www.vkremez.com Open in urlscan Pro
2606:4700:3031::681c:153e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Submission: On March 20 via api (March 20th 2020, 4:01:13 pm UTC) from US

Summary HTTP 134 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 134 HTTP transactions. The main IP is 2606:4700:3031::681c:153e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.vkremez.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 23rd 2020. Valid for: 9 months.

This is the only time www.vkremez.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3031::681c:153e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 18	2a00:1450:400... 2a00:1450:4001:80b::2009	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 1	2001:4860:480... 2001:4860:4802:32::75	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::75	15169 (GOOGLE) (GOOGLE)
9	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
35	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
32	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2a00:1450:400... 2a00:1450:4001:81b::200d	15169 (GOOGLE) (GOOGLE)
134	13

6 2606:4700:3031::681c:153e (United States)

ASN13335 (CLOUDFLARENET, US)

www.vkremez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2009 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::75 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::75 (United States)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com 2.bp.blogspot.com	1 MB
33	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com	174 KB
12	blogger.com 2 redirects www.blogger.com	556 KB
11	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	107 KB
6	blogblog.com www.blogblog.com	304 KB
6	vkremez.com www.vkremez.com	29 KB
5	google.com 3 redirects www.google.com apis.google.com accounts.google.com	69 KB
2	facebook.com www.facebook.com
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	google.de www.google.de	109 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	161 B
1	cloudflare.com ajax.cloudflare.com	4 KB
134	12

	Domain	Requested by
26	abs.twimg.com	platform.twitter.com
26	1.bp.blogspot.com
13	4.bp.blogspot.com
12	www.blogger.com	2 redirects www.vkremez.com ajax.cloudflare.com www.blogblog.com
10	2.bp.blogspot.com
9	3.bp.blogspot.com
9	platform.twitter.com	www.blogblog.com platform.twitter.com
6	pbs.twimg.com
6	www.blogblog.com	ajax.cloudflare.com
6	www.vkremez.com	www.vkremez.com ajax.cloudflare.com www.blogblog.com
2	accounts.google.com	2 redirects
2	www.facebook.com	www.blogblog.com
2	syndication.twitter.com	1 redirects
2	apis.google.com	www.blogblog.com apis.google.com
2	www.google-analytics.com	1 redirects www.vkremez.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.google.de	www.vkremez.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	ajax.cloudflare.com	www.vkremez.com
134	20

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
4.bp.blogspot.com
twitter.com
blog.malwarebytes.com
www.malwarebytes.com
2.bp.blogspot.com
github.com
1.bp.blogspot.com
3.bp.blogspot.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-23` - `2020-10-09`	9 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Frame ID: 7C553D86ADFB949E91CAEE4F76B16247
Requests: 135 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html?origin=https%3A%2F%2Fwww.vkremez.com
Frame ID: 87B31ABD0CE8BA6A01615824C41A9FA1
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: E14829FAA0FAA1B3EE9EF040738F72E6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.vkremez.com%2F2020%2F02%2Flets-learn-inside-parallax-rat-malware.html&count=horizontal&text=Let%27s%20Learn%3A%20Inside%20Parallax%20RAT%20Malware%3A%20Process%20Hollowing%20Injection%20%26%20Process%20Doppelg%C3%A4nging%20API%20Mix%3A%20Part%20I&size=medium
Frame ID: 957871CCACDEBC94169E85315ADBD825
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.vkremez.com%2F2020%2F02%2Flets-learn-inside-parallax-rat-malware.html&send=false&layout=button_count&action=like&show_faces=false&colorscheme=light
Frame ID: 4C7627686E54460D414089E66DB86106
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&count=horizontal&text=Let%27s%20Learn%3A%20In-Depth%20Reversing%20of%20GrandSoft%20Exploit%20Kit%20PluginDetect%20Version%20%220.9.1%22%20and%20Its%20VBScript%20Memory%20Corruption%20CVE-2016-0189%20Exploit&size=medium
Frame ID: 39AE994B456BE023BD43F43D9EBC7DC2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&send=false&layout=button_count&action=like&show_faces=false&colorscheme=light
Frame ID: 6C784A6D4AF2650862D7A0C5B80AB175
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545
Frame ID: 9B9ABC5C20EDB8F3DC2CDF2821F7E5DB
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545&bpli=1
Frame ID: 6FA4D4CE1C73A8896ECD2A5ABE15574D
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720
Frame ID: 997C67D234C1272E488891255A48ED4C
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720&bpli=1
Frame ID: 5B4BDE91D40A570F31CAF9EA5231F523
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

134
Requests

97 %
HTTPS

93 %
IPv6

12
Domains

20
Subdomains

13
IPs

4
Countries

2449 kB
Transfer

7738 kB
Size

4
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/post-edit.g?blogID=3986785863650565253&postID=8716318262823571720&from=pencil

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-lfpI23_lx5A/Wsp4iOyl24I/AAAAAAAAG1M/gQPrA4N06YoFjQVitVCosujP5qBs8tulACLcBGAs/s1600/Screen%2BShot%2B2018-04-08%2Bat%2B15.39.55.png

Search URL Search Domain Scan URL

URL: https://twitter.com/jeromesegura
Title: Jerome Segura

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2018/03/exploit-kits-winter-2018-review/
Title: Exploit kits: Winter 2018 review

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/
Title: MalwareBytes

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-3-JtGdwV8zU/Wsp-Ms3fbjI/AAAAAAAAG1c/gyTIIgTrXNIJCF2zBxTStcOr4R4nS6eEQCLcBGAs/s1600/Screen%2BShot%2B2018-04-08%2Bat%2B16.40.00.png

Search URL Search Domain Scan URL

URL: https://github.com/theori-io/cve-2016-0189
Title: shell32

Search URL Search Domain Scan URL

URL: https://4.bp.blogspot.com/-A7w_UrZPoho/Wsp_7Ku0skI/AAAAAAAAG1o/wgp_Q-ZlyxQue1NpJ4MrACrv8eXI5iPTACLcBGAs/s1600/Screen%2BShot%2B2018-04-08%2Bat%2B15.15.25.png

Search URL Search Domain Scan URL

URL: http://www.blogger.com/profile/08061973052790292809
Title: Vitali Kremez

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3986785863650565253&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/home

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=3986785863650565253&postID=1979554836285324545&from=pencil

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam
Title: @malwrhunterteam

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-wRqDCGKGUmU/XlSDqTVA80I/AAAAAAAAH2k/bpC4X8IdXkcrYpWHed5FaKAdzIfl3M12gCLcBGAsYHQ/s1600/Screen%2BShot%2B2020-02-24%2Bat%2B6.09.24%2BPM.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-w95_Up3IW9M/XlSE1K7bfBI/AAAAAAAAH2w/h8jFzMvUZ7gTJ6vVxuawpa7ZNwo0cynTACLcBGAsYHQ/s1600/Screen%2BShot%2B2020-02-24%2Bat%2B5.53.53%2BPM.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-H18leKCUMAQ/XlSeULCiOTI/AAAAAAAAH3I/MinTEjHbwug_WWX3sVbSo7DfnCMI-DGdwCLcBGAsYHQ/s1600/Screen%2BShot%2B2020-02-24%2Bat%2B8.10.44%2BPM.png

Search URL Search Domain Scan URL

URL: https://3.bp.blogspot.com/-QVshdtDzrTE/XlSFInuiuFI/AAAAAAAAH28/Y2Xg-8OOzhIjLCDMLeOyfQ9ZqH5qj0rnwCK4BGAYYCw/s1600/Screen%2BShot%2B2020-02-24%2Bat%2B7.39.01%2BAM.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-fqGR6j1REKQ/XlSlUxa6ESI/AAAAAAAAH3g/uhitjP-QTNc3S5aEYPnAEPQmYK7yQGjtgCLcBGAsYHQ/s1600/Screen%2BShot%2B2020-02-24%2Bat%2B8.40.31%2BPM.png

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-9CLmm24a_q8/XlSgbRqp-kI/AAAAAAAAH3U/AzGBtSN5zpwGTYAZREuhptJKmranS23aQCLcBGAsYHQ/s1600/Screen%2BShot%2B2020-02-24%2Bat%2B8.19.43%2BPM.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/08061973052790292809
Title: Vitali Kremez

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=8525769&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&ul=en-us&de=UTF-8&dt=Vitali%20Kremez%20%7C%20Ethical%20Hacker%20%7C%20Reverse%20Engineer%3A%20Let%27s%20Learn%3A%20In-Depth%20Reversing%20of%20GrandSoft%20Exploit%20Kit%20PluginDetect%20Version%20%220.9.1%22%20and%20Its%20VBScript%20Memory%20Corruption%20CVE-2016-0189%20Exploit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=882597959&gjid=1013128976&cid=2097435267.1584720048&tid=UA-68445231-1&_gid=432526674.1584720048&_r=1&z=2069135473 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_gid=432526674.1584720048&gjid=1013128976&_v=j81&z=2069135473 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_v=j81&z=2069135473 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_v=j81&z=2069135473&slf_rd=1&random=496545404

Request Chain 108

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 142

https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D3986785863650565253%26postID%3D1979554836285324545%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3986785863650565253%26postID%3D1979554836285324545%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545&bpli=1

Request Chain 145

https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D3986785863650565253%26postID%3D8716318262823571720%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3986785863650565253%26postID%3D8716318262823571720%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720&bpli=1

134 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lets-learn-in-depth-reversing-of.html Show response
www.vkremez.com/2018/04/ 22 KB
6 KB 231ms
195ms Document
text/html 2606:4700:3031::681c:153e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:153e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a1402cfa4c2b328cf5d29bce40d099d7a5f0d142543e36e9d54075fce2083b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.vkremez.com
:scheme: https
:path: /2018/04/lets-learn-in-depth-reversing-of.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Fri, 20 Mar 2020 16:00:48 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d907188d73c3ca5c5d8da22cda4a425d41584720048; expires=Sun, 19-Apr-20 16:00:48 GMT; path=/; domain=.vkremez.com; HttpOnly; SameSite=Lax
expires: Fri, 20 Mar 2020 16:00:48 GMT
cache-control: private, max-age=0
last-modified: Wed, 11 Mar 2020 07:56:53 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5770a5ecd9af9ab0-FRA
content-encoding: br

GET
H2 200 rCFq0Q-zTsMxcd3V8sTNUHIcYvw.js Show response
www.vkremez.com/cdn-cgi/apps/head/ 6 KB
2 KB 32ms
30ms Script
application/javascript 2606:4700:3031::681c:153e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vkremez.com/cdn-cgi/apps/head/rCFq0Q-zTsMxcd3V8sTNUHIcYvw.js
Requested by: Host: www.vkremez.com
URL: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:153e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9bf20fa1e29339c8dcbe0df9f1cd23ee01df3ae0877cdc80d08c33a30d41ab4

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 16:00:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 3223300
status: 200
x-amz-request-id: 9B4A852FD5425AEB
x-amz-id-2: 4XbB0uxTfrTH1JakhgLNP21YG58UoUjpKxUFXhHD3bnkc2eflUgdZzvdlwGU2wwm6NyZU+PuBEI=
last-modified: Thu, 20 Jul 2017 22:51:20 GMT
server: cloudflare
etag: W/"279e89472487866cc22f82d8f249bc9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: mzdAianDF56VdV788peQgLeXBaEyDfbD
cf-ray: 5770a5ee1b1c9ab0-FRA

GET
H2 200 3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
36 KB 21ms
6ms Stylesheet
text/css 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css

Requested by

Host: www.vkremez.com
URL: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 20 Mar 2020 15:55:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 20:29:58 GMT
server: sffe
age: 306
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 36974
x-xss-protection: 0
expires: Sat, 20 Mar 2021 15:55:42 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 13ms
10ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.vkremez.com
URL: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 16:00:48 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 17 Mar 2020 16:29:47 GMT
server: cloudflare
etag: W/"5e70fafb-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5770a5ee2b0a1f19-FRA
expires: Sun, 22 Mar 2020 16:00:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.vkremez.com
URL: https://www.vkremez.com/cdn-cgi/apps/head/rCFq0Q-zTsMxcd3V8sTNUHIcYvw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4933
date: Fri, 20 Mar 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 20 Mar 2020 16:38:35 GMT

GET
H2 200 6Un-tcGipDRUsckjwkdswoMYqSY.js Show response
www.vkremez.com/cdn-cgi/apps/body/ 11 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700:3031::681c:153e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vkremez.com/cdn-cgi/apps/body/6Un-tcGipDRUsckjwkdswoMYqSY.js
Requested by: Host: www.vkremez.com
URL: https://www.vkremez.com/cdn-cgi/apps/head/rCFq0Q-zTsMxcd3V8sTNUHIcYvw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:153e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4f00b740c987fdd882682830c76c2ff10b2b8982ae7ac58086758c274fc935

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 16:00:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 1351545
status: 200
x-amz-request-id: 5DF2B50974D2E3D4
x-amz-id-2: BZ5fANbjqY1iX4q5J34Ze6r4BdMVLN7xQRO4x9UoyX27Q+TPThGTJLyRbOi26nYu9rUmsy3/Fk4=
last-modified: Thu, 20 Jul 2017 22:51:20 GMT
server: cloudflare
etag: W/"9fdd0c96e9162120a77ae3a5505c5a13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: oSpWrK3hBysq.HtSVcNdZvYr4ggdNm5s
cf-ray: 5770a5ee5b529ab0-FRA

