vmay.com Open in urlscan Pro
151.101.65.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
Effective URL:
https://vmay.com/
Submission: On November 06 via api (November 6th 2020, 9:10:45 pm UTC) from IL

Summary HTTP 80 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 21 domains to perform 80 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is vmay.com.
TLS certificate: Issued by GTS CA 1D2 on September 24th 2020. Valid for: 3 months.

This is the only time vmay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	13.224.194.79 13.224.194.79	16509 (AMAZON-02) (AMAZON-02)
4	52.20.167.220 52.20.167.220	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2a00:1450:400... 2a00:1450:4001:81f::2009	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
80	24

3 151.101.65.195 (United States) 1 redirects

ASN54113 (FASTLY, US)

vmay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.194.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-79.fra2.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.167.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-167-220.compute-1.amazonaws.com

feed.mikle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com 1.bp.blogspot.com	124 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	276 KB
6	doubleclick.net googleads.g.doubleclick.net
5	scupio.com img.scupio.com bw.scupio.com Failed	31 KB
4	blogger.com www.blogger.com	61 KB
4	mikle.com feed.mikle.com
3	vmay.com 1 redirects vmay.com	26 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	61 KB
2	googleusercontent.com lh5.googleusercontent.com lh6.googleusercontent.com	9 KB
2	rawgit.com cdn.rawgit.com	19 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
2	googletagservices.com www.googletagservices.com	55 KB
2	google.com adservice.google.com	2 KB
2	google.de adservice.google.de	2 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	ytimg.com i.ytimg.com	4 KB
1	blogblog.com resources.blogblog.com	822 B
1	googleadservices.com partner.googleadservices.com	627 B
0	breaktime.com.tw Failed a.breaktime.com.tw Failed
80	21

	Domain	Requested by
6	2.bp.blogspot.com	vmay.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	vmay.com pagead2.googlesyndication.com
5	4.bp.blogspot.com	vmay.com
5	img.scupio.com	vmay.com img.scupio.com
4	www.blogger.com	vmay.com
4	feed.mikle.com	vmay.com ajax.googleapis.com
3	1.bp.blogspot.com	vmay.com
3	3.bp.blogspot.com	vmay.com
3	vmay.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	maxcdn.bootstrapcdn.com	vmay.com maxcdn.bootstrapcdn.com
2	cdn.rawgit.com	vmay.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ssl.google-analytics.com	vmay.com
1	fonts.googleapis.com	vmay.com
1	www.googletagmanager.com	vmay.com www.googletagmanager.com
1	lh6.googleusercontent.com	vmay.com
1	i.ytimg.com	vmay.com
1	lh5.googleusercontent.com	vmay.com
1	resources.blogblog.com	vmay.com
1	ajax.googleapis.com	vmay.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	a.breaktime.com.tw Failed	vmay.com
0	bw.scupio.com Failed	img.scupio.com
80	28

This site contains no links.

Subject Issuer	Validity	Valid
anyware.software GTS CA 1D2	`2020-09-24` - `2020-12-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
feed.mikle.com AlphaSSL CA - SHA256 - G2	`2020-04-18` - `2022-04-19`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
rawgit.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-01-12`	2 years	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://vmay.com/
Frame ID: 3671A3AD73B9B1F482521EA58C9DB9D8
Requests: 64 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fm.howkid.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%22900%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22right%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22on%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%2299%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
Frame ID: 85B985261A7A021A42B80B1BA8E11193
Requests: 1 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fm.howkid.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%22900%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22rounded%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22on%22%2C%22auto_scroll_direction%22%3A%22down%22%2C%22auto_scroll_step_speed%22%3A%222%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%232e7ec8%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22crop%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%2299%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
Frame ID: BA17F2D9AFC64D150CFA654C3BC9EE7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: 805F235DAE05191B9F4543E566722A97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&adk=1812271804&adf=292055386&lmt=1566089977&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029758&bpp=13&bdt=92&idt=81&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2990713867504&frm=20&pv=2&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=174752&dssz=16&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=102
Frame ID: A5CB3AD0605F4C782EB198900C35AABD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=3025194257&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029772&bpp=4&bdt=106&idt=95&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=10OYKB13ls&p=https%3A//vmay.com&dtd=99
Frame ID: C4E971BC750B1145A0065D203A8524F6
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.44
Frame ID: 0CDAF87FBBC25A8C5632211CB2A524B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=1573534164&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029776&bpp=1&bdt=110&idt=109&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CffFSfavgx&p=https%3A//vmay.com&dtd=114
Frame ID: 52444B952FAE9F537A7E5DA4BD3FA7BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=4235265862&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029776&bpp=1&bdt=110&idt=117&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PyeZWZ2Umf&p=https%3A//vmay.com&dtd=124
Frame ID: 934C90FC225A7BBE3D34F2F99C79552D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 142C4ED9B5EF2CD69ACC39D829E334CC
Requests: 1 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fen.vmay.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%221400%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22off%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%22150%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
Frame ID: 4FBE7A8575C2BB39B2D5E24D13C94A93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: 474E306A928599121BA8B6013220DAF2
Requests: 1 HTTP requests in this frame

