49:10 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 4CB2 0
0 40ms
35ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=none&hl=en&origin=http%3A%2F%2Fplbmwak.webpin.com&url=http%3A%2F%2Fplbmwak.webpin.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UO5p9randdR4Xs40PGR2qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=none&hl=en&origin=http%3A%2F%2Fplbmwak.webpin.com&url=http%3A%2F%2Fplbmwak.webpin.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=208=FJya5KcW7_20kXsFQtm6Zk-igQRVa7Sf8F3a70em4tB6lWlACljDNXbx8Zy-_oHMm0-WdNZV9QRHUzZIT8toOEDke2C2mZIZLgTqQJM92mWWrz-kEbgtfRC77Ctb8S47BfAhdPvWTNeTYpEJGVuNrD8PjioXibybuFnx8ArqQu8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Feb 2021 02:41:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-UO5p9randdR4Xs40PGR2qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame C4A8 0
0 62ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfvyzMUAAAAAJnp_2Ie2pv2XnJ0SRWK-ZGaFCRs&co=aHR0cDovL3BsYm13YWsud2VicGluLmNvbTo4MA..&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=lyryza1zpy6g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dEQbxym/rUxIudUTXjDiIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfvyzMUAAAAAJnp_2Ie2pv2XnJ0SRWK-ZGaFCRs&co=aHR0cDovL3BsYm13YWsud2VicGluLmNvbTo4MA..&hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&size=normal&cb=lyryza1zpy6g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=208=FJya5KcW7_20kXsFQtm6Zk-igQRVa7Sf8F3a70em4tB6lWlACljDNXbx8Zy-_oHMm0-WdNZV9QRHUzZIT8toOEDke2C2mZIZLgTqQJM92mWWrz-kEbgtfRC77Ctb8S47BfAhdPvWTNeTYpEJGVuNrD8PjioXibybuFnx8ArqQu8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Feb 2021 02:41:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-dEQbxym/rUxIudUTXjDiIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11306
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 191 KB
58 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=d0c28d512a7059ada65f7506c9ccebfa&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45bbf3f15b4c82675a1902b39a829cadafdba1275e005c3f99017f17d764e11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://plbmwak.webpin.com
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RW5wtIIe16XILJixzSSVgQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58482
x-fb-rlafr: 0
x-fb-debug: auYQ/giGjA4vy/D16jH1bY9sVLuK3fgsEtde5uVvTcXmiqek/Up7/lrrG+1FwPh491x+DM1GKDh1PlTAIDEowg==
x-fb-trip-id: 686109401
x-fb-content-md5: 71710bdd9a822b8608063279984c718d
x-frame-options: DENY
date: Fri, 05 Feb 2021 02:41:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "469bf53ef4a4d03c96b580fe6d9a3f3e"
timing-allow-origin: *
expires: Sat, 05 Feb 2022 01:13:22 GMT

GET
H/1.1 200
OK button.63c51c903061d0dbd843c41e8a00aa5a.js Show response
platform.twitter.com/js/ 7 KB
3 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 02:41:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (amb/6B72)
Age: 618878
Etag: "62d4b0301f07768d13f3ee5de8633739+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 3A26 0
0 63ms
43ms Document
text/html 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fplbmwak.webpin.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-avOq4vlZmNCSsSrgcyudYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fplbmwak.webpin.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=208=FJya5KcW7_20kXsFQtm6Zk-igQRVa7Sf8F3a70em4tB6lWlACljDNXbx8Zy-_oHMm0-WdNZV9QRHUzZIT8toOEDke2C2mZIZLgTqQJM92mWWrz-kEbgtfRC77Ctb8S47BfAhdPvWTNeTYpEJGVuNrD8PjioXibybuFnx8ArqQu8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Feb 2021 02:41:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-avOq4vlZmNCSsSrgcyudYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 1955 0
0 15ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 618877
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Feb 2021 02:41:40 GMT
Etag: "076dccdedb34f3771be52190b917884e+gzip"
Last-Modified: Thu, 01 Oct 2020 21:49:58 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B72)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12263

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 2521 0
0 16ms
15ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfvyzMUAAAAAJnp_2Ie2pv2XnJ0SRWK-ZGaFCRs&cb=pd80jlj1zero

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bFDWwC60FkQUd1WrljusNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=2Mfykwl2mlvyQZQ3PEgoH710&k=6LfvyzMUAAAAAJnp_2Ie2pv2XnJ0SRWK-ZGaFCRs&cb=pd80jlj1zero
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=208=FJya5KcW7_20kXsFQtm6Zk-igQRVa7Sf8F3a70em4tB6lWlACljDNXbx8Zy-_oHMm0-WdNZV9QRHUzZIT8toOEDke2C2mZIZLgTqQJM92mWWrz-kEbgtfRC77Ctb8S47BfAhdPvWTNeTYpEJGVuNrD8PjioXibybuFnx8ArqQu8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Feb 2021 02:41:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-bFDWwC60FkQUd1WrljusNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1122
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
360 B 127ms
127ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1612492900910%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ed20a2b%3A1601588405575%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: plbmwak.webpin.com
URL: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 02:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Fri, 05 Feb 2021 02:41:40 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d88e46def808cdbe367139be3d63d194
x-transaction: 00276b8700dea727
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame F0DD
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26o...