GET
H2 200 jquery.js Show response
www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/ 97 KB
34 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef25f2d6f5aa424f594bbaa63c1f86a634e2b87911e1db695b2a0c2e6927353a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Mar 2020 06:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Mar 2020 23:22:33 GMT
server: sffe
age: 35115
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35009
x-xss-protection: 0
expires: Fri, 27 Mar 2020 06:15:33 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=8525769&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&ul=en-us&de=UTF-8&dt=Vitali%20Kr...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_gid=432526674.1584720048&gjid=1013128976&_v=j81&z=2069135473
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_v=j81&z=2069135473
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_v=j81&z=2069135473&slf_rd=1&random=496545404

42 B
109 B

19ms
19ms

Image
image/gif

2001:4860:4802:38::75
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_v=j81&z=2069135473&slf_rd=1&random=496545404

Requested by

Host: www.vkremez.com
URL: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Mar 2020 16:00:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Mar 2020 16:00:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-68445231-1&cid=2097435267.1584720048&jid=882597959&_v=j81&z=2069135473&slf_rd=1&random=496545404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-mousewheel.js Show response
www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery-mousewheel.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e41f7333fa9b59a516a5a4f3af346bb24a4c3c8a7bc26551b6fec8d0f6b8555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Mar 2020 06:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Mar 2020 23:22:33 GMT
server: sffe
age: 35115
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1289
x-xss-protection: 0
expires: Fri, 27 Mar 2020 06:15:33 GMT

GET
H2 200 common.js Show response
www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/ 216 KB
89 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/common.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4248ce46a79da23e835f59b4b7a41397839ba6baec2f724db95f475471dd0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Mar 2020 06:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Mar 2020 23:22:33 GMT
server: sffe
age: 35115
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 91498
x-xss-protection: 0
expires: Fri, 27 Mar 2020 06:15:33 GMT

GET
H2 200 sidebar.js Show response
www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/ 116 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/sidebar.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5861e2e5ac76e8ccd8207a124f22bd6936d12ea29ecb13d6889e5d026c6dfe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 19 Mar 2020 01:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Mar 2020 23:22:33 GMT
server: sffe
age: 139457
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 40044
x-xss-protection: 0
expires: Thu, 26 Mar 2020 01:16:31 GMT

GET
H2 200 gadgets.js Show response
www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/ 63 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/gadgets.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a01b7d240525f3534d5fc8dab500ebf1a3486f2d50e2767f9b96d7b6257abe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Mar 2020 06:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Mar 2020 23:22:33 GMT
server: sffe
age: 35115
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20549
x-xss-protection: 0
expires: Fri, 27 Mar 2020 06:15:33 GMT

GET
H2 200 comments.js Show response
www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/ 390 KB
119 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Mar 2020 06:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 May 2012 20:21:35 GMT
server: sffe
age: 35123
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 122175
x-xss-protection: 0
expires: Fri, 27 Mar 2020 06:15:25 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
668 B 133ms
133ms Stylesheet
text/css 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3986785863650565253&zx=6a2f0d61-d4a9-4148-9f16-e103033712f8

Requested by

Host: www.vkremez.com
URL: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 20 Mar 2020 16:00:48 GMT
server: GSE
date: Fri, 20 Mar 2020 16:00:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1833189695-widgets.js Show response
www.blogger.com/static/v1/widgets/ 140 KB
52 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1833189695-widgets.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e8f531ac723f295449ab9d701933eb146cf0381fb5aff1210a902ac5217f264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 15:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 19:30:09 GMT
server: sffe
age: 1042
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 52850
x-xss-protection: 0
expires: Sat, 20 Mar 2021 15:43:26 GMT

GET
H2 200 cookienotice.js Show response
www.vkremez.com/js/ 4 KB
1 KB 14ms
13ms Script
text/javascript 2606:4700:3031::681c:153e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vkremez.com/js/cookienotice.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:153e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1385fe6c7366b4ab71c2806b9d327c837c8b5d74e35aa762200da83feb6113a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 16:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10275
cf-polished: origSize=6513
status: 200
cf-bgj: minify
x-xss-protection: 0
last-modified: Fri, 20 Mar 2020 12:15:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 5770a5f04cb99ab0-FRA
expires: Fri, 27 Mar 2020 13:09:33 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
114 B 692ms
692ms Stylesheet
text/css 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3986785863650565253&zx=6a2f0d61-d4a9-4148-9f16-e103033712f8

Requested by

Host: www.vkremez.com
URL: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 20 Mar 2020 16:00:49 GMT
server: GSE
date: Fri, 20 Mar 2020 16:00:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4286fd6f7ca4c6d12f1573d042d24982f0564a0dc35080bf44a560b0845bf4e7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 default Show response
www.blogger.com/feeds/3986785863650565253/posts/ 2 MB
260 KB 1034ms
1034ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/3986785863650565253/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true&callback=jQuery1125007078886215423297_1584720048431&_=1584720048432

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ab29fa8021a9016914c69ae37ae1d71dc6ae1ded5343e11053dd82fc2c790df

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
vary: Accept, X-GData-Authorization, GData-Version
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
date: Fri, 20 Mar 2020 16:00:50 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Mar 2020 07:56:53 GMT
server: GSE
etag: W/"CUMFQng-eSp7ImA9XB5QGUw."
x-frame-options: SAMEORIGIN
gdata-version: 2.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-transform
x-content-type-options: nosniff
expires: Fri, 20 Mar 2020 16:00:50 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d078d779c6d50be940b91eafdc1e0091ee1aef73087fdcddfb7771470b3c59

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39e1d583fa516a045854dd31d01795224685f184c7309e649805f961db4c0d4b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c6eb5fe76799775f269cf110d2b953f50c439b693e6ef0c9ce52426bb5c2fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8716318262823571720 Show response
www.vkremez.com//feeds/posts/default/ 106 KB
9 KB 182ms
182ms XHR
application/json 2606:4700:3031::681c:153e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vkremez.com//feeds/posts/default/8716318262823571720?alt=json&v=2&dynamicviews=1&rewriteforssl=true

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:153e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c24539ff102cbfed69bbbfa25ea1e6650a5f1088d335cf8e9d0ab7d733f56aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-xss-protection: 0
last-modified: Sun, 08 Apr 2018 21:44:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"385155fb50a94fbf6404ff7603b451b68c25cefceddf94f032de22df3b6230ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 5770a5ffb9379ab0-FRA
expires: Fri, 20 Mar 2020 16:00:52 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 48 KB
19 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js?_=1584720048433

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9ec74ce726a37b1604831c23311ced0bf7e37094464b3acf79d59d7c7588f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-vRFN/lMPGLvaoLag4pYj6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b6508b888718780aaaf3716eafaf32ea"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Fri, 20 Mar 2020 16:00:51 GMT

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 088734158a6c69e32f928ffa72f2e6505312e5a76bca31ff34bbe85ce100e992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 10ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: 198c88313d65f4d2b30b218566c00f96002f78ae125643d5a73a669b46cab112

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 20 Mar 2020 16:00:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:21:21 GMT
Server: ECS (fcn/41A4)
Age: 458
Etag: "3ce571864e8afdda3bc0a81ffbebe447+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29105

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B6.09.24%2BPM.png
1.bp.blogspot.com/-wRqDCGKGUmU/XlSDqTVA80I/AAAAAAAAH2k/bpC4X8IdXkcrYpWHed5FaKAdzIfl3M12gCLcBGAsYHQ/s640/ 48 KB
49 KB 53ms
31ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wRqDCGKGUmU/XlSDqTVA80I/AAAAAAAAH2k/bpC4X8IdXkcrYpWHed5FaKAdzIfl3M12gCLcBGAsYHQ/s640/Screen%2BShot%2B2020-02-24%2Bat%2B6.09.24%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4183c3f221467e23f54b7e8a1bee440c4c04f96f79082840834874133cec0f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:42:30 GMT
x-content-type-options: nosniff
age: 1101
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 6.09.24 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 49628
x-xss-protection: 0
server: fife
etag: "v1f6a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B5.53.53%2BPM.png
1.bp.blogspot.com/-w95_Up3IW9M/XlSE1K7bfBI/AAAAAAAAH2w/h8jFzMvUZ7gTJ6vVxuawpa7ZNwo0cynTACLcBGAsYHQ/s640/ 122 KB
123 KB 50ms
28ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-w95_Up3IW9M/XlSE1K7bfBI/AAAAAAAAH2w/h8jFzMvUZ7gTJ6vVxuawpa7ZNwo0cynTACLcBGAsYHQ/s640/Screen%2BShot%2B2020-02-24%2Bat%2B5.53.53%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62fd73cefebc2d291bd0328a83d82493e2d472eab7f1bf3a24fe1e7d7c717806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:42:33 GMT
x-content-type-options: nosniff
age: 1098
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 5.53.53 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 125358
x-xss-protection: 0
server: fife
etag: "v1f70"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B8.10.44%2BPM.png
1.bp.blogspot.com/-H18leKCUMAQ/XlSeULCiOTI/AAAAAAAAH3I/MinTEjHbwug_WWX3sVbSo7DfnCMI-DGdwCLcBGAsYHQ/s400/ 83 KB
83 KB 38ms
16ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-H18leKCUMAQ/XlSeULCiOTI/AAAAAAAAH3I/MinTEjHbwug_WWX3sVbSo7DfnCMI-DGdwCLcBGAsYHQ/s400/Screen%2BShot%2B2020-02-24%2Bat%2B8.10.44%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

aedf5ed32b9fb7634bf3de2dda962079679444b4619b3db92e4fa533ac36055f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:43:05 GMT
x-content-type-options: nosniff
age: 1066
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 8.10.44 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 84875
x-xss-protection: 0
server: fife
etag: "v1f73"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B7.39.01%2BAM.png
3.bp.blogspot.com/-QVshdtDzrTE/XlSFInuiuFI/AAAAAAAAH28/Y2Xg-8OOzhIjLCDMLeOyfQ9ZqH5qj0rnwCK4BGAYYCw/s640/ 196 KB
196 KB 30ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-QVshdtDzrTE/XlSFInuiuFI/AAAAAAAAH28/Y2Xg-8OOzhIjLCDMLeOyfQ9ZqH5qj0rnwCK4BGAYYCw/s640/Screen%2BShot%2B2020-02-24%2Bat%2B7.39.01%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94b082ce0c594c9c1fe3c4d2dc5f4e0e3cb18f607930b081db2d62c24dd22a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:43:13 GMT
x-content-type-options: nosniff
age: 1058
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 7.39.01 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 200452
x-xss-protection: 0
server: fife
etag: "v1f70"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B8.40.31%2BPM.png
1.bp.blogspot.com/-fqGR6j1REKQ/XlSlUxa6ESI/AAAAAAAAH3g/uhitjP-QTNc3S5aEYPnAEPQmYK7yQGjtgCLcBGAsYHQ/s640/ 56 KB
56 KB 31ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-fqGR6j1REKQ/XlSlUxa6ESI/AAAAAAAAH3g/uhitjP-QTNc3S5aEYPnAEPQmYK7yQGjtgCLcBGAsYHQ/s640/Screen%2BShot%2B2020-02-24%2Bat%2B8.40.31%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

576c4aef678581925b080efed2af08d2a562ce962b83ea31bb227c24164233c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:42:11 GMT
x-content-type-options: nosniff
age: 1120
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 8.40.31 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 57038
x-xss-protection: 0
server: fife
etag: "v1f79"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B8.19.43%2BPM.png
1.bp.blogspot.com/-9CLmm24a_q8/XlSgbRqp-kI/AAAAAAAAH3U/AzGBtSN5zpwGTYAZREuhptJKmranS23aQCLcBGAsYHQ/s640/ 72 KB
73 KB 45ms
23ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-9CLmm24a_q8/XlSgbRqp-kI/AAAAAAAAH3U/AzGBtSN5zpwGTYAZREuhptJKmranS23aQCLcBGAsYHQ/s640/Screen%2BShot%2B2020-02-24%2Bat%2B8.19.43%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c229880f910d8f2fc250b318707234841a3ab0d715527f27cd057e508d4b68c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:43:19 GMT
x-content-type-options: nosniff
age: 1052
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 8.19.43 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 74188
x-xss-protection: 0
server: fife
etag: "v1f76"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B5.50.04%2BPM.png
1.bp.blogspot.com/--heDNl6NcuY/XlSE-k04sCI/AAAAAAAAH20/4B96bGRilyUi_kux8EeRThdj14BnlHbWgCLcBGAsYHQ/s640/ 99 KB
99 KB 40ms
19ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--heDNl6NcuY/XlSE-k04sCI/AAAAAAAAH20/4B96bGRilyUi_kux8EeRThdj14BnlHbWgCLcBGAsYHQ/s640/Screen%2BShot%2B2020-02-24%2Bat%2B5.50.04%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cda3553c4449fe81405fb22a19042a6b5e23a2ace595f13b706226d8116f5b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:43:27 GMT
x-content-type-options: nosniff
age: 1044
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 5.50.04 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 101474
x-xss-protection: 0
server: fife
etag: "v1f70"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2020-02-24%2Bat%2B6.09.24%2BPM.png
1.bp.blogspot.com/-wRqDCGKGUmU/XlSDqTVA80I/AAAAAAAAH2k/bpC4X8IdXkcrYpWHed5FaKAdzIfl3M12gCLcBGAsYHQ/s30-p/ 764 B
834 B 11ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wRqDCGKGUmU/XlSDqTVA80I/AAAAAAAAH2k/bpC4X8IdXkcrYpWHed5FaKAdzIfl3M12gCLcBGAsYHQ/s30-p/Screen%2BShot%2B2020-02-24%2Bat%2B6.09.24%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