Frame: https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fen.vmay.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%221400%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22off%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%22150%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
Frame ID: 331F9532FAADFEC709A65491CA6C2B71
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.44
Frame ID: ABF3C606D32638ECE12C9C83E66D387A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=4083838929&adk=3197796340&adf=1551796669&pi=t.ma~as.4083838929&w=728&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=1&format=728x280&url=https%3A%2F%2Fvmay.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697040675&bpp=42&bdt=178&idt=174&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw&correlator=4054243132141&frm=20&pv=2&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1973355599&ga_fc=1&iag=0&icsg=33597952&dssz=38&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=602&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44730556&oid=3&pvsid=1601772595879108&pem=538&ref=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xpQ6azeMfw&p=https%3A//vmay.com&dtd=183
Frame ID: 6A0D972F06D7A4CFA721ED63C1B59E54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=600&slotname=4083838929&adk=1044731413&adf=804977925&pi=t.ma~as.4083838929&w=230&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=1&format=230x600&url=https%3A%2F%2Fvmay.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697040759&bpp=3&bdt=262&idt=117&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw&prev_fmts=728x280&correlator=4054243132141&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1973355599&ga_fc=1&iag=0&icsg=570468864&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44730556&oid=3&pvsid=1601772595879108&pem=538&ref=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fSwiaXt49F&p=https%3A//vmay.com&dtd=122
Frame ID: 7B1E923D15D6D290D489E432D84F4D53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&adk=3951757454&adf=3813367316&lmt=1566089977&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fvmay.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697040821&bpp=2&bdt=324&idt=75&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw&prev_fmts=728x280%2C230x600&nras=1&correlator=4054243132141&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1973355599&ga_fc=1&iag=0&icsg=570468864&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44730556&oid=3&pvsid=1601772595879108&pem=538&ref=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=80
Frame ID: 98C939351B7C2C8DB57264E1F13A5D99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe HTTP 301
https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe Page URL
https://vmay.com/ Page URL

Page Statistics

80
Requests

85 %
HTTPS

78 %
IPv6

21
Domains

28
Subdomains

24
IPs

3
Countries

773 kB
Transfer

1783 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe HTTP 301
https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe Page URL
https://vmay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe HTTP 301
https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

185.exe Show response
vmay.com/wordpress/wp-content/themes/twentytwelve/foot/
Redirect Chain

http://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

6 KB
2 KB

68ms
22ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fffb8921e383f48ff150818a0ebe837dbe283af9d34ad6c6ca9379e4465663c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: vmay.com
:scheme: https
:path: /wordpress/wp-content/themes/twentytwelve/foot/185.exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "2ac0a173357172a20cf74b1aefa276dce3a9ccc4d1997576bc721454a67d41b5"
last-modified: Sun, 18 Aug 2019 00:59:37 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 06 Nov 2020 21:10:29 GMT
x-served-by: cache-cdg20766-CDG
x-cache: HIT
x-cache-hits: 1
x-timer: S1604697030.652018,VS0,VE1
vary: x-fh-requested-host, accept-encoding
content-length: 1725

Redirect headers

Server: Varnish
Retry-After: 0
Location: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
Content-Length: 0
Accept-Ranges: bytes
Date: Fri, 06 Nov 2020 21:10:29 GMT
Connection: close
X-Served-By: cache-cdg20746-CDG
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1604697030.584558,VS0,VE0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 46ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vmay.com
URL: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d75a4d5837957efab2a6fa9194a5e0715f46529abe866ef2861db2593ad2a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45405
x-xss-protection: 0
server: cafe
etag: 12376148264520793524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 21:10:29 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 42 KB
15 KB 161ms
55ms Script
application/javascript 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: vmay.com
URL: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 49037110095cf4b5eed4f89be79529e4d9b9a89938edb7aeedccf0bcda14e258

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:09:36 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 06:25:56 GMT
server: nginx/1.12.1
age: 53
etag: W/"5fa4ec74-a6e1"
status: 200
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RAz9UvmSFPw-86cWt7PxrAAg8GO9gC0m4XWxjfA3x6iyitS9N6DnPA==
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
expires: Fri, 06 Nov 2020 21:24:36 GMT

GET
H2 200 /
feed.mikle.com/widget/v2/ Frame 85B9 0
0 319ms
105ms Document
text/html 52.20.167.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fm.howkid.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%22900%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22right%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22on%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%2299%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D

Requested by

Host: vmay.com
URL: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.167.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-167-220.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: feed.mikle.com
:scheme: https
:path: /widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fm.howkid.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%22900%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22right%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22on%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%2299%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
date: Fri, 06 Nov 2020 21:10:29 GMT
content-type: text/html;charset=UTF-8
server: nginx
expires: Fri, 06 Nov 2020 21:13:29 GMT
cache-control: max-age=180
x-xss-protection: 0
content-encoding: gzip

GET
H2 200 /
feed.mikle.com/widget/v2/ Frame BA17 0
0 324ms
111ms Document
text/html 52.20.167.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fm.howkid.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%22900%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22rounded%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22on%22%2C%22auto_scroll_direction%22%3A%22down%22%2C%22auto_scroll_step_speed%22%3A%222%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%232e7ec8%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22crop%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%2299%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D