0
0

48ms
48ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26origin%3Dhttp%253A%252F%252Fplbmwak.webpin.com%252Ff3a8f5a3fe7c5ec%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&locale=en_US&sdk=joey&width=768

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=d0c28d512a7059ada65f7506c9ccebfa&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26origin%3Dhttp%253A%252F%252Fplbmwak.webpin.com%252Ff3a8f5a3fe7c5ec%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&locale=en_US&sdk=joey&width=768
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://plbmwak.webpin.com/blog_dd-form-1574-instructions.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: n0VgFOX22g+MQZUEoLJ0VurPDMhJzlmO7Ts4vnXJujYCjy1kV7DI7gLTsweomk+nySgrwTchISreTBtqaUmPEg==
date: Fri, 05 Feb 2021 02:41:41 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3bf9be1823a6b%26domain%3Dplbmwak.webpin.com%26origin%3Dhttp%253A%252F%252Fplbmwak.webpin.com%252Ff3a8f5a3fe7c5ec%26relation%3Dparent.parent&container_width=750&height=100&href=http%3A%2F%2Fplbmwak.webpin.com%2Fblog_dd-form-1574-instructions.html&locale=en_US&sdk=joey&width=768
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: drug4fupNV0dlb0v/nBpGshARs/+cIssP6KjDdBkqi+/xAEcHHdVB9rWdyRGRbeOpJ9F4SRIZqbnU/R8lUxLjw==
content-length: 0
date: Fri, 05 Feb 2021 02:41:41 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: filex.no-ip.org
URL: http://filex.no-ip.org/download.jpg

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 20:18:24	Name: NID Value: 208=FJya5KcW7_20kXsFQtm6Zk-igQRVa7Sf8F3a70em4tB6lWlACljDNXbx8Zy-_oHMm0-WdNZV9QRHUzZIT8toOEDke2C2mZIZLgTqQJM92mWWrz-kEbgtfRC77Ctb8S47BfAhdPvWTNeTYpEJGVuNrD8PjioXibybuFnx8ArqQu8
			plbmwak.webpin.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: abv3hv74alianrv26fajl9281i

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68.cdn.pagina.mx
accounts.google.com
apis.google.com
cdn.pagina.mx
connect.facebook.net
filex.no-ip.org
platform.twitter.com
plbmwak.webpin.com
static-content.springer.com
syndication.twitter.com
www.facebook.com
www.google.com
www.gstatic.com
www.thejeffreymacdonaldcase.com
filex.no-ip.org
104.244.42.200
142.44.138.195
151.101.12.95
207.182.143.52
209.17.116.160
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:810::2003
2a00:1450:4001:811::200d
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0e32b8bf03d95ce4e83d93df4432f9f991b2cb1394604f6a5753a82f52e09c56
11a2209d5e358cd39518f79f5b601a96d3788ce3092976a699e4ef77705ba1c8
14c0da85f525cb7a39bd0e5389ae9ea398cc1ff45e704bbb69236fb474cdd2ef
1dbe94f24870455b60be49be9b72675f862260aa374086a786e893f59cb080b0
2349505d2fae6c0c63529af50a338a77933b5ac480877eda8ba5fe7fbb48f7dc
2679993d1b028f31e252f2f08de4a33c6b046097213f86a16ab15aa231ea990a
274c5c962cd8ec53ac23d6d07978901972efd7b33e2eb0d1a7222c61fb7f907d
29d0b45aa6021b026e578006e993cb0eff9ceca483f1c907a6b671eaa5f5c373
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
360fa7688fcd0f8ac17cc691d746424bb295bcd2ebda506713add717299335f2
45bbf3f15b4c82675a1902b39a829cadafdba1275e005c3f99017f17d764e11d
6a5b589d20b9f8546ba8f9fcaebf50be7c282c9b65456dfad642181986bced4a
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
9bd1aad92d5c122cd33f3b95298248ce88a6827a47ff7538b4ad8d3e5fdac67b
9c9ac211708b82fc07a8b28a9e11bb4767008f2e9e9695389e6e0f0994609b10
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bfde106102023fe2325d8a4fe69a989ef2d715de07670af129796f33811e5952
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
c7c42fd136a8761eb0ff31584ec9e02bdb7efd4be3ae4b2ddb683eee7a9d5ac5
d54294a6014df645a307b1ddcc2647e902b58333bc92a30d65ea1786d77457d2
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
e7d63c3971da07250e0c2101c61048e34b6a2bec59128ac1facfc3b22edf95d1

plbmwak.webpin.com Open in urlscan Pro 142.44.138.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

55 %HTTPS

58 %IPv6

10 Domains

14 Subdomains

13 IPs

4 Countries

534 kBTransfer

1394 kBSize

2 Cookies

6 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

plbmwak.webpin.com Open in urlscan Pro
142.44.138.195 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

55 %
HTTPS

58 %
IPv6

10
Domains

14
Subdomains

13
IPs

4
Countries

534 kB
Transfer

1394 kB
Size

2
Cookies

33 HTTP transactions
0 data transactions