10e1b9c2de3504f2345907eef55f57ab8db35cafc72afdec0ac986f45291a8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-24 at 6.09.24 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 764
x-xss-protection: 0
server: fife
etag: "v1f6a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2020-02-19%2Bat%2B5.26.15%2BAM.png
1.bp.blogspot.com/-zRHtoHc0g_M/Xk03iK0UUcI/AAAAAAAAH1o/ULWyAPMdCzQYn_bzwJn2aq-re7ah9H8-wCLcBGAsYHQ/s30-p/ 2 KB
2 KB 14ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zRHtoHc0g_M/Xk03iK0UUcI/AAAAAAAAH1o/ULWyAPMdCzQYn_bzwJn2aq-re7ah9H8-wCLcBGAsYHQ/s30-p/Screen%2BShot%2B2020-02-19%2Bat%2B5.26.15%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f749661c02cee9c7aef6745e82a1125d68762c4759dcdbfd163e3f24bde6be57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2020-02-19 at 5.26.15 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1772
x-xss-protection: 0
server: fife
etag: "v1f5b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2019-10-17%2Bat%2B3.23.25%2BAM.png
1.bp.blogspot.com/-BFB9g8hHghc/XahDwQnC0bI/AAAAAAAAHtg/yIfJR0nnQ4oCZeThx3QJozdf_o-6plbsACLcBGAsYHQ/s30-p/ 2 KB
2 KB 18ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-BFB9g8hHghc/XahDwQnC0bI/AAAAAAAAHtg/yIfJR0nnQ4oCZeThx3QJozdf_o-6plbsACLcBGAsYHQ/s30-p/Screen%2BShot%2B2019-10-17%2Bat%2B3.23.25%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d310a2a2ad6bcac4068391482c43950cc7e672ad698641309af0c8dbaa673456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-10-17 at 3.23.25 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1990
x-xss-protection: 0
server: fife
etag: "v1eda"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2019-04-09%2Bat%2B11.33.21%2BPM.png
3.bp.blogspot.com/-xrGuSSykGbk/XK1xBfvzJkI/AAAAAAAAHek/ZnqzET1gra4g0TXilKnzVn0lYtf5ZSHNQCLcBGAs/s30-p/ 2 KB
2 KB 13ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-xrGuSSykGbk/XK1xBfvzJkI/AAAAAAAAHek/ZnqzET1gra4g0TXilKnzVn0lYtf5ZSHNQCLcBGAs/s30-p/Screen%2BShot%2B2019-04-09%2Bat%2B11.33.21%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12956acbc65984f465f513dadb036a69899a5320d464ecc44fbdff33d47d402c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-04-09 at 11.33.21 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2027
x-xss-protection: 0
server: fife
etag: "v1dea"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2019-03-25%2Bat%2B5.34.42%2BPM.png
4.bp.blogspot.com/--NaQfTZyMpY/XJs0JKp4ccI/AAAAAAAAHcE/CY_hI1R1N4wCnA8pUERPBCOR-Cth9q-5gCLcBGAs/s30-p/ 2 KB
2 KB 30ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--NaQfTZyMpY/XJs0JKp4ccI/AAAAAAAAHcE/CY_hI1R1N4wCnA8pUERPBCOR-Cth9q-5gCLcBGAs/s30-p/Screen%2BShot%2B2019-03-25%2Bat%2B5.34.42%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e0c75a3728746941983a7e3b362dd5df7c2d67dcb49567724fabb15b1ef50947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-03-25 at 5.34.42 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1848
x-xss-protection: 0
server: fife
etag: "v1dc2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2019-01-26%2Bat%2B2.24.40%2BPM.png
1.bp.blogspot.com/-rXa2_1hlcBM/XEy2wI8ErII/AAAAAAAAHYw/uHEGwusPGW8EKj_Vu8JJHaSEMa5vCcZPwCLcBGAs/s30-p/ 1 KB
1 KB 18ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rXa2_1hlcBM/XEy2wI8ErII/AAAAAAAAHYw/uHEGwusPGW8EKj_Vu8JJHaSEMa5vCcZPwCLcBGAs/s30-p/Screen%2BShot%2B2019-01-26%2Bat%2B2.24.40%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eba3881542a1ce2068c819ecebaf2f7ba9dbbf2cbde8f68eaa39a832ef66c6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-01-26 at 2.24.40 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1051
x-xss-protection: 0
server: fife
etag: "v1d8d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2019-01-22%2Bat%2B4.44.18%2BAM.png
1.bp.blogspot.com/-SewP8w1rWhA/XEbmZlh0EPI/AAAAAAAAHYE/XyZI1h8Ee4MJ1602YpwD4XTJSVxDrOr0ACLcBGAs/s30-p/ 2 KB
2 KB 17ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SewP8w1rWhA/XEbmZlh0EPI/AAAAAAAAHYE/XyZI1h8Ee4MJ1602YpwD4XTJSVxDrOr0ACLcBGAs/s30-p/Screen%2BShot%2B2019-01-22%2Bat%2B4.44.18%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

352c0ffe232c95e651a332fc322419fc55330d3c91f7fbf51ff430847ee1623f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-01-22 at 4.44.18 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2064
x-xss-protection: 0
server: fife
etag: "v1d82"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Mar 2020 00:19:08 GMT

GET
H2 200 Screen%2BShot%2B2019-01-09%2Bat%2B5.20.46%2BPM.png
4.bp.blogspot.com/-sRfvVgl_kmU/XDaN88wxo6I/AAAAAAAAHXQ/ZJYnIss-Asof-cHT7nCindJ8K0v7eaa4wCLcBGAs/s30-p/ 1 KB
1 KB 28ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-sRfvVgl_kmU/XDaN88wxo6I/AAAAAAAAHXQ/ZJYnIss-Asof-cHT7nCindJ8K0v7eaa4wCLcBGAs/s30-p/Screen%2BShot%2B2019-01-09%2Bat%2B5.20.46%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9c446e0dbaf6509c3f50825b8592884f7bf7d21aaf5b0fddaa98d7b389ecd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-01-09 at 5.20.46 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1189
x-xss-protection: 0
server: fife
etag: "v1d76"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Mar 2020 22:40:47 GMT

GET
H2 200 Screen%2BShot%2B2019-01-07%2Bat%2B3.05.10%2BAM.png
1.bp.blogspot.com/-cwiFd3zTZVc/XDMIomqSUBI/AAAAAAAAHXE/Ra1R7BgM3sUDojjS7MAXV_WCrlJYSS7gwCLcBGAs/s30-p/ 1 KB
1 KB 16ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cwiFd3zTZVc/XDMIomqSUBI/AAAAAAAAHXE/Ra1R7BgM3sUDojjS7MAXV_WCrlJYSS7gwCLcBGAs/s30-p/Screen%2BShot%2B2019-01-07%2Bat%2B3.05.10%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

83adc88a1264b185cff852951ffdd42d68761f692b9e28951d26fa20eaccf2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2019-01-07 at 3.05.10 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1254
x-xss-protection: 0
server: fife
etag: "v1d72"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:49 GMT

GET
H2 200 Screen%2BShot%2B2018-12-23%2Bat%2B9.47.56%2BPM.png
3.bp.blogspot.com/-t8zscHidTek/XCBMp2PlXqI/AAAAAAAAHVo/9ilggnaHxew6zBDoCkayTr3gjA8Ko028ACLcBGAs/s30-p/ 2 KB
2 KB 13ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-t8zscHidTek/XCBMp2PlXqI/AAAAAAAAHVo/9ilggnaHxew6zBDoCkayTr3gjA8Ko028ACLcBGAs/s30-p/Screen%2BShot%2B2018-12-23%2Bat%2B9.47.56%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eeea76d34a426787eab8f9ddf9209a6188a05f180b961b93f7fb767b908e96d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-12-23 at 9.47.56 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1620
x-xss-protection: 0
server: fife
etag: "v1d5c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2018-12-21%2Bat%2B3.14.20%2BAM.png
1.bp.blogspot.com/--UsOqUKJ80w/XByhiyP-PmI/AAAAAAAAHVA/dETYa0pXcK4IQkv6uOAQItI3TgTfw5W7QCLcBGAs/s30-p/ 1 KB
1 KB 16ms
10ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--UsOqUKJ80w/XByhiyP-PmI/AAAAAAAAHVA/dETYa0pXcK4IQkv6uOAQItI3TgTfw5W7QCLcBGAs/s30-p/Screen%2BShot%2B2018-12-21%2Bat%2B3.14.20%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f5fcff76c1da90c0cfa732560a2952a473fc0245c48c443d1df37b1d25fe3834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-12-21 at 3.14.20 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
server: fife
etag: "v1d51"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-12-15%2Bat%2B8.11.28%2BPM.png
3.bp.blogspot.com/-X6bXlNXerAg/XBXPWMljQNI/AAAAAAAAHTo/aF51svoEZgEnFK-M3dldF2DgKkhAjuuMgCLcBGAs/s30-p/ 1 KB
2 KB 12ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-X6bXlNXerAg/XBXPWMljQNI/AAAAAAAAHTo/aF51svoEZgEnFK-M3dldF2DgKkhAjuuMgCLcBGAs/s30-p/Screen%2BShot%2B2018-12-15%2Bat%2B8.11.28%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

672d64bef3ef92e42a5550c13238cc329787222e2874cbabbe4861a136d29dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-12-15 at 8.11.28 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1433
x-xss-protection: 0
server: fife
etag: "v1d3b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2018-12-09%2Bat%2B9.44.22%2BPM.png
4.bp.blogspot.com/-hHt0KfFwTsI/XA3t55C7QeI/AAAAAAAAHSA/TCipE2G3AqssZl3FKANCjGDp19fqTQAJACLcBGAs/s30-p/ 2 KB
2 KB 28ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-hHt0KfFwTsI/XA3t55C7QeI/AAAAAAAAHSA/TCipE2G3AqssZl3FKANCjGDp19fqTQAJACLcBGAs/s30-p/Screen%2BShot%2B2018-12-09%2Bat%2B9.44.22%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

83a2e9e77e37f8142be840b51bfe16f27c7d857ca614550e93aa860eb29391a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-12-09 at 9.44.22 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1711
x-xss-protection: 0
server: fife
etag: "v1d21"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-11-26%2Bat%2B5.06.22%2BAM.png
1.bp.blogspot.com/-s4gRRh4SEBs/W_vGIYXDYqI/AAAAAAAAHPI/Qlo-fQDqDuU-DvFARNmnwuX3Mr52mmWRgCLcBGAs/s30-p/ 1 KB
1 KB 15ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-s4gRRh4SEBs/W_vGIYXDYqI/AAAAAAAAHPI/Qlo-fQDqDuU-DvFARNmnwuX3Mr52mmWRgCLcBGAs/s30-p/Screen%2BShot%2B2018-11-26%2Bat%2B5.06.22%2BAM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f5b92e0c5428ee48219650011e0bcf48607dd9a390f1b36384fb38087b67f24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-11-26 at 5.06.22 AM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1352
x-xss-protection: 0
server: fife
etag: "v1cf3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 image1_macro_debuggin.png
1.bp.blogspot.com/-5MqO54-Xh2E/W_e_jEsacqI/AAAAAAAAHOc/3ICdhvTV02YIZylAvfZrC4tRLlksL6nDQCLcBGAs/s30-p/ 1 KB
1 KB 14ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-5MqO54-Xh2E/W_e_jEsacqI/AAAAAAAAHOc/3ICdhvTV02YIZylAvfZrC4tRLlksL6nDQCLcBGAs/s30-p/image1_macro_debuggin.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a400d73caf87f08fa624b8ac9100a38d076f736bd718cc7131331b35c5e885c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="image1_macro_debuggin.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1081
x-xss-protection: 0
server: fife
etag: "v1ce8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:04 GMT

GET
H2 200 Screen%2BShot%2B2018-11-06%2Bat%2B4.39.53%2BPM.png
1.bp.blogspot.com/--cp1FNG6T40/W-J9-aFanZI/AAAAAAAAHMw/e4iaqzE9t_A5myXDmEJ8MlJdh-7o4EchQCLcBGAs/s30-p/ 2 KB
2 KB 14ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--cp1FNG6T40/W-J9-aFanZI/AAAAAAAAHMw/e4iaqzE9t_A5myXDmEJ8MlJdh-7o4EchQCLcBGAs/s30-p/Screen%2BShot%2B2018-11-06%2Bat%2B4.39.53%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

870c88fd51fa56c52989ef0e94f106c46aef8e2036ad694d72cb02a8e307785f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-11-06 at 4.39.53 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1937
x-xss-protection: 0
server: fife
etag: "v1ccd"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-11-04%2Bat%2B8.44.34%2BPM.png
1.bp.blogspot.com/-05o9SnLltcw/W9-hH5gi4qI/AAAAAAAAHMM/9H71sQ89poQido3PSK81lJnYuzDvqmqBwCLcBGAs/s30-p/ 2 KB
2 KB 13ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-05o9SnLltcw/W9-hH5gi4qI/AAAAAAAAHMM/9H71sQ89poQido3PSK81lJnYuzDvqmqBwCLcBGAs/s30-p/Screen%2BShot%2B2018-11-04%2Bat%2B8.44.34%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c239d58c774a19f664eb6ab5004a6ae3c449325ee5998ba65f892df4d6a5971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-11-04 at 8.44.34 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1646
x-xss-protection: 0
server: fife
etag: "v1cc4"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-10-30%2Bat%2B6.58.15%2BPM.png
2.bp.blogspot.com/-Rz7n-eamwX4/W9jkh5B1wUI/AAAAAAAAHKQ/ZyZ7fueFMnMceFlK9KOo8AqUqPy_9yB3wCLcBGAs/s30-p/ 1 KB
1 KB 34ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Rz7n-eamwX4/W9jkh5B1wUI/AAAAAAAAHKQ/ZyZ7fueFMnMceFlK9KOo8AqUqPy_9yB3wCLcBGAs/s30-p/Screen%2BShot%2B2018-10-30%2Bat%2B6.58.15%2BPM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