Requested by

Host: vmay.com
URL: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.167.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-167-220.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: feed.mikle.com
:scheme: https
:path: /widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fm.howkid.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%22900%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22rounded%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22on%22%2C%22auto_scroll_direction%22%3A%22down%22%2C%22auto_scroll_step_speed%22%3A%222%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%232e7ec8%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22crop%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%2299%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
date: Fri, 06 Nov 2020 21:10:29 GMT
content-type: text/html;charset=UTF-8
server: nginx
expires: Fri, 06 Nov 2020 21:13:29 GMT
cache-control: max-age=180
x-xss-protection: 0
content-encoding: gzip

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: vmay.com
URL: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4583
date: Fri, 06 Nov 2020 19:54:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 06 Nov 2020 21:54:06 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
399 B 44ms
28ms Image
image/gif 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=493534670&utmhn=vmay.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E6%AD%A4%E5%85%A7%E5%AE%B9%E5%B7%B2%E7%B6%93%E6%94%B9%E8%AE%8A%E4%BD%8D%E7%BD%AE&utmhid=1625123783&utmr=-&utmp=%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&utmht=1604697029701&utmac=UA-351931-33&utmcc=__utma%3D238542983.918966045.1604697030.1604697030.1604697030.1%3B%2B__utmz%3D238542983.1604697030.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=452566656&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: vmay.com
URL: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 21:10:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
87 KB 60ms
44ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 21:10:29 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame 805F 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Nov 2020 18:54:19 GMT
expires: Fri, 20 Nov 2020 18:54:19 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 8170
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
627 B 108ms
41ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vmay.com&callback=_gfp_s_&client=ca-pub-9844861148757328

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9e20d975a3b76e14658862d331c0ecebdb99664affc85bcdda6800fb860346b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 38ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vmay.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 21:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 42ms
20ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vmay.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 21:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A5CB 0
0 92ms
91ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&adk=1812271804&adf=292055386&lmt=1566089977&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029758&bpp=13&bdt=92&idt=81&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2990713867504&frm=20&pv=2&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=174752&dssz=16&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&adk=1812271804&adf=292055386&lmt=1566089977&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029758&bpp=13&bdt=92&idt=81&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2990713867504&frm=20&pv=2&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=174752&dssz=16&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 21:10:29 GMT
server: cafe
content-length: 1061
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 21:25:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 21:10:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27601
x-xss-protection: 0
expires: Fri, 06 Nov 2020 21:10:29 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C4E9 0
0 139ms
138ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=3025194257&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029772&bpp=4&bdt=106&idt=95&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=10OYKB13ls&p=https%3A//vmay.com&dtd=99

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=3025194257&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029772&bpp=4&bdt=106&idt=95&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=10OYKB13ls&p=https%3A//vmay.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 21:10:30 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 21:25:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 21:10:30 GMT
cache-control: private

GET
H2 200 16972.json Show response
img.scupio.com/js/config/ 296 B
684 B 684ms
619ms XHR
application/json 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/16972.json?v=1.0.3406
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0186fcf71322680c33c69b6f962b2bd8a5ae017f7f57fa507b7e8ebef4afda5d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 06 Nov 2020 21:10:30 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 02:31:37 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA2-C1
etag: "5f4db289-128"
status: 200
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 296
x-amz-cf-id: rZWKLI3l4ubY1AhVsg__fBWNNu15O8xPkSilaaNvVPwCQL50jmBNDw==
expires: Sat, 07 Nov 2020 00:10:30 GMT

GET
H2 200 ad.html
img.scupio.com/html/ Frame 0CDA 0
0 40ms
40ms Document
text/html 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.44
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Sep 2020 08:21:28 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 06 Nov 2020 20:27:46 GMT
etag: "5f686288-8906"
expires: Sat, 07 Nov 2020 02:27:46 GMT
cache-control: max-age=21600
x-cache: Hit from cloudfront
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: lYSdTrN3yBQZiCmkIW7T_zmWM3HFhtAswucjdSSECwp5z-gES9whdQ==
age: 2563

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5244 0
0 101ms
100ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=1573534164&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029776&bpp=1&bdt=110&idt=109&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CffFSfavgx&p=https%3A//vmay.com&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=1573534164&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029776&bpp=1&bdt=110&idt=109&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CffFSfavgx&p=https%3A//vmay.com&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 21:10:29 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 21:25:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 21:10:29 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 934C 0
0 94ms
93ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=4235265862&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029776&bpp=1&bdt=110&idt=117&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PyeZWZ2Umf&p=https%3A//vmay.com&dtd=124