146cf03f372f999168d4ec2a94380976f15f17fbfb08fbffde1c1a5f67438fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-10-30 at 6.58.15 PM.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1196
x-xss-protection: 0
server: fife
etag: "v1ca6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:13 GMT

GET
H2 200 Screen%2BShot%2B2018-09-10%2Bat%2B00.38.47.png
2.bp.blogspot.com/-PIyOirFZV6Y/W5YpFQcTVFI/AAAAAAAAHGw/T7-XrQawAkY6BaNc0J-3S0aMzsar2Z-jwCLcBGAs/s30-p/ 2 KB
3 KB 33ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-PIyOirFZV6Y/W5YpFQcTVFI/AAAAAAAAHGw/T7-XrQawAkY6BaNc0J-3S0aMzsar2Z-jwCLcBGAs/s30-p/Screen%2BShot%2B2018-09-10%2Bat%2B00.38.47.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5114816a47dc958d23af84763e576b236d08aa1366f10b5ec37d2ba5052b74c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-09-10 at 00.38.47.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2135
x-xss-protection: 0
server: fife
etag: "v1c6d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:13 GMT

GET
H2 200 Screen%2BShot%2B2018-09-06%2Bat%2B04.48.03.png
4.bp.blogspot.com/-uYF2NQ20lCo/W5DqRi1JG3I/AAAAAAAAHFg/8Ha8vfsn23wxxrekXp5gepLwWs072EkVwCLcBGAs/s30-p/ 1 KB
1 KB 26ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-uYF2NQ20lCo/W5DqRi1JG3I/AAAAAAAAHFg/8Ha8vfsn23wxxrekXp5gepLwWs072EkVwCLcBGAs/s30-p/Screen%2BShot%2B2018-09-06%2Bat%2B04.48.03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

439476ca5fd109c0aeb8e6c55d4cc4e2e772a27a582c49109494f06f40c95cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-09-06 at 04.48.03.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1298
x-xss-protection: 0
server: fife
etag: "v1c59"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-08-28%2Bat%2B03.03.10.png
2.bp.blogspot.com/-9ubYbrXWp9k/W4T0eMzLBCI/AAAAAAAAHDw/oLJVlmoiBqQalzT-Eppbdu4TMBbBoIerQCLcBGAs/s30-p/ 1 KB
2 KB 36ms
11ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-9ubYbrXWp9k/W4T0eMzLBCI/AAAAAAAAHDw/oLJVlmoiBqQalzT-Eppbdu4TMBbBoIerQCLcBGAs/s30-p/Screen%2BShot%2B2018-08-28%2Bat%2B03.03.10.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1ad705e628a38ac534ff5357e88b0ebe199385bd3afbc6a8a75eeadd9885fd24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-08-28 at 03.03.10.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1472
x-xss-protection: 0
server: fife
etag: "v1c3d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:13 GMT

GET
H2 200 Screen%2BShot%2B2018-08-19%2Bat%2B07.00.01.png
4.bp.blogspot.com/-iIEkOuxfkNc/W3lRgAF9MlI/AAAAAAAAHAk/BrzQCvSlnYkPBhF9wSjllynsDLLUPJ2CQCLcBGAs/s30-p/ 2 KB
2 KB 27ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-iIEkOuxfkNc/W3lRgAF9MlI/AAAAAAAAHAk/BrzQCvSlnYkPBhF9wSjllynsDLLUPJ2CQCLcBGAs/s30-p/Screen%2BShot%2B2018-08-19%2Bat%2B07.00.01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82def3e3ea5794d68c07253d6d5b547985b3bea4227b6942a29fba62fde49a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-08-19 at 07.00.01.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
server: fife
etag: "v1c0a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-08-04%2Bat%2B03.25.26.png
1.bp.blogspot.com/-FsUD_n2eD3E/W2YW4hdyigI/AAAAAAAAG-w/0gTTGBZBLsEcc89IQ7d89Pw3S9sJ1bMzgCLcBGAs/s30-p/ 2 KB
2 KB 16ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FsUD_n2eD3E/W2YW4hdyigI/AAAAAAAAG-w/0gTTGBZBLsEcc89IQ7d89Pw3S9sJ1bMzgCLcBGAs/s30-p/Screen%2BShot%2B2018-08-04%2Bat%2B03.25.26.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

882b7316b4f9053b6debabf8bf1d257950264d501cd30cd2c48972c59a164a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-08-04 at 03.25.26.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
server: fife
etag: "v1bed"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Mar 2020 00:19:08 GMT

GET
H2 200 Screen%2BShot%2B2018-07-29%2Bat%2B01.10.00.png
4.bp.blogspot.com/-CRdVdC0Psrc/W11XGprudiI/AAAAAAAAG9A/MMMwtq_S0a0QdZoOxGcShZ9Nn1nO_-gyACLcBGAs/s30-p/ 2 KB
2 KB 25ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-CRdVdC0Psrc/W11XGprudiI/AAAAAAAAG9A/MMMwtq_S0a0QdZoOxGcShZ9Nn1nO_-gyACLcBGAs/s30-p/Screen%2BShot%2B2018-07-29%2Bat%2B01.10.00.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c678636b42cce155be48ee783b75a30e2851d08e7f81e5b6279520a24746d917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-07-29 at 01.10.00.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1721
x-xss-protection: 0
server: fife
etag: "v1bd1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:38 GMT

GET
H2 200 Screen%2BShot%2B2018-07-16%2Bat%2B03.25.42.png
2.bp.blogspot.com/-f4Sj9uOIEW8/W0xYno2IYqI/AAAAAAAAG8Q/trx0J_kbvmsb7SjLdIpP9Sg-JVWyghuxQCLcBGAs/s30-p/ 2 KB
2 KB 35ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-f4Sj9uOIEW8/W0xYno2IYqI/AAAAAAAAG8Q/trx0J_kbvmsb7SjLdIpP9Sg-JVWyghuxQCLcBGAs/s30-p/Screen%2BShot%2B2018-07-16%2Bat%2B03.25.42.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

649900d3905b9f2e7b125937917a96a473c0f3215cb51808d744bca68b081691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-07-16 at 03.25.42.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1639
x-xss-protection: 0
server: fife
etag: "v1bc5"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:13 GMT

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7854598c392f12088882e30255a5e2f3f133e76dd011da794ec2c17aaf863ffb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/ 140 KB
49 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?_=1584720048433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b45790f58b5d8c376ea8320617b5defa1c88576b7b8df5abf1337a758adba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 21 Jan 2020 20:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Jan 2020 20:40:07 GMT
server: sffe
age: 5082275
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 50234
x-xss-protection: 0
expires: Wed, 20 Jan 2021 20:16:16 GMT

GET
H/1.1 200
OK widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html
platform.twitter.com/widgets/ Frame 87B3 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d0f13be8321eb432fba28cfc1c3351b1.html?origin=https%3A%2F%2Fwww.vkremez.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 64960
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Mar 2020 16:00:51 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 19 Mar 2020 21:12:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A3)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
DATA 200
OK truncated
/ 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 052f2ec11a647f6dd64ac9a381637be7a2bdf8bce816fbb527cd5ed7ba188e0f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Screen%2BShot%2B2018-04-08%2Bat%2B15.39.55.png
4.bp.blogspot.com/-lfpI23_lx5A/Wsp4iOyl24I/AAAAAAAAG1M/gQPrA4N06YoFjQVitVCosujP5qBs8tulACLcBGAs/s640/ 82 KB
82 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-lfpI23_lx5A/Wsp4iOyl24I/AAAAAAAAG1M/gQPrA4N06YoFjQVitVCosujP5qBs8tulACLcBGAs/s640/Screen%2BShot%2B2018-04-08%2Bat%2B15.39.55.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d35858175698669a30e2742d4f4c2f1891b420d7cbed05ab750c0b95f6a92ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-08 at 15.39.55.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83798
x-xss-protection: 0
server: fife
etag: "v1b54"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 15:53:47 GMT

GET
H2 200 Screen%2BShot%2B2018-04-08%2Bat%2B16.40.00.png
2.bp.blogspot.com/-3-JtGdwV8zU/Wsp-Ms3fbjI/AAAAAAAAG1c/gyTIIgTrXNIJCF2zBxTStcOr4R4nS6eEQCLcBGAs/s640/ 47 KB
48 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3-JtGdwV8zU/Wsp-Ms3fbjI/AAAAAAAAG1c/gyTIIgTrXNIJCF2zBxTStcOr4R4nS6eEQCLcBGAs/s640/Screen%2BShot%2B2018-04-08%2Bat%2B16.40.00.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79a8035fcd6e914f98404de3cdcc4aaa28403288a523b17a9be429166d6f56cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-08 at 16.40.00.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 48625
x-xss-protection: 0
server: fife
etag: "v1b58"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 15:53:47 GMT

GET
H2 200 Screen%2BShot%2B2018-04-08%2Bat%2B15.15.25.png
4.bp.blogspot.com/-A7w_UrZPoho/Wsp_7Ku0skI/AAAAAAAAG1o/wgp_Q-ZlyxQue1NpJ4MrACrv8eXI5iPTACLcBGAs/s640/ 306 KB
306 KB 16ms
15ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-A7w_UrZPoho/Wsp_7Ku0skI/AAAAAAAAG1o/wgp_Q-ZlyxQue1NpJ4MrACrv8eXI5iPTACLcBGAs/s640/Screen%2BShot%2B2018-04-08%2Bat%2B15.15.25.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e48cb741335f699e0923ad1ecd5e05ef7e12905eccc6183700751209dce87961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:47 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-08 at 15.15.25.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 312985
x-xss-protection: 0
server: fife
etag: "v1b5b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 15:53:47 GMT

GET
H/1.1 200
OK moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js Show response
platform.twitter.com/js/ 24 KB
8 KB 9ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B6) /
Resource Hash: f13585ddb86f9ec0432f36eae40bcaabe3aad166eff8424b27082c2b8174a3a2

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 20 Mar 2020 16:00:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:51 GMT
Server: ECS (fcn/40B6)
Age: 64960
Etag: "e137faa829d69782b030b8ae591989d1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7864

GET
H/1.1 200
OK tweet.9aa9eda3c163ec539c16aef0d822d807.js Show response
platform.twitter.com/js/ 16 KB
6 KB 15ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.9aa9eda3c163ec539c16aef0d822d807.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash: f42a719c42729853609255c0f4e029aa6ae44a9a9925743394343a8a0265a110

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 20 Mar 2020 16:00:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:51 GMT
Server: ECS (fcn/419E)
Age: 64960
Etag: "f87f962919a6220b09193a0007706785+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 5434

GET
H2 200 default Show response
www.blogger.com/feeds/3986785863650565253/posts/ 2 MB
205 KB 953ms
953ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/3986785863650565253/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&published-max=2018-07-16T09%3A07%3A00.002Z&rewriteforssl=true&callback=jQuery1125007078886215423297_1584720048431&_=1584720048434

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9af974c47e6eb1e6a7e3f02dabd80c97924b57683b4dfe1acbd15f5d6f53b4fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
vary: Accept, X-GData-Authorization, GData-Version
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
date: Fri, 20 Mar 2020 16:00:52 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Mar 2020 07:56:53 GMT
server: GSE
etag: W/"CUMFQng-eSp7ImA9XB5QGUw."
x-frame-options: SAMEORIGIN
gdata-version: 2.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-transform
x-content-type-options: nosniff
expires: Fri, 20 Mar 2020 16:00:52 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
338 B 142ms
142ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1584720051680%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Fri, 20 Mar 2020 16:00:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fb3d6b3c3a72d66baa830f1e736e683e
x-transaction: 00ded75c003f9397
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 17 KB
3 KB 211ms
192ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1227976106227224578&lang=en&suppress_response_codes=true&theme=dark&tz=GMT%2B0100

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ee0a8e7c129727981602e96c4c7098bd042f55043325cd3b42a65a410cf3cb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 3156
x-xss-protection: 0
x-response-time: 166
last-modified: Fri, 20 Mar 2020 16:00:51 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: b856394610c32e30097c9f264623f3e8
timing-allow-origin: *
x-transaction: 00751c9e00cc9603
expires: Fri, 20 Mar 2020 16:01:51 GMT

GET
H2 200 1f525.png
abs.twimg.com/emoji/v2/72x72/ 928 B
1 KB 32ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f525.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 25231008
x-ton-expected-size: 928
x-cache: HIT
status: 200
content-length: 928
x-response-time: 32
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECS (fcn/40D1)
etag: "SGKFnTk7KmjONB+h88D/mw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ca137d675914392c36bd71348d989493
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f195.png
abs.twimg.com/emoji/v2/72x72/ 668 B
797 B 49ms
23ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f195.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

6fa828cde4b044fad032514553b15fa2998e078311463756050bad4c4c0b9420

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 26220414
x-ton-expected-size: 668
x-cache: HIT
status: 200
content-length: 668
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Fri, 30 Nov 2018 21:51:58 GMT
server: ECS (fcn/40D1)
etag: "xEoC/el7kDha3Sq73MBsTA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 23aa0098e3ace09140848265ea167d9a
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f1f7-1f1fa.png
abs.twimg.com/emoji/v2/72x72/ 246 B
390 B 49ms
24ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f7-1f1fa.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

ca8b79adfa2c335f9ffda48e79259a64d39e99afa0407e4a4f06ef46d6fb1e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 27703726
x-ton-expected-size: 246
x-cache: HIT
status: 200
content-length: 246
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/40DE)
etag: "FWMYqZVaAmXVod1C5LY98Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b3d744084387470902d26a69953a8889
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 23e9.png
abs.twimg.com/emoji/v2/72x72/ 389 B
532 B 50ms
24ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/23e9.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

453c96acaf77939f88dc3caf9b77fa4265a1fcd008e26a0d06b74291024b01da

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 28466574
x-ton-expected-size: 389
x-cache: HIT
status: 200
content-length: 389
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:41 GMT
server: ECS (fcn/419E)
etag: "mHM8bz1QZN5qEC0/Sok8mw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 69616f9f3b2c50e8a0bac635638c63f9
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f1fa-1f1f8.png
abs.twimg.com/emoji/v2/72x72/ 350 B
492 B 50ms
25ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1fa-1f1f8.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 24739595
x-ton-expected-size: 350
x-cache: HIT
status: 200
content-length: 350
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:28 GMT
server: ECS (fcn/40B0)
etag: "j8ni8YtWAiMly2HzeBO1jw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a81e5f72a7075fc1c0098747d26e53d7
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f4c9.png
abs.twimg.com/emoji/v2/72x72/ 726 B
870 B 50ms
24ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4c9.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

579ae4fc4f4666d0177f25dc10379d7f147353006063a8903599976e3e6526b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 27334522
x-ton-expected-size: 726
x-cache: HIT
status: 200
content-length: 726
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:31:06 GMT
server: ECS (fcn/40B3)
etag: "Cl9ge58w3w+BkEMBmHp0Qg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2a73c4eee184662ec8436177bec76d88
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 31-20e3.png
abs.twimg.com/emoji/v2/72x72/ 315 B
454 B 9ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/31-20e3.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

2df18edfc32d604689469f21882532c20c7bf692548923d9669c5b379389fb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 11209251
x-ton-expected-size: 315
x-cache: HIT
status: 200
content-length: 315
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40F7)
etag: "Tk/4QHZoRlF5Eyx1qJ1JtA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ddb6ad5e12a605fe0078016ef414cf47
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 32-20e3.png
abs.twimg.com/emoji/v2/72x72/ 509 B
629 B 10ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/32-20e3.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

e39f19ca769e259726aca4ae99b2ae6a137e038a3bf5492a683c79df4b44ea47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 11457403
x-ton-expected-size: 509
x-cache: HIT
status: 200
content-length: 509
x-response-time: 59
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40B1)
etag: "d7o4l6/MbEjbpBL37Ou5FA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 29405e1ff4a3e17aaf1194efddcaf469
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 2935.png
abs.twimg.com/emoji/v2/72x72/ 443 B
559 B 10ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2935.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AE) /

Resource Hash

3dbcaaddeaadf7f1d80098890e622c489dc5fc3ec3b6239f24acbf07103dcc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 28652657
x-ton-expected-size: 443
x-cache: HIT
status: 200
content-length: 443
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/41AE)
etag: "Bo7WKqtcuANlfxdyucfyjw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 94f53c9b63cf45b0adc362595fb8ea75
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f47f.png
abs.twimg.com/emoji/v2/72x72/ 750 B
893 B 11ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f47f.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

ac07ad0d272514849144a78b87d5949a4f42b3e560e29c8cfb0e78f77da982ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 26706389
x-ton-expected-size: 750
x-cache: HIT
status: 200
content-length: 750
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:01 GMT
server: ECS (fcn/40D7)
etag: "00RxY8HfTQHQ8F4SNO7q1g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 8533174e02dc69f0cda59c26c54bbad8
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f9a0.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
2 KB 11ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9a0.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

1fbee0e57b5965130b857034ea337f939fdda31ab3ad771ab741ca851e4d3b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 19231256
x-ton-expected-size: 1506
x-cache: HIT
status: 200
content-length: 1506
x-response-time: 65
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:16 GMT
server: ECS (fcn/4185)
etag: "IfEDgIhY8k68SiOgNc5/OQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 351699b592d00b53bac9d38db59d51f6
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f526.png
abs.twimg.com/emoji/v2/72x72/ 486 B
607 B 11ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f526.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

f3213abe514f8fe79645ae0b911954984c0ea75c38af968473781fcf03b195dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 24176708
x-ton-expected-size: 486
x-cache: HIT
status: 200
content-length: 486
x-response-time: 16
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECS (fcn/41A9)
etag: "eMNwp2I879oIprbR4+PbJg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 987768934069a8f1bed835a26bb492d6
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 2795.png
abs.twimg.com/emoji/v2/72x72/ 236 B
375 B 12ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2795.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

f76f0ea18167458d10ab7315e0df8fd9bf843abf629e37529bbd8590db89ea7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 12761903
x-ton-expected-size: 236
x-cache: HIT
status: 200
content-length: 236
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:14:32 GMT
server: ECS (fcn/41A1)
etag: "KlmXL9ip4Sp7EdKLSxPusg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 872b77cc0a78524df17a52fc5672dcd8
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H/1.1 200
OK tweet.d41c1d7e4bac44f4658ca45d09564e79.dark.ltr.css
platform.twitter.com/css/ 52 KB
12 KB 8ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.d41c1d7e4bac44f4658ca45d09564e79.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash: 2d32e9ba140c958687b6e782cdc101aab3e23921b3134438dc7fb0fb703db083

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 20 Mar 2020 16:00:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:47 GMT
Server: ECS (fcn/4185)
Age: 64960
Etag: "f0f7f0a36cc8381da34f36389838bf8d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11608

GET
H/1.1 200
OK tweet.d41c1d7e4bac44f4658ca45d09564e79.dark.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 9ms
8ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.d41c1d7e4bac44f4658ca45d09564e79.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 20 Mar 2020 16:00:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Mar 2020 21:12:47 GMT
Server: ECS (fcn/4185)
Age: 64960
Etag: "f0f7f0a36cc8381da34f36389838bf8d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11608

GET
H2 200 1f525.png
abs.twimg.com/emoji/v2/72x72/ 928 B
1 KB 20ms
9ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f525.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 25231008
x-ton-expected-size: 928
x-cache: HIT
status: 200
content-length: 928
x-response-time: 32
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECS (fcn/40D1)
etag: "SGKFnTk7KmjONB+h88D/mw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ca137d675914392c36bd71348d989493
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f195.png
abs.twimg.com/emoji/v2/72x72/ 668 B
797 B 21ms
10ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f195.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

6fa828cde4b044fad032514553b15fa2998e078311463756050bad4c4c0b9420

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 26220414
x-ton-expected-size: 668
x-cache: HIT
status: 200
content-length: 668
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Fri, 30 Nov 2018 21:51:58 GMT
server: ECS (fcn/40D1)
etag: "xEoC/el7kDha3Sq73MBsTA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 23aa0098e3ace09140848265ea167d9a
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f1f7-1f1fa.png
abs.twimg.com/emoji/v2/72x72/ 246 B
390 B 21ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f7-1f1fa.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

ca8b79adfa2c335f9ffda48e79259a64d39e99afa0407e4a4f06ef46d6fb1e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 27703726
x-ton-expected-size: 246
x-cache: HIT
status: 200
content-length: 246
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/40DE)
etag: "FWMYqZVaAmXVod1C5LY98Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b3d744084387470902d26a69953a8889
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 23e9.png
abs.twimg.com/emoji/v2/72x72/ 389 B
532 B 21ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/23e9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

453c96acaf77939f88dc3caf9b77fa4265a1fcd008e26a0d06b74291024b01da

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 28466574
x-ton-expected-size: 389
x-cache: HIT
status: 200
content-length: 389
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:41 GMT
server: ECS (fcn/419E)
etag: "mHM8bz1QZN5qEC0/Sok8mw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 69616f9f3b2c50e8a0bac635638c63f9
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f1fa-1f1f8.png
abs.twimg.com/emoji/v2/72x72/ 350 B
423 B 21ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1fa-1f1f8.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 24739595
x-ton-expected-size: 350
x-cache: HIT
status: 200
content-length: 350
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:28 GMT
server: ECS (fcn/40B0)
etag: "j8ni8YtWAiMly2HzeBO1jw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a81e5f72a7075fc1c0098747d26e53d7
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f4c9.png
abs.twimg.com/emoji/v2/72x72/ 726 B
870 B 21ms
11ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4c9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

579ae4fc4f4666d0177f25dc10379d7f147353006063a8903599976e3e6526b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 27334522
x-ton-expected-size: 726
x-cache: HIT
status: 200
content-length: 726
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:31:06 GMT
server: ECS (fcn/40B3)
etag: "Cl9ge58w3w+BkEMBmHp0Qg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2a73c4eee184662ec8436177bec76d88
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 31-20e3.png
abs.twimg.com/emoji/v2/72x72/ 315 B
388 B 21ms
12ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/31-20e3.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

2df18edfc32d604689469f21882532c20c7bf692548923d9669c5b379389fb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 11209251
x-ton-expected-size: 315
x-cache: HIT
status: 200
content-length: 315
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40F7)
etag: "Tk/4QHZoRlF5Eyx1qJ1JtA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ddb6ad5e12a605fe0078016ef414cf47
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 32-20e3.png
abs.twimg.com/emoji/v2/72x72/ 509 B
582 B 22ms
12ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/32-20e3.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

e39f19ca769e259726aca4ae99b2ae6a137e038a3bf5492a683c79df4b44ea47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 11457403
x-ton-expected-size: 509
x-cache: HIT
status: 200
content-length: 509
x-response-time: 59
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40B1)
etag: "d7o4l6/MbEjbpBL37Ou5FA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 29405e1ff4a3e17aaf1194efddcaf469
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 2935.png
abs.twimg.com/emoji/v2/72x72/ 443 B
516 B 22ms
12ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2935.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AE) /

Resource Hash

3dbcaaddeaadf7f1d80098890e622c489dc5fc3ec3b6239f24acbf07103dcc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 28652657
x-ton-expected-size: 443
x-cache: HIT
status: 200
content-length: 443
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/41AE)
etag: "Bo7WKqtcuANlfxdyucfyjw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 94f53c9b63cf45b0adc362595fb8ea75
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f47f.png
abs.twimg.com/emoji/v2/72x72/ 750 B
823 B 22ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f47f.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

ac07ad0d272514849144a78b87d5949a4f42b3e560e29c8cfb0e78f77da982ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 26706389
x-ton-expected-size: 750
x-cache: HIT
status: 200
content-length: 750
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:50:01 GMT
server: ECS (fcn/40D7)
etag: "00RxY8HfTQHQ8F4SNO7q1g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 8533174e02dc69f0cda59c26c54bbad8
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f9a0.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
2 KB 19ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9a0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

1fbee0e57b5965130b857034ea337f939fdda31ab3ad771ab741ca851e4d3b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 19231256
x-ton-expected-size: 1506
x-cache: HIT
status: 200
content-length: 1506
x-response-time: 65
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:16 GMT
server: ECS (fcn/4185)
etag: "IfEDgIhY8k68SiOgNc5/OQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 351699b592d00b53bac9d38db59d51f6
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 1f526.png
abs.twimg.com/emoji/v2/72x72/ 486 B
559 B 19ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f526.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

f3213abe514f8fe79645ae0b911954984c0ea75c38af968473781fcf03b195dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 24176708
x-ton-expected-size: 486
x-cache: HIT
status: 200
content-length: 486
x-response-time: 16
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECS (fcn/41A9)
etag: "eMNwp2I879oIprbR4+PbJg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 987768934069a8f1bed835a26bb492d6
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 2795.png
abs.twimg.com/emoji/v2/72x72/ 236 B
309 B 20ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2795.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.99ce5e0e4617985354c5c426d7e1b9f4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

f76f0ea18167458d10ab7315e0df8fd9bf843abf629e37529bbd8590db89ea7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 12761903
x-ton-expected-size: 236
x-cache: HIT
status: 200
content-length: 236
x-response-time: 20
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:14:32 GMT
server: ECS (fcn/41A1)
etag: "KlmXL9ip4Sp7EdKLSxPusg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 872b77cc0a78524df17a52fc5672dcd8
accept-ranges: bytes
expires: Sat, 20 Mar 2021 16:00:51 GMT

GET
H2 200 POeCVOIW_normal.jpg
pbs.twimg.com/profile_images/781924841062592512/ 2 KB
2 KB 74ms
66ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/781924841062592512/POeCVOIW_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

8f86e5f042e2a93ed6843abbd7c534088bfbb6e031c87e9f036f1729a56c28b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 595529
x-cache: HIT
status: 200
content-length: 1807
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/8 profile_images/781924841062592512
last-modified: Fri, 30 Sep 2016 18:31:04 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 64da6e2f91816acd8c33e801f12ed6fd
accept-ranges: bytes

GET
H2 200 EQqlvyzXYAEAotT
pbs.twimg.com/media/ 45 KB
45 KB 73ms
66ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqlvyzXYAEAotT?format=png&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

4f7b1c43fb8357c6cf2f2556f23010172d37614e95dcab92a623f6e99a1d95ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 324250
x-cache: HIT
status: 200
content-length: 46042
x-response-time: 126
surrogate-key: media media/bucket/6 media/1227976088921530369
last-modified: Thu, 13 Feb 2020 15:19:28 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2d76e1aa1ecd9ea72d283b16840a2588
accept-ranges: bytes

GET
H2 200 EQqlvyzXYAIPxa8
pbs.twimg.com/media/ 47 KB
47 KB 23ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqlvyzXYAIPxa8?format=jpg&name=small

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

e9d98abe3d4fbb7fd31ae469783caf6a1d80c9a36ad020475e5292e357a1df36

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 77379
x-cache: HIT
status: 200
content-length: 48059
x-response-time: 120
surrogate-key: media media/bucket/8 media/1227976088921530370
last-modified: Thu, 13 Feb 2020 15:19:28 GMT
server: ECS (fcn/41A6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d2c784b83ffa5ab692287f1810b1c876
accept-ranges: bytes