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=3205122129&adk=3740295169&adf=4235265862&pi=t.ma~as.3205122129&w=1200&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697029776&bpp=1&bdt=110&idt=117&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=2990713867504&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1625123783&ga_fc=1&iag=0&icsg=2271904&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1366047224179522&pem=538&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=PyeZWZ2Umf&p=https%3A//vmay.com&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 21:10:29 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 21:25:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 21:10:29 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
34ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd6f8329e63c94e7660a9b6dbfade14bd63f8fa82b200a070586c4ce7e1b214c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 21:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6478
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 06 Nov 2020 21:10:30 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 142C 0
0 34ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 06 Nov 2020 20:06:51 GMT
expires: Sat, 06 Nov 2021 20:06:51 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3819
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 17ms
16ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=1366047224179522&bg=!p6SlpITNAAXuKKZk7lg8FzEcm1DrtAIAAABJUgAAAAtoAQcKAe3fYK54FhAyUzrO4MlP-MnKjOam_C5wuc3-mAxN8KAXqbeSQpWuZclk0HWlGF1uGjCpaS6iep-sbR6kUpLJhaJByhUgkT-DQBHT6_XRTmzuvP3n5fWCoug1Eoc6OSjkBv7T55QHE1wxBjFJtFt7d2U3vfQwE2OYdoYljfEx7S0geAgyzzUmF0sQnaUfr1RzYcQcWFrWYmqcQ8qEJsIVO6xiKyszDAVdWKgGzh3Ym53xec6oK32AkRejPZeXiPEcDs7rlyj-Z8W_opRXGLzjPYuxABHX-spB91YxsAuVauG3WFyxmbZ8Ipm4Ei8vUBLWm2wUGjB8RN-tqwihFfQ8Vi1iRmajZjWEvJ5KdjJYbbDT5y1yK1fuyjlR75X9w8EjLpvhnxMVXAe0C8ujxIzgQ0fh3MENhqxcDdeGe8vD2g7Ufi3FC0iBH0a-SzJOjwOTCGe60ORifDyxknvaFGdwEIjZ4NDQq3joeLLhB4aWMRovcW3qBytIKRX5HY-VegBWzbeXhDx-yFs2lKUETW3lH4aLQy6NzagPQs_wj6Mh12_ielgFn2QwtyRurXBnzZvT39TKHRZb51oW54xx-H9HwYvZfxzTpLN1ioiVwS5BNV0MbF8vB6uayoFPeff1iawMFkZ57oyDkO0u9IS2kSiSmQGxJF2ivea1ETFo-AAnsWi2WhtPC7jkaJkqJxUZdpxHmQhcnGEGfkDy4qHU_KSX5owZXhar4pltBsLV9FVEJ2QIxNzOMFuJxD9QZORiH6p_hpHXG1zq5H4i4KaUWr2uCm8AKTIrUPTpZB5dRpkEYjY7GE-7td-Ral5VjjGKeyQRf48qN5bSzAat1Bs-cSebU25m_UvKoHqhq7Dzi8uEi2fXuhKyrpDWmWEOOOYtXJXk5iXCpgb3iNvRPdQHVZHIYwAilBAZrYtZPe3JZNlFh7vmNP3Qp04Fj7oqE-gPRmi2YzcVir6_kjwD3snuepdFVDi979DuGJJR1in3aNJxm8dmAoq_UptXt5qA-jpf1FOPy5cimjupLkOSUt6fQrpgw4hbgzDZ_U4M89-NGrECjiOeGQXrj6if5yt_4i_kvJ6pRO-bHdB-kxvo-O78FS3hUa9hJDQ_M1VPE4OTheFmPi-yyT4fnp9i85RFHozaklnZy3dt_NckBM5VOoJksLEMOYo6VN9NbIIpr9arl55rdISRtuMEIT8l7_y_J12KsMq-A6GY5hAA_hZYWXqd7oFgwDgbcQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 21:10:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST inview.aspx
bw.scupio.com/adpinline/ 0
0

GET
H2 200 Primary Request / Show response
vmay.com/ 109 KB
23 KB 363ms
362ms Document
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e79e8ae3e0eca20be3ff228ed031c27f28ccc2772933394db9025488358c608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: vmay.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __utma=238542983.918966045.1604697030.1604697030.1604697030.1; __utmc=238542983; __utmz=238542983.1604697030.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=238542983.1.10.1604697030; __gads=ID=03fdee322c5806a5-220285e424b90004:T=1604697029:RT=1604697029:S=ALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/wordpress/wp-content/themes/twentytwelve/foot/185.exe

Response headers

status: 200
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "3a94cb73a554336c77c648f59cfbe2389ecbeb64a2c4d41b6be0720a682dbabb"
last-modified: Sun, 18 Aug 2019 00:59:37 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 06 Nov 2020 21:10:40 GMT
x-served-by: cache-cdg20766-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1604697040.140848,VS0,VE340
vary: x-fh-requested-host, accept-encoding
content-length: 23883

GET
H2 200 2549344219-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 31 KB
7 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 12:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jun 2020 07:20:00 GMT
server: sffe
age: 32198
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6822
x-xss-protection: 0
expires: Sat, 06 Nov 2021 12:14:02 GMT

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 16:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275079
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Nov 2021 16:46:01 GMT

GET
H2 200 respond.js Show response
cdn.rawgit.com/Arlina-Design/phantom/master/ 4 KB
3 KB 67ms
20ms Script
application/javascript 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/Arlina-Design/phantom/master/respond.js

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

2f6dd9cb349c884f70ffb86f889985169331f6a91e525bc4aafd52384bc7deea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
status: 200
vary: Accept-Encoding
cf-request-id: 063cd5e3dc000032b90e350000000001
rawgit-cache-status: MISS
x-robots-tag: none
content-type: application/javascript;charset=utf-8
server: NetDNA-cache/2.2
etag: W/"bfde3eaf3dcf8c49a87215ff19f139631b357f6083f3d99847fe4392faef565d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F%2BJAyiSy8CeDNwCLw6kdjIr0tBgFvZWd1yTYxXMAGk6CfI4Yji1wDGsA14xbu61CVKgbktaNYLDQ2dptzV%2B%2BAdCJKWxjly29gxKqnYTP2DMGwLuaoEA%3D"}],"group":"cf-nel","max_age":604800}
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5edb25b2fb5732b9-CDG
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET au.js
a.breaktime.com.tw/js/ 0
0