GET
H2 200 EQqlvy1X0AA7J1E
pbs.twimg.com/media/ 29 KB
29 KB 21ms
14ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqlvy1X0AA7J1E?format=png&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EB) /

Resource Hash

99201ab2d4c2f6caefa3f2cde71c519aa979a4862988e7ae6912e48e7e483611

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 324250
x-cache: HIT
status: 200
content-length: 30032
x-response-time: 115
surrogate-key: media media/bucket/6 media/1227976088929947648
last-modified: Thu, 13 Feb 2020 15:19:28 GMT
server: ECS (fcn/40EB)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 535650da5f99d3b50c6201e8f2721521
accept-ranges: bytes

GET
H2 200 EQmlDh1WAAECpxP
pbs.twimg.com/media/ 14 KB
15 KB 19ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQmlDh1WAAECpxP?format=jpg&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

b3828434e23b0389838137dc0efcaecb531d55be92c6ccb7a9043dd86f184ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 461476
x-cache: HIT
status: 200
content-length: 14748
x-response-time: 187
surrogate-key: media media/bucket/2 media/1227693853475471361
last-modified: Wed, 12 Feb 2020 20:37:58 GMT
server: ECS (fcn/4190)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fc5db1badc7c49916a5d56d504c7cf68
accept-ranges: bytes

GET
H2 200 EQmlDibXsAMLsOo
pbs.twimg.com/media/ 15 KB
15 KB 73ms
66ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQmlDibXsAMLsOo?format=jpg&name=360x360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EB) /

Resource Hash

60581ec368594c638ddd14b3e140ce3a9a171b3a60f4cfb56082fe34f5a774b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 16:00:51 GMT
x-content-type-options: nosniff
age: 461476
x-cache: HIT
status: 200
content-length: 14858
x-response-time: 156
surrogate-key: media media/bucket/9 media/1227693853634965507
last-modified: Wed, 12 Feb 2020 20:37:58 GMT
server: ECS (fcn/40EB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d11733e2613e58eb1bb1fd88294202ae
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15b633de152c3e5d6fcdf18cc330a12eff8517bdfafdf1be382bdc1d238b6a8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37e09f63c3163da166a1cfe7c08e1aaedee1f0c7910049a3f4935c986beaaa09

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 879f717950260355086f8f60af83c0c2574c9cb86d96b19d92166500e130d5d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame E148
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.vkremez.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 64961
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Mar 2020 16:00:52 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 19 Mar 2020 21:21:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AE)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 20 Mar 2020 16:00:52 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 20 Mar 2020 16:00:52 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: fb3d6b3c3a72d66baa830f1e736e683e
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 120
x-transaction: 00281efe0018aa11
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 lets-learn-inside-parallax-rat-malware.html Show response
www.vkremez.com/2020/02/ 21 KB
5 KB 154ms
154ms XHR
text/html 2606:4700:3031::681c:153e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vkremez.com/2020/02/lets-learn-inside-parallax-rat-malware.html?dynamicviews=1&v=0

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:153e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d3b493096c09c618c405bfa26a8acba4b368760d012b29f6fdc4f825feeae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Mar 2020 16:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 11 Mar 2020 07:56:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, max-age=0
cf-ray: 5770a608284a9ab0-FRA
x-xss-protection: 1; mode=block
expires: Fri, 20 Mar 2020 16:00:52 GMT

GET
H/1.1 200
OK tweet_button.html
platform.twitter.com/widgets/ Frame 9578 0
0 9ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.vkremez.com%2F2020%2F02%2Flets-learn-inside-parallax-rat-malware.html&count=horizontal&text=Let%27s%20Learn%3A%20Inside%20Parallax%20RAT%20Malware%3A%20Process%20Hollowing%20Injection%20%26%20Process%20Doppelg%C3%A4nging%20API%20Mix%3A%20Part%20I&size=medium
Requested by: Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1458
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Mar 2020 16:00:52 GMT
Etag: "d6e03d1be2ee804ffae86a30f5561e8b+gzip"
Last-Modified: Thu, 19 Mar 2020 21:22:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 19395

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 4C76 0
0 56ms
56ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.vkremez.com%2F2020%2F02%2Flets-learn-inside-parallax-rat-malware.html&send=false&layout=button_count&action=like&show_faces=false&colorscheme=light

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.vkremez.com%2F2020%2F02%2Flets-learn-inside-parallax-rat-malware.html&send=false&layout=button_count&action=like&show_faces=false&colorscheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: K50722tLOuy+qk59y81irg38Pslq1QCxP5UcgtcsHzTo0S/tVmQNDG7t5emmL2wQ1l1QL5t2Whapc0kfZ4rPiQ==
date: Fri, 20 Mar 2020 16:00:52 GMT Fri, 20 Mar 2020 16:00:52 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H/1.1 200
OK tweet_button.html
platform.twitter.com/widgets/ Frame 39AE 0
0 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&count=horizontal&text=Let%27s%20Learn%3A%20In-Depth%20Reversing%20of%20GrandSoft%20Exploit%20Kit%20PluginDetect%20Version%20%220.9.1%22%20and%20Its%20VBScript%20Memory%20Corruption%20CVE-2016-0189%20Exploit&size=medium
Requested by: Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1458
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Mar 2020 16:00:52 GMT
Etag: "d6e03d1be2ee804ffae86a30f5561e8b+gzip"
Last-Modified: Thu, 19 Mar 2020 21:22:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 19395

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 6C78 0
0 68ms
65ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&send=false&layout=button_count&action=like&show_faces=false&colorscheme=light

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.vkremez.com%2F2018%2F04%2Flets-learn-in-depth-reversing-of.html&send=false&layout=button_count&action=like&show_faces=false&colorscheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: +3HecKUbbgTH7yPzheHrUE1qNNr8pV+33BhDvbujO+8xIqnKGij72v4PBl8uNA/wcoRzEg0BlyXXiUyujW55qw==
date: Fri, 20 Mar 2020 16:00:52 GMT Fri, 20 Mar 2020 16:00:52 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 Screen%2BShot%2B2018-04-13%2Bat%2B10.33.03.png
2.bp.blogspot.com/-fydaerkDxjQ/WtDLm-RpkOI/AAAAAAAAG28/nTUrc-tHQOMjZOQ0W5JPcpNLQf_15u6QwCLcBGAs/s30-p/ 1 KB
1 KB 8ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-fydaerkDxjQ/WtDLm-RpkOI/AAAAAAAAG28/nTUrc-tHQOMjZOQ0W5JPcpNLQf_15u6QwCLcBGAs/s30-p/Screen%2BShot%2B2018-04-13%2Bat%2B10.33.03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c2314a555c78ee37c995eaa1b964e1e889bb23bb32dc86b4d9fa4f0af0a3d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-13 at 10.33.03.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1185
x-xss-protection: 0
server: fife
etag: "v1b70"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 Screen%2BShot%2B2018-04-08%2Bat%2B15.39.55.png
4.bp.blogspot.com/-lfpI23_lx5A/Wsp4iOyl24I/AAAAAAAAG1M/gQPrA4N06YoFjQVitVCosujP5qBs8tulACLcBGAs/s30-p/ 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-lfpI23_lx5A/Wsp4iOyl24I/AAAAAAAAG1M/gQPrA4N06YoFjQVitVCosujP5qBs8tulACLcBGAs/s30-p/Screen%2BShot%2B2018-04-08%2Bat%2B15.39.55.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4aaf228ccea0266ab752855d33240266d89fd483fb62eaf52d5558d417253be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-08 at 15.39.55.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1323
x-xss-protection: 0
server: fife
etag: "v1b54"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 Screen%2BShot%2B2018-04-02%2Bat%2B20.12.26.png
1.bp.blogspot.com/-gHyFzq2539g/WsMaurFcTpI/AAAAAAAAGng/qXt_Yx_5nAwgn6P0jlJDg6iqvgKdoYGEACLcBGAs/s30-p/ 1 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-gHyFzq2539g/WsMaurFcTpI/AAAAAAAAGng/qXt_Yx_5nAwgn6P0jlJDg6iqvgKdoYGEACLcBGAs/s30-p/Screen%2BShot%2B2018-04-02%2Bat%2B20.12.26.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f8f758d328fe50ec2ccd54786226624818171dff319ddecfd14a429d1d806a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-02 at 20.12.26.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: fife
etag: "v1a79"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 Screen%2BShot%2B2018-04-02%2Bat%2B00.36.11.png
2.bp.blogspot.com/-1wrjX5wm6T0/WsG8GhGrlyI/AAAAAAAAGlQ/kJd1N5o4R1oQSI9RJu54MyyD25GzaIwNQCLcBGAs/s30-p/ 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-1wrjX5wm6T0/WsG8GhGrlyI/AAAAAAAAGlQ/kJd1N5o4R1oQSI9RJu54MyyD25GzaIwNQCLcBGAs/s30-p/Screen%2BShot%2B2018-04-02%2Bat%2B00.36.11.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de4774067968f00ffcf4b72574b39f54cd766f1f956d7c21f0d815931f78fc5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-04-02 at 00.36.11.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1770
x-xss-protection: 0
server: fife
etag: "v1a55"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:24 GMT

GET
H2 200 Screen%2BShot%2B2018-03-30%2Bat%2B00.28.41.png
3.bp.blogspot.com/-TEP_sQqpw_c/Wr3Oh1lfdqI/AAAAAAAAGks/LZ4S28w59akkRVZb9G7BUnaGwxSTCoqPACLcBGAs/s30-p/ 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-TEP_sQqpw_c/Wr3Oh1lfdqI/AAAAAAAAGks/LZ4S28w59akkRVZb9G7BUnaGwxSTCoqPACLcBGAs/s30-p/Screen%2BShot%2B2018-03-30%2Bat%2B00.28.41.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c425fc1d4bf6757927986974d71a777e077a47537471db8c29e52e469f71e876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-03-30 at 00.28.41.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1205
x-xss-protection: 0
server: fife
etag: "v1a4c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Mar 2020 08:27:51 GMT

GET
H2 200 Screen%2BShot%2B2018-03-29%2Bat%2B19.12.08.png
1.bp.blogspot.com/-sx8TAnhDE3A/Wr2zhYAE3JI/AAAAAAAAGkc/wdI-Dd6QiksPWOfk_7CvHNPkWth-ZPh_gCLcBGAs/s30-p/ 1 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-sx8TAnhDE3A/Wr2zhYAE3JI/AAAAAAAAGkc/wdI-Dd6QiksPWOfk_7CvHNPkWth-ZPh_gCLcBGAs/s30-p/Screen%2BShot%2B2018-03-29%2Bat%2B19.12.08.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