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
44 KB 31ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88465f62d571fbbb1c4e1b6dab77941ddb6fdb1e76893ea8c74c3d9467c77682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45404
x-xss-protection: 0
server: cafe
etag: 1684087997773895187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 21:10:40 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
822 B 33ms
6ms Image
image/png 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 19:16:31 GMT
server: sffe
age: 191983
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 11 Nov 2020 15:50:57 GMT

GET
H2 200 farfaria.png
2.bp.blogspot.com/--GXR0dtqW_g/W30MZNOi-qI/AAAAAAAAD4s/I696uKkCnQUcyvOol5ufH1w5qdLHkP1RwCLcBGAs/w72-h72-p-k-no-nu/ 9 KB
9 KB 291ms
283ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/--GXR0dtqW_g/W30MZNOi-qI/AAAAAAAAD4s/I696uKkCnQUcyvOol5ufH1w5qdLHkP1RwCLcBGAs/w72-h72-p-k-no-nu/farfaria.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

267c19b8f292c151d5341929e1f606262c876155e6aada243b54863e1464d65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="farfaria.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8930
x-xss-protection: 0
server: fife
etag: "vf8c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 03 Nov 2020 18:00:00 GMT

GET
H2 200 app.png
2.bp.blogspot.com/-CDTTQ99dpcM/XMJ3YsRXQ6I/AAAAAAAAEZg/0O0D2h-V5o4sJanjdJVhFOZ8zqGHsKcDgCLcBGAs/w72-h72-p-k-no-nu/ 8 KB
8 KB 266ms
258ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-CDTTQ99dpcM/XMJ3YsRXQ6I/AAAAAAAAEZg/0O0D2h-V5o4sJanjdJVhFOZ8zqGHsKcDgCLcBGAs/w72-h72-p-k-no-nu/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8e3935855cd8af0dd10b1210b716b8198f44d0fe24718abc5eb8a8ace08de305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8589
x-xss-protection: 0
server: fife
etag: "v1199"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 03 Nov 2020 17:59:59 GMT

GET
H2 200 app.png
3.bp.blogspot.com/-WSt4URhrZZk/XMJ-sOErZUI/AAAAAAAAEZ4/B9W085lD8r4W2Jo9B2gZcFPC90K1Gx_SQCLcBGAs/w72-h72-p-k-no-nu/ 3 KB
3 KB 187ms
179ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-WSt4URhrZZk/XMJ-sOErZUI/AAAAAAAAEZ4/B9W085lD8r4W2Jo9B2gZcFPC90K1Gx_SQCLcBGAs/w72-h72-p-k-no-nu/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2be04c9154b09023d3cdd128939f3a346c552eab109c59108abdb3d3be7ad46d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2871
x-xss-protection: 0
server: fife
etag: "v119f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 03 Nov 2020 17:59:59 GMT

GET
H2 200 screenshot.png
4.bp.blogspot.com/-bf8lR07r-kc/WDgKj-7sxLI/AAAAAAAABFc/AIQEbNbAIBMLoph_tFlE-RSObKmSdE2mgCLcB/w72-h72-p-k-no-nu/ 9 KB
9 KB 201ms
193ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-bf8lR07r-kc/WDgKj-7sxLI/AAAAAAAABFc/AIQEbNbAIBMLoph_tFlE-RSObKmSdE2mgCLcB/w72-h72-p-k-no-nu/screenshot.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

995192b4c50790bd1ef6f00d130635c27833fb57a19184ce62b1984423f910d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="screenshot.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9365
x-xss-protection: 0
server: fife
etag: "v45a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 03 Nov 2020 18:00:00 GMT

GET getImage.jpg
2.bp.blogspot.com/-Qj_DgcUhrBQ/VgI8FI9EezI/AAAAAAAAE08/113JP4dpwIQ/w72-h72-p-k-no-nu/ 0
0

GET
H2 200 app.png
4.bp.blogspot.com/-da-3wmuOkHM/XMatXO_cUUI/AAAAAAAAEbk/2VwxD_WUlWgmWd3HW0WNixqPVo3iRoW9ACLcBGAs/w72-h72-p-k-no-nu/ 4 KB
4 KB 109ms
101ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-da-3wmuOkHM/XMatXO_cUUI/AAAAAAAAEbk/2VwxD_WUlWgmWd3HW0WNixqPVo3iRoW9ACLcBGAs/w72-h72-p-k-no-nu/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b462916a69d777fb1ddbf867acef529197d01215778f88e9c04539286bc51b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3929
x-xss-protection: 0
server: fife
etag: "v11ba"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Nov 2020 18:38:54 GMT

GET
H2 200 app.png
2.bp.blogspot.com/-Lssxh8tY1Xs/XMJ_MztHjJI/AAAAAAAAEaA/QR2BT-6CMNkGlLWWc1SN2iBB_nZh0OyUACLcBGAs/w72-h72-p-k-no-nu/ 9 KB
9 KB 307ms
306ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Lssxh8tY1Xs/XMJ_MztHjJI/AAAAAAAAEaA/QR2BT-6CMNkGlLWWc1SN2iBB_nZh0OyUACLcBGAs/w72-h72-p-k-no-nu/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