800cdca40b909aa85f1e0b5202e6c36a6317b4e43ef14dbce97f8b1174f95549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-03-29 at 19.12.08.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1483
x-xss-protection: 0
server: fife
etag: "v1a48"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 pic1.PNG
1.bp.blogspot.com/-ZuYVjcQj1qI/Wo4ddDb8JwI/AAAAAAAAGg4/Nsow2nw76r0L_y6egj4R4phoNTJh0FuggCLcBGAs/s30-p/ 907 B
1011 B 10ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZuYVjcQj1qI/Wo4ddDb8JwI/AAAAAAAAGg4/Nsow2nw76r0L_y6egj4R4phoNTJh0FuggCLcBGAs/s30-p/pic1.PNG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5a2ce54ddde57451e063e3db3e24ced1f67992231a23397f7b194a2fdaeb613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="pic1.PNG"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
server: fife
etag: "v1a0f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 Screen%2BShot%2B2018-01-28%2Bat%2B18.15.49.png
1.bp.blogspot.com/-D6_8GKtyhm4/Wm5xyELI-rI/AAAAAAAAGfY/j9buNZNKAtg89fGmZapkiNm192jlojVQwCLcBGAs/s30-p/ 873 B
1022 B 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-D6_8GKtyhm4/Wm5xyELI-rI/AAAAAAAAGfY/j9buNZNKAtg89fGmZapkiNm192jlojVQwCLcBGAs/s30-p/Screen%2BShot%2B2018-01-28%2Bat%2B18.15.49.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1d46ef344e5d9a593b69978ada52e7ffb85d3154389a532daae5036373d55a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-01-28 at 18.15.49.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 873
x-xss-protection: 0
server: fife
etag: "v19f8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 Screen%2BShot%2B2018-01-17%2Bat%2B03.11.05.png
3.bp.blogspot.com/-Vm8ikdvuRTw/Wl8Qh1y_jKI/AAAAAAAAGdc/gHOSm6p-RNQjKk-T1u8e5ysEkO8dpQuKQCLcBGAs/s30-p/ 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Vm8ikdvuRTw/Wl8Qh1y_jKI/AAAAAAAAGdc/gHOSm6p-RNQjKk-T1u8e5ysEkO8dpQuKQCLcBGAs/s30-p/Screen%2BShot%2B2018-01-17%2Bat%2B03.11.05.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6466c0e7a97bb5944c95e0b50c4a78b729a002ebe349cc4c9496079adbafb30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-01-17 at 03.11.05.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1312
x-xss-protection: 0
server: fife
etag: "v19d8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 Screen%2BShot%2B2018-01-12%2Bat%2B19.48.29.png
4.bp.blogspot.com/-kAj6qRS1lLE/WllXco3uCZI/AAAAAAAAGcw/NSnuJn7_R7cTpqazXeB7UE4AJSc-QYKWQCLcBGAs/s30-p/ 1 KB
1 KB 17ms
16ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-kAj6qRS1lLE/WllXco3uCZI/AAAAAAAAGcw/NSnuJn7_R7cTpqazXeB7UE4AJSc-QYKWQCLcBGAs/s30-p/Screen%2BShot%2B2018-01-12%2Bat%2B19.48.29.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ae56a08ad120fa9cbaad5e2d0f29d15ab5995ec798b7fb646926e2b2f1432b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2018-01-12 at 19.48.29.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1118
x-xss-protection: 0
server: fife
etag: "v19cd"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 Screen%2BShot%2B2017-12-27%2Bat%2B05.04.04.png
1.bp.blogspot.com/-GWhFEQzGKcM/WkNxNvb8OwI/AAAAAAAAGbI/_Fa6ks1fqDU4StZhkB2KDIMWVf28EeH0wCLcBGAs/s30-p/ 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-GWhFEQzGKcM/WkNxNvb8OwI/AAAAAAAAGbI/_Fa6ks1fqDU4StZhkB2KDIMWVf28EeH0wCLcBGAs/s30-p/Screen%2BShot%2B2017-12-27%2Bat%2B05.04.04.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5d08e3977ac882cac0b3ba2ca6bc235de70d4fd53b35479b36ec62d2b7962a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-12-27 at 05.04.04.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1835
x-xss-protection: 0
server: fife
etag: "v19b3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 Screen%2BShot%2B2017-12-21%2Bat%2B02.46.03.png
3.bp.blogspot.com/-L01qZql0nDQ/WjtoH0mnN0I/AAAAAAAAGZ8/VSZsd6aaZII3e5_GvzqDMwymidDPuqyEwCLcBGAs/s30-p/ 786 B
902 B 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-L01qZql0nDQ/WjtoH0mnN0I/AAAAAAAAGZ8/VSZsd6aaZII3e5_GvzqDMwymidDPuqyEwCLcBGAs/s30-p/Screen%2BShot%2B2017-12-21%2Bat%2B02.46.03.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e04d6abaf6bb7889fe5fcb79c3a1cc97c067bc798d6ac2dfc2c3852df9e3f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-12-21 at 02.46.03.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 786
x-xss-protection: 0
server: fife
etag: "v19a3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 magniber2.png
1.bp.blogspot.com/-dafMS1R8uHo/WjeFIbPGEGI/AAAAAAAAGYo/pDfMVwtjPesGEjWZcjPO4g8v78cEzetQACLcBGAs/s30-p/ 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dafMS1R8uHo/WjeFIbPGEGI/AAAAAAAAGYo/pDfMVwtjPesGEjWZcjPO4g8v78cEzetQACLcBGAs/s30-p/magniber2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d1252f3f1584dd033509867c51515623b05894f4b82a9e3c3da822326eaafc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="magniber2.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1659
x-xss-protection: 0
server: fife
etag: "v198c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 image1.png
4.bp.blogspot.com/-ghOLe4cowlc/WjDvM4V59EI/AAAAAAAAGXk/Kqb-bxKddYcab8UK8q0GMxi1yljr7NxnwCLcBGAs/s30-p/ 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-ghOLe4cowlc/WjDvM4V59EI/AAAAAAAAGXk/Kqb-bxKddYcab8UK8q0GMxi1yljr7NxnwCLcBGAs/s30-p/image1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0e7b4d1180187373e1e81dc52672389f9c4dfb477586cee1caea057fc042ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="image1.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1543
x-xss-protection: 0
server: fife
etag: "v197a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 trick1.png
2.bp.blogspot.com/-srnRcj3vjuI/WhPRX6-2LBI/AAAAAAAAGUU/WB6tRdBK1HA_pM8zY9KCHymaD4-uMEk8ACLcBGAs/s30-p/ 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-srnRcj3vjuI/WhPRX6-2LBI/AAAAAAAAGUU/WB6tRdBK1HA_pM8zY9KCHymaD4-uMEk8ACLcBGAs/s30-p/trick1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

987d4cab1c85d764068420e5b35cb34e9d675e26042ba9a6b04f99327f4d3cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="trick1.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1647
x-xss-protection: 0
server: fife
etag: "v1949"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:25 GMT

GET
H2 200 golroted1.png
3.bp.blogspot.com/-FdgC9OaYvNk/WggMA_2tBII/AAAAAAAAGKU/G9-uFOob2n4fR7wtkpJgXcv0UkfQ8N3PACLcBGAs/s30-p/ 1 KB
1 KB 13ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-FdgC9OaYvNk/WggMA_2tBII/AAAAAAAAGKU/G9-uFOob2n4fR7wtkpJgXcv0UkfQ8N3PACLcBGAs/s30-p/golroted1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a35d7973868226e4830f8b4c535aa94ba6a58bf46ae575d4ccf9931ab4b05af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="golroted1.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1271
x-xss-protection: 0
server: fife
etag: "v18a9"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 Picture1.png
1.bp.blogspot.com/-T8yA4Tz4fnM/Wf7Xebk4RFI/AAAAAAAAGIQ/jICMx8fkjV8pMg6FMoKaOUIcmpLqSLtUgCLcBGAs/s30-p/ 1 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-T8yA4Tz4fnM/Wf7Xebk4RFI/AAAAAAAAGIQ/jICMx8fkjV8pMg6FMoKaOUIcmpLqSLtUgCLcBGAs/s30-p/Picture1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1c8c674a5de7e5de010a6212157bdf0d1973fae8863fc34b883f344098bf04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Picture1.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1437
x-xss-protection: 0
server: fife
etag: "v1885"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Mar 2020 00:19:13 GMT

GET
H2 200 Screen%2BShot%2B2017-09-15%2Bat%2B03.50.08.png
3.bp.blogspot.com/-xNKCCshBU6s/WbuH3EWeG9I/AAAAAAAAGDg/M2Ee_WQZBPsLTnSG4mdX9dxKHou_HE9vQCLcBGAs/s30-p/ 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-xNKCCshBU6s/WbuH3EWeG9I/AAAAAAAAGDg/M2Ee_WQZBPsLTnSG4mdX9dxKHou_HE9vQCLcBGAs/s30-p/Screen%2BShot%2B2017-09-15%2Bat%2B03.50.08.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

651fd27be7dfbf9449b590a95a02c96fe3a8a14b6fb1631db88e1a3f4c7ecd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-09-15 at 03.50.08.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1717
x-xss-protection: 0
server: fife
etag: "v1839"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 tricky1.png
2.bp.blogspot.com/-ibtoIfLasAU/WbZOulPWyqI/AAAAAAAAGCM/ZJ0NR26MtCsj_gRsCYUBoMr68AqbLe5RACLcBGAs/s30-p/ 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ibtoIfLasAU/WbZOulPWyqI/AAAAAAAAGCM/ZJ0NR26MtCsj_gRsCYUBoMr68AqbLe5RACLcBGAs/s30-p/tricky1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b079f588738a4e47b7451f7f332b16fbbe60aa435499419a71df278688ad51a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="tricky1.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1928
x-xss-protection: 0
server: fife
etag: "v1824"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:25 GMT

GET
H2 200 Screen%2BShot%2B2017-08-22%2Bat%2B00.37.01.png
4.bp.blogspot.com/-7uLTgL1bgkU/WZu1E4ZsfEI/AAAAAAAAF_0/3gSMtW08vrMfRNepJJaIGQbg4SRJxKNHACLcBGAs/s30-p/ 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-7uLTgL1bgkU/WZu1E4ZsfEI/AAAAAAAAF_0/3gSMtW08vrMfRNepJJaIGQbg4SRJxKNHACLcBGAs/s30-p/Screen%2BShot%2B2017-08-22%2Bat%2B00.37.01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

14a06236a680dc1ea147e0fa0a105cead0d770e6287072da1720dccc19aa40bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-08-22 at 00.37.01.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1081
x-xss-protection: 0
server: fife
etag: "v17fe"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 16 Mar 2020 20:17:40 GMT

GET
H2 200 Screen%2BShot%2B2017-08-15%2Bat%2B01.05.51.png
2.bp.blogspot.com/-wv7Sly9SVRA/WZKk_awIRfI/AAAAAAAAF-M/S5Xnp25K2eYic5AbrsFjiwdubieCiYQuACEwYBhgL/s30-p/ 1 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-wv7Sly9SVRA/WZKk_awIRfI/AAAAAAAAF-M/S5Xnp25K2eYic5AbrsFjiwdubieCiYQuACEwYBhgL/s30-p/Screen%2BShot%2B2017-08-15%2Bat%2B01.05.51.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c3db9fa3975bf7489a64f3fb8c606119ed03705fc15471b073d54e29df82629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-08-15 at 01.05.51.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1429
x-xss-protection: 0
server: fife
etag: "v17e3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Mar 2020 11:36:25 GMT

GET
H2 200 Screen%2BShot%2B2017-08-13%2Bat%2B14.48.34.png
1.bp.blogspot.com/--vAXVDNhnn4/WZE2kQY0hJI/AAAAAAAAF8U/fksAHvqVJJskec1GoHQFYCE3TfEqCpALACLcBGAs/s30-p/ 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--vAXVDNhnn4/WZE2kQY0hJI/AAAAAAAAF8U/fksAHvqVJJskec1GoHQFYCE3TfEqCpALACLcBGAs/s30-p/Screen%2BShot%2B2017-08-13%2Bat%2B14.48.34.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a59b19076bba9a965b8023f1983c71c9eabd80a1dee90a5515f59297aed977f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-08-13 at 14.48.34.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1542
x-xss-protection: 0
server: fife
etag: "v17c8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 11 Mar 2020 00:19:13 GMT

GET
H2 200 Screen%2BShot%2B2017-08-10%2Bat%2B21.37.39.png
4.bp.blogspot.com/-o5wM2_RjSmQ/WY0ooFJoXJI/AAAAAAAAF7I/ehTLCTMihywz3n_y2tXq5Fca4khI_SHmACLcBGAs/s30-p/ 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-o5wM2_RjSmQ/WY0ooFJoXJI/AAAAAAAAF7I/ehTLCTMihywz3n_y2tXq5Fca4khI_SHmACLcBGAs/s30-p/Screen%2BShot%2B2017-08-10%2Bat%2B21.37.39.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0faf5476f066c454797b3c8f509b5fb86d3784150a354750f71769d4f0904564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 15:53:49 GMT
x-content-type-options: nosniff
age: 424
status: 200
content-disposition: inline;filename="Screen Shot 2017-08-10 at 21.37.39.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1024
x-xss-protection: 0
server: fife
etag: "v17b3"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 21 Mar 2020 05:52:06 GMT

GET
H2 200 default Show response
www.blogger.com/feeds/3986785863650565253/1979554836285324545/comments/ 2 KB
1 KB 401ms
401ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/3986785863650565253/1979554836285324545/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true&callback=jQuery1125007078886215423297_1584720048431&_=1584720048435

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07bd421581b0eaf0fd0c85685f4c257a9df85819cff18ba6c1615b1e6fa7327e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
vary: Accept, X-GData-Authorization, GData-Version
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
date: Fri, 20 Mar 2020 16:00:53 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 880
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Feb 2020 02:01:59 GMT
server: GSE
etag: W/"DEYFSH48eip7ImA9XB5RFUQ."
x-frame-options: SAMEORIGIN
gdata-version: 2.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-transform
x-content-type-options: nosniff
expires: Fri, 20 Mar 2020 16:00:53 GMT

GET
DATA 200
OK truncated
/ 847 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c5c2bf1131bd8f1578c106a85ef6394aae3192314ed6bab5f8fabc2b0be3495

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 default Show response
www.blogger.com/feeds/3986785863650565253/8716318262823571720/comments/ 2 KB
1000 B 424ms
423ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/3986785863650565253/8716318262823571720/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true&callback=jQuery1125007078886215423297_1584720048436&_=1584720048437

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/thirdparty/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a5949dcaad1d7bdea07b628935780935ed77db21f2778cd2650b56b27363705

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
vary: Accept, X-GData-Authorization, GData-Version
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
date: Fri, 20 Mar 2020 16:00:53 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 875
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Apr 2018 23:51:04 GMT
server: GSE
etag: W/"D0cCRXc6fCp7ImA9XBRQEUk."
x-frame-options: SAMEORIGIN
gdata-version: 2.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-transform
x-content-type-options: nosniff
expires: Fri, 20 Mar 2020 16:00:53 GMT

GET comment-iframe.g
www.blogger.com/ Frame 9B9A 0
0

GET comment-iframe.g
www.blogger.com/ Frame 6FA4 0
0

GET
H2

200

comment-iframe.g
www.blogger.com/ Frame 6FA4
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D3986785863650565253%26postID%3D1979554836285324545%26bpli%3D1&followup=https://www.blogger.com/co...
https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545&bpli=1

0
0

172ms
172ms

Document
text/html

2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545&bpli=1

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 20 Mar 2020 16:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1740
server: GSE
set-cookie: S=blogger=8w8bnaQGXP2_vWgcGIhWqs1hJKr3EpFs; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 20 Mar 2020 16:00:54 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-fCs6o7kKYZn9gCJf0Ek0Jg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 241
server: GSE
set-cookie: GAPS=1:LCDXt9WrrRYIlgblNUbsz-4Sb24mTw:-OHrOEJo9DZt7jo2;Path=/;Expires=Sun, 20-Mar-2022 16:00:54 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET comment-iframe.g
www.blogger.com/ Frame 997C 0
0

GET comment-iframe.g
www.blogger.com/ Frame 5B4B 0
0

GET
H2

200

comment-iframe.g
www.blogger.com/ Frame 5B4B
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D3986785863650565253%26postID%3D8716318262823571720%26bpli%3D1&followup=https://www.blogger.com/co...
https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720&bpli=1