969a9eab37cb9e0b29d24c96922e3e1af1175e2db441047293fb37adcff6f749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9359
x-xss-protection: 0
server: fife
etag: "v11a1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 07 Nov 2020 21:10:40 GMT

GET
H3-Q050 200 a.png
1.bp.blogspot.com/-i16zfYMZStA/VgJBl_8v9MI/AAAAAAAAE1M/rX20dVL3aI0/w72-h72-p-k-no-nu/ 7 KB
7 KB 34ms
28ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-i16zfYMZStA/VgJBl_8v9MI/AAAAAAAAE1M/rX20dVL3aI0/w72-h72-p-k-no-nu/a.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcc4b4c3ff6607e5b65819e43f6037e993ee0b82fa402bac72deeba791f609ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="a.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6873
x-xss-protection: 0
server: fife
etag: "v1354"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Nov 2020 18:38:54 GMT

GET
H2 200 yg7n1DEL5Zr9iXtJDHo-lJCfp90QtH5H63IYQaqGG6Jqk2erQbJuuqjAT7zENMunG338l19cLKI9sr_phk-bBLNhEBE=w72-h72-n-k-no-nu
lh5.googleusercontent.com/proxy/ 4 KB
4 KB 45ms
20ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/yg7n1DEL5Zr9iXtJDHo-lJCfp90QtH5H63IYQaqGG6Jqk2erQbJuuqjAT7zENMunG338l19cLKI9sr_phk-bBLNhEBE=w72-h72-n-k-no-nu

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bec63bc986f67fd4e707356af401fec13dab11a4ab1e87aa3320bb947b335032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4109
x-xss-protection: 0
expires: Sat, 07 Nov 2020 21:10:40 GMT

GET
H3-Q050 200 a.png
1.bp.blogspot.com/-E_vBhlE5868/VeEV3Ty697I/AAAAAAAAEJo/j1km3XVj_a4/w72-h72-p-k-no-nu/ 10 KB
10 KB 33ms
28ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-E_vBhlE5868/VeEV3Ty697I/AAAAAAAAEJo/j1km3XVj_a4/w72-h72-p-k-no-nu/a.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

227dcf75d6ddda5beabf7afbca5d05928e500da70ffde9b76727114079c63082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="a.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10554
x-xss-protection: 0
server: fife
etag: "v109b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Nov 2020 18:17:27 GMT

GET
H2 200 app.png
4.bp.blogspot.com/-da-3wmuOkHM/XMatXO_cUUI/AAAAAAAAEbk/2VwxD_WUlWgmWd3HW0WNixqPVo3iRoW9ACLcBGAs/s72-c/ 2 KB
2 KB 63ms
62ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-da-3wmuOkHM/XMatXO_cUUI/AAAAAAAAEbk/2VwxD_WUlWgmWd3HW0WNixqPVo3iRoW9ACLcBGAs/s72-c/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d4088fae78f0c8c401a6ebbbfc3f922be903af3eceaf54d36cbd8b471eaae50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2448
x-xss-protection: 0
server: fife
etag: "v11ba"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Nov 2020 12:17:22 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/MyJGPq0YnYM/ 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MyJGPq0YnYM/default.jpg

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca136ba521d265f643abf08b9c05b8af16a39e1e5454c65037db1d073cd552b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 20:56:37 GMT
x-content-type-options: nosniff
server: sffe
age: 843
etag: "0"
vary: Origin
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4386
x-xss-protection: 0
expires: Fri, 06 Nov 2020 22:56:37 GMT

GET
H2 200 app.png
2.bp.blogspot.com/-Lssxh8tY1Xs/XMJ_MztHjJI/AAAAAAAAEaA/QR2BT-6CMNkGlLWWc1SN2iBB_nZh0OyUACLcBGAs/s72-c/ 9 KB
9 KB 210ms
209ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Lssxh8tY1Xs/XMJ_MztHjJI/AAAAAAAAEaA/QR2BT-6CMNkGlLWWc1SN2iBB_nZh0OyUACLcBGAs/s72-c/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5826bca5fbe2cdd4f4247f51b5b64fbf1a4d96e83e3de071c534d490dc9b359a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9284
x-xss-protection: 0
server: fife
etag: "v11a1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 03 Nov 2020 18:00:00 GMT

GET
H2 200 app.png
3.bp.blogspot.com/-WSt4URhrZZk/XMJ-sOErZUI/AAAAAAAAEZ4/B9W085lD8r4W2Jo9B2gZcFPC90K1Gx_SQCLcBGAs/s72-c/ 3 KB
3 KB 21ms
20ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-WSt4URhrZZk/XMJ-sOErZUI/AAAAAAAAEZ4/B9W085lD8r4W2Jo9B2gZcFPC90K1Gx_SQCLcBGAs/s72-c/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c070c393b3529fd0d50754ad1b3a3f14d2e355a156d35df4fc34999849b55041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2849
x-xss-protection: 0
server: fife
etag: "v119f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Nov 2020 18:17:28 GMT

GET
H3-Q050 200 app.png
4.bp.blogspot.com/-wkLg_R6nab8/XMJ51fH3PvI/AAAAAAAAEZs/QeV9No34PDsRQwdrt5jpXg27qhgxwzC5wCLcBGAs/s72-c/ 4 KB
4 KB 176ms
161ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-wkLg_R6nab8/XMJ51fH3PvI/AAAAAAAAEZs/QeV9No34PDsRQwdrt5jpXg27qhgxwzC5wCLcBGAs/s72-c/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c7d2f5b784b06f534f6755b9f65c6d2372b10c8295aa515d434974b9f55f3819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3848
x-xss-protection: 0
server: fife
etag: "v119c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Nov 2020 18:38:54 GMT

GET
H3-Q050 200 a.png
1.bp.blogspot.com/-E_vBhlE5868/VeEV3Ty697I/AAAAAAAAEJo/j1km3XVj_a4/s72-c/ 10 KB
10 KB 36ms
32ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-E_vBhlE5868/VeEV3Ty697I/AAAAAAAAEJo/j1km3XVj_a4/s72-c/a.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c10086fb3a1d59573755184babb461d84f5f9245f7daa9ec5a75ee251c0a0d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="a.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: fife
etag: "v109b"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Nov 2020 11:42:05 GMT

GET
H2 200 app.png
2.bp.blogspot.com/-CDTTQ99dpcM/XMJ3YsRXQ6I/AAAAAAAAEZg/0O0D2h-V5o4sJanjdJVhFOZ8zqGHsKcDgCLcBGAs/s72-c/ 8 KB
8 KB 159ms
158ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-CDTTQ99dpcM/XMJ3YsRXQ6I/AAAAAAAAEZg/0O0D2h-V5o4sJanjdJVhFOZ8zqGHsKcDgCLcBGAs/s72-c/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0db7f280ecc83aa9135dd5b38d93617f6b77b29a843903ddb657206eb4fde012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8605
x-xss-protection: 0
server: fife
etag: "v1199"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Nov 2020 12:17:22 GMT

GET
H2 200 app.png
3.bp.blogspot.com/-W6alCS-bJJY/XMJ1ny0062I/AAAAAAAAEZU/1g5FBGMJLeAoOb3_tIdxK4Tb1XReTaoPACLcBGAs/s72-c/ 8 KB
8 KB 27ms
26ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-W6alCS-bJJY/XMJ1ny0062I/AAAAAAAAEZU/1g5FBGMJLeAoOb3_tIdxK4Tb1XReTaoPACLcBGAs/s72-c/app.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e9670e4daefad5ae987b806a4a5b9c813367b7d8f41ac0fc2316d38e0530d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="app.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8544
x-xss-protection: 0
server: fife
etag: "v1196"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 04 Nov 2020 18:17:28 GMT

GET a.png
1.bp.blogspot.com/-i16zfYMZStA/VgJBl_8v9MI/AAAAAAAAE1M/rX20dVL3aI0/s72-c/ 0
0

GET getImage.jpg
2.bp.blogspot.com/-Qj_DgcUhrBQ/VgI8FI9EezI/AAAAAAAAE08/113JP4dpwIQ/s72-c/ 0
0

GET
H3-Q050 200 screenshot.png
4.bp.blogspot.com/-bf8lR07r-kc/WDgKj-7sxLI/AAAAAAAABFc/AIQEbNbAIBMLoph_tFlE-RSObKmSdE2mgCLcB/s72-c/ 9 KB
9 KB 178ms
171ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-bf8lR07r-kc/WDgKj-7sxLI/AAAAAAAABFc/AIQEbNbAIBMLoph_tFlE-RSObKmSdE2mgCLcB/s72-c/screenshot.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7079ffa7c695c0b9f25ef955ca39e13a9500eba68c53c23cb4e0b7d084a6e9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="screenshot.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9515
x-xss-protection: 0
server: fife
etag: "v45a"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 01 Nov 2020 18:38:55 GMT

GET
H2 200 farfaria.png
2.bp.blogspot.com/--GXR0dtqW_g/W30MZNOi-qI/AAAAAAAAD4s/I696uKkCnQUcyvOol5ufH1w5qdLHkP1RwCLcBGAs/s72-c/ 9 KB
9 KB 21ms
20ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/--GXR0dtqW_g/W30MZNOi-qI/AAAAAAAAD4s/I696uKkCnQUcyvOol5ufH1w5qdLHkP1RwCLcBGAs/s72-c/farfaria.png

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c11e8dfa02dd6772814c42548af39d9aa0bcd08260080535922102d6cf9dffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="farfaria.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8940
x-xss-protection: 0
server: fife
etag: "vf8c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 30 Oct 2020 06:37:27 GMT

GET
H3-Q050 200 TP8zx-utLQelHWtYLHjVgSdHDGoYBRhXkaR_taDsIQSF4NE_FyhhVAm6tWhbPsEFvVI6teMqOivz_23Py2lIJIVt
lh6.googleusercontent.com/proxy/ 4 KB
5 KB 48ms
31ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/TP8zx-utLQelHWtYLHjVgSdHDGoYBRhXkaR_taDsIQSF4NE_FyhhVAm6tWhbPsEFvVI6teMqOivz_23Py2lIJIVt