0
0

776ms
776ms

Document
text/html

2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720&bpli=1

Requested by

Host: www.blogblog.com
URL: https://www.blogblog.com/dynamicviews/4f60039b5131b4dd/js/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.vkremez.com/2018/04/lets-learn-in-depth-reversing-of.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 20 Mar 2020 16:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1739
server: GSE
set-cookie: S=blogger=b4Cy3L7e9SxTud9gOJfbVwm4sZ5Ed-yr; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 20 Mar 2020 16:00:54 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-KRpW1nSyunmbR3m28NOKCw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 240
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545

Domain: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=1979554836285324545

Domain: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720

Domain: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=3986785863650565253&postID=8716318262823571720

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vkremez.com/	1970-01-19 08:12:00	Name: _gat Value: 1
.vkremez.com/	1970-01-19 08:13:26	Name: _gid Value: GA1.2.432526674.1584720048
.vkremez.com/	1970-01-20 01:43:12	Name: _ga Value: GA1.2.2097435267.1584720048
.vkremez.com/	1970-01-19 08:55:12	Name: __cfduid Value: d907188d73c3ca5c5d8da22cda4a425d41584720048

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
abs.twimg.com
accounts.google.com
ajax.cloudflare.com
apis.google.com
cdn.syndication.twimg.com
pbs.twimg.com
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
www.blogblog.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.vkremez.com
www.blogger.com
104.244.42.136
2001:4860:4802:32::75
2001:4860:4802:38::75
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:3031::681c:153e
2606:4700::6811:4004
2a00:1450:4001:800::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2009
2a00:1450:4001:817::200e
2a00:1450:4001:81b::200d
2a00:1450:400c:c0c::9c
2a03:2880:f11c:8183:face:b00c:0:25de
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
052f2ec11a647f6dd64ac9a381637be7a2bdf8bce816fbb527cd5ed7ba188e0f
07bd421581b0eaf0fd0c85685f4c257a9df85819cff18ba6c1615b1e6fa7327e
088734158a6c69e32f928ffa72f2e6505312e5a76bca31ff34bbe85ce100e992
0c239d58c774a19f664eb6ab5004a6ae3c449325ee5998ba65f892df4d6a5971
0e7b4d1180187373e1e81dc52672389f9c4dfb477586cee1caea057fc042ad81
0faf5476f066c454797b3c8f509b5fb86d3784150a354750f71769d4f0904564
10e1b9c2de3504f2345907eef55f57ab8db35cafc72afdec0ac986f45291a8e8
12956acbc65984f465f513dadb036a69899a5320d464ecc44fbdff33d47d402c
1385fe6c7366b4ab71c2806b9d327c837c8b5d74e35aa762200da83feb6113a8
146cf03f372f999168d4ec2a94380976f15f17fbfb08fbffde1c1a5f67438fee
14a06236a680dc1ea147e0fa0a105cead0d770e6287072da1720dccc19aa40bc
198c88313d65f4d2b30b218566c00f96002f78ae125643d5a73a669b46cab112
1ad705e628a38ac534ff5357e88b0ebe199385bd3afbc6a8a75eeadd9885fd24
1c5c2bf1131bd8f1578c106a85ef6394aae3192314ed6bab5f8fabc2b0be3495
1fbee0e57b5965130b857034ea337f939fdda31ab3ad771ab741ca851e4d3b4b
24b45790f58b5d8c376ea8320617b5defa1c88576b7b8df5abf1337a758adba3
266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a
2d32e9ba140c958687b6e782cdc101aab3e23921b3134438dc7fb0fb703db083
2df18edfc32d604689469f21882532c20c7bf692548923d9669c5b379389fb6e
2e8f531ac723f295449ab9d701933eb146cf0381fb5aff1210a902ac5217f264
34c6eb5fe76799775f269cf110d2b953f50c439b693e6ef0c9ce52426bb5c2fb
352c0ffe232c95e651a332fc322419fc55330d3c91f7fbf51ff430847ee1623f
37e09f63c3163da166a1cfe7c08e1aaedee1f0c7910049a3f4935c986beaaa09
39e1d583fa516a045854dd31d01795224685f184c7309e649805f961db4c0d4b
3ab29fa8021a9016914c69ae37ae1d71dc6ae1ded5343e11053dd82fc2c790df
3c2314a555c78ee37c995eaa1b964e1e889bb23bb32dc86b4d9fa4f0af0a3d0f
3dbcaaddeaadf7f1d80098890e622c489dc5fc3ec3b6239f24acbf07103dcc61
4183c3f221467e23f54b7e8a1bee440c4c04f96f79082840834874133cec0f38
4248ce46a79da23e835f59b4b7a41397839ba6baec2f724db95f475471dd0c9e
4286fd6f7ca4c6d12f1573d042d24982f0564a0dc35080bf44a560b0845bf4e7
439476ca5fd109c0aeb8e6c55d4cc4e2e772a27a582c49109494f06f40c95cbc
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
453c96acaf77939f88dc3caf9b77fa4265a1fcd008e26a0d06b74291024b01da
4aaf228ccea0266ab752855d33240266d89fd483fb62eaf52d5558d417253be3
4d35858175698669a30e2742d4f4c2f1891b420d7cbed05ab750c0b95f6a92ef
4f7b1c43fb8357c6cf2f2556f23010172d37614e95dcab92a623f6e99a1d95ba
5114816a47dc958d23af84763e576b236d08aa1366f10b5ec37d2ba5052b74c0
576c4aef678581925b080efed2af08d2a562ce962b83ea31bb227c24164233c7
579ae4fc4f4666d0177f25dc10379d7f147353006063a8903599976e3e6526b9
5d08e3977ac882cac0b3ba2ca6bc235de70d4fd53b35479b36ec62d2b7962a93
5d4f00b740c987fdd882682830c76c2ff10b2b8982ae7ac58086758c274fc935
60581ec368594c638ddd14b3e140ce3a9a171b3a60f4cfb56082fe34f5a774b1
62fd73cefebc2d291bd0328a83d82493e2d472eab7f1bf3a24fe1e7d7c717806
63d3b493096c09c618c405bfa26a8acba4b368760d012b29f6fdc4f825feeae2
6466c0e7a97bb5944c95e0b50c4a78b729a002ebe349cc4c9496079adbafb30c
649900d3905b9f2e7b125937917a96a473c0f3215cb51808d744bca68b081691
651fd27be7dfbf9449b590a95a02c96fe3a8a14b6fb1631db88e1a3f4c7ecd96
672d64bef3ef92e42a5550c13238cc329787222e2874cbabbe4861a136d29dc2
6f8f758d328fe50ec2ccd54786226624818171dff319ddecfd14a429d1d806a4
6fa828cde4b044fad032514553b15fa2998e078311463756050bad4c4c0b9420
7854598c392f12088882e30255a5e2f3f133e76dd011da794ec2c17aaf863ffb
79a8035fcd6e914f98404de3cdcc4aaa28403288a523b17a9be429166d6f56cc
7e04d6abaf6bb7889fe5fcb79c3a1cc97c067bc798d6ac2dfc2c3852df9e3f37
7e41f7333fa9b59a516a5a4f3af346bb24a4c3c8a7bc26551b6fec8d0f6b8555
800cdca40b909aa85f1e0b5202e6c36a6317b4e43ef14dbce97f8b1174f95549
82def3e3ea5794d68c07253d6d5b547985b3bea4227b6942a29fba62fde49a63
83a2e9e77e37f8142be840b51bfe16f27c7d857ca614550e93aa860eb29391a9
83adc88a1264b185cff852951ffdd42d68761f692b9e28951d26fa20eaccf2be
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
870c88fd51fa56c52989ef0e94f106c46aef8e2036ad694d72cb02a8e307785f
879f717950260355086f8f60af83c0c2574c9cb86d96b19d92166500e130d5d0
882b7316b4f9053b6debabf8bf1d257950264d501cd30cd2c48972c59a164a8c
8a01b7d240525f3534d5fc8dab500ebf1a3486f2d50e2767f9b96d7b6257abe5
8a5949dcaad1d7bdea07b628935780935ed77db21f2778cd2650b56b27363705
8f86e5f042e2a93ed6843abbd7c534088bfbb6e031c87e9f036f1729a56c28b7
94b082ce0c594c9c1fe3c4d2dc5f4e0e3cb18f607930b081db2d62c24dd22a74
987d4cab1c85d764068420e5b35cb34e9d675e26042ba9a6b04f99327f4d3cca
99201ab2d4c2f6caefa3f2cde71c519aa979a4862988e7ae6912e48e7e483611
9af974c47e6eb1e6a7e3f02dabd80c97924b57683b4dfe1acbd15f5d6f53b4fa
9c3db9fa3975bf7489a64f3fb8c606119ed03705fc15471b073d54e29df82629
a15b633de152c3e5d6fcdf18cc330a12eff8517bdfafdf1be382bdc1d238b6a8
a35d7973868226e4830f8b4c535aa94ba6a58bf46ae575d4ccf9931ab4b05af6
a400d73caf87f08fa624b8ac9100a38d076f736bd718cc7131331b35c5e885c2
a59b19076bba9a965b8023f1983c71c9eabd80a1dee90a5515f59297aed977f9
aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d
ac07ad0d272514849144a78b87d5949a4f42b3e560e29c8cfb0e78f77da982ff
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae56a08ad120fa9cbaad5e2d0f29d15ab5995ec798b7fb646926e2b2f1432b88
aedf5ed32b9fb7634bf3de2dda962079679444b4619b3db92e4fa533ac36055f
b079f588738a4e47b7451f7f332b16fbbe60aa435499419a71df278688ad51a2
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25
b3828434e23b0389838137dc0efcaecb531d55be92c6ccb7a9043dd86f184ed7
b5a2ce54ddde57451e063e3db3e24ced1f67992231a23397f7b194a2fdaeb613
c0d078d779c6d50be940b91eafdc1e0091ee1aef73087fdcddfb7771470b3c59
c229880f910d8f2fc250b318707234841a3ab0d715527f27cd057e508d4b68c6
c24539ff102cbfed69bbbfa25ea1e6650a5f1088d335cf8e9d0ab7d733f56aaf
c425fc1d4bf6757927986974d71a777e077a47537471db8c29e52e469f71e876
c5861e2e5ac76e8ccd8207a124f22bd6936d12ea29ecb13d6889e5d026c6dfe3
c678636b42cce155be48ee783b75a30e2851d08e7f81e5b6279520a24746d917
ca8b79adfa2c335f9ffda48e79259a64d39e99afa0407e4a4f06ef46d6fb1e0b
cda3553c4449fe81405fb22a19042a6b5e23a2ace595f13b706226d8116f5b85
d1252f3f1584dd033509867c51515623b05894f4b82a9e3c3da822326eaafc69
d310a2a2ad6bcac4068391482c43950cc7e672ad698641309af0c8dbaa673456
d9bf20fa1e29339c8dcbe0df9f1cd23ee01df3ae0877cdc80d08c33a30d41ab4
d9ec74ce726a37b1604831c23311ced0bf7e37094464b3acf79d59d7c7588f74
de4774067968f00ffcf4b72574b39f54cd766f1f956d7c21f0d815931f78fc5d
e0c75a3728746941983a7e3b362dd5df7c2d67dcb49567724fabb15b1ef50947
e1c8c674a5de7e5de010a6212157bdf0d1973fae8863fc34b883f344098bf04d
e1d46ef344e5d9a593b69978ada52e7ffb85d3154389a532daae5036373d55a6
e39f19ca769e259726aca4ae99b2ae6a137e038a3bf5492a683c79df4b44ea47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48cb741335f699e0923ad1ecd5e05ef7e12905eccc6183700751209dce87961
e6a1402cfa4c2b328cf5d29bce40d099d7a5f0d142543e36e9d54075fce2083b
e9c446e0dbaf6509c3f50825b8592884f7bf7d21aaf5b0fddaa98d7b389ecd5b
e9d98abe3d4fbb7fd31ae469783caf6a1d80c9a36ad020475e5292e357a1df36
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eba3881542a1ce2068c819ecebaf2f7ba9dbbf2cbde8f68eaa39a832ef66c6c8
ee0a8e7c129727981602e96c4c7098bd042f55043325cd3b42a65a410cf3cb78
eeea76d34a426787eab8f9ddf9209a6188a05f180b961b93f7fb767b908e96d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef25f2d6f5aa424f594bbaa63c1f86a634e2b87911e1db695b2a0c2e6927353a
f13585ddb86f9ec0432f36eae40bcaabe3aad166eff8424b27082c2b8174a3a2
f21f8537b9b087805efd4334b8f0904aa547ba84c2c6a647d002fef16f42aa26
f3213abe514f8fe79645ae0b911954984c0ea75c38af968473781fcf03b195dd
f42a719c42729853609255c0f4e029aa6ae44a9a9925743394343a8a0265a110
f5b92e0c5428ee48219650011e0bcf48607dd9a390f1b36384fb38087b67f24d
f5fcff76c1da90c0cfa732560a2952a473fc0245c48c443d1df37b1d25fe3834
f749661c02cee9c7aef6745e82a1125d68762c4759dcdbfd163e3f24bde6be57
f76f0ea18167458d10ab7315e0df8fd9bf843abf629e37529bbd8590db89ea7c

www.vkremez.com Open in urlscan Pro 2606:4700:3031::681c:153e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

134 Requests

97 %HTTPS

93 %IPv6

12 Domains

20 Subdomains

13 IPs

4 Countries

2449 kBTransfer

7738 kBSize

4 Cookies

21 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vkremez.com Open in urlscan Pro
2606:4700:3031::681c:153e Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

97 %
HTTPS

93 %
IPv6

12
Domains

20
Subdomains

13
IPs

4
Countries

2449 kB
Transfer

7738 kB
Size

4
Cookies

134 HTTP transactions
13 data transactions