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e8516f35548bade4e080a618013d31c90c6976299dd79dd63222c260129fae8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4496
x-xss-protection: 0
expires: Sat, 07 Nov 2020 21:10:40 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 42 KB
15 KB 41ms
39ms Script
application/javascript 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: vmay.com
URL: https://vmay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 49037110095cf4b5eed4f89be79529e4d9b9a89938edb7aeedccf0bcda14e258

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:09:36 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 06:25:56 GMT
server: nginx/1.12.1
age: 64
etag: W/"5fa4ec74-a6e1"
status: 200
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 70VjwZQ9rba_3CR1qaIYWXpBmrqZzAgDmFuYnuXlyGxe_D8NWSKIhA==
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
expires: Fri, 06 Nov 2020 21:24:36 GMT

GET
H2 200 masternav.js Show response
cdn.rawgit.com/Arlina-Design/phantom/master/ 49 KB
16 KB 48ms
39ms Script
application/javascript 151.139.237.11
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/Arlina-Design/phantom/master/masternav.js

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

fcd1bcf168767f2ae1db6d4963e464b51da159e5994e99cf497b9290c7283cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
status: 200
vary: Accept-Encoding
cf-request-id: 063cf0b2bf0000332574b1f000000001
rawgit-cache-status: MISS
x-robots-tag: none
content-type: application/javascript;charset=utf-8
server: NetDNA-cache/2.2
etag: W/"a2a1565bf58ec60247cd5d3e872ea5e254fc387b78998f489381bced914ba2b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bBhbbCvtwuaqs7qNu4iLFwPLxemzuWneFiDsLI6UAcFf7Rl4s5CJCPMkHEXRLJBz0pbwY5f1m9Ff6EtGzPHkoCkyPyzh6fzxdpk8BAAgkn8xk6xNBrY%3D"}],"group":"cf-nel","max_age":604800}
sunset: Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 5edb50979a403325-CDG
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-351931-13

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c395972519e505359d713340de9912e101996b6384aa1db3b2962f44559a0abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38303
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Nov 2020 21:10:40 GMT

GET
H3-Q050 200 640298382-widgets.js Show response
www.blogger.com/static/v1/widgets/ 148 KB
54 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/640298382-widgets.js

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9a94effbaa217b38743ca4f0ec3dedd1fc11cf7f23692a87ad2ff88a74ef6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 17:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 09:16:30 GMT
server: sffe
age: 11643
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54497
x-xss-protection: 0
expires: Sat, 06 Nov 2021 17:56:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
870 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4c3bcdc96747ecc468606785ed07b53db73dc6926c3bf8a3b1d87291871e899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 20:57:34 GMT
server: ESF
date: Fri, 06 Nov 2020 21:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Nov 2020 21:10:40 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 27ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
646 B 138ms
130ms Stylesheet
text/css 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=290171335812997105&zx=e78a15d0-86f0-4701-b143-a535b69e20ac

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 06 Nov 2020 21:10:40 GMT
server: GSE
date: Fri, 06 Nov 2020 21:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
feed.mikle.com/widget/v2/ Frame 4FBE 0
0 108ms
106ms Document
text/html 52.20.167.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.mikle.com/widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fen.vmay.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%221400%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22off%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%22150%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.167.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-167-220.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: feed.mikle.com
:scheme: https
:path: /widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fen.vmay.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%221400%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22off%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%22150%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/

Response headers

status: 200
date: Fri, 06 Nov 2020 21:10:40 GMT
content-type: text/html;charset=UTF-8
server: nginx
expires: Fri, 06 Nov 2020 21:13:40 GMT
cache-control: max-age=180
x-xss-protection: 0
content-encoding: gzip

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
86 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 21:10:40 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vmay.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 16:29:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 535257
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sun, 31 Oct 2021 16:29:43 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vmay.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 09:05:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 43515
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 06 Nov 2021 09:05:25 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 31ms
13ms Font
font/woff2 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://vmay.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 56792

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame 474E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmdUVShqtjp1rgZ-kZfK-Y-pQbzKf4ohM5L8ucmAvxiJRLsNoRXI4Lm7IXW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Nov 2020 18:54:19 GMT
expires: Fri, 20 Nov 2020 18:54:19 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 8181
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
46 B 116ms
116ms Stylesheet
text/css 2a00:1450:4001:81f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=290171335812997105&zx=e78a15d0-86f0-4701-b143-a535b69e20ac

Requested by

Host: vmay.com
URL: https://vmay.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 06 Nov 2020 21:10:40 GMT
server: GSE
date: Fri, 06 Nov 2020 21:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
feed.mikle.com/widget/v2/ Frame 331F 0
0 112ms
111ms Document
text/html 52.20.167.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.167.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-167-220.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: feed.mikle.com
:scheme: https
:path: /widget/v2/?widget_parameter=%7B%22type%22%3A%22%22%2C%22sources%22%3A%5B%7B%22source%22%3A%22http%3A%2F%2Fen.vmay.com%2Ffeeds%2Fposts%2Fdefault%22%2C%22type%22%3A%22RSS%22%7D%5D%2C%22name%22%3A%22%22%2C%22width%22%3A0%2C%22height%22%3A%221400%22%2C%22height_by_article%22%3A0%2C%22target%22%3A%22_blank%22%2C%22font%22%3A%22Arial%2C%20Helvetica%2C%20sans-serif%22%2C%22title_font_size%22%3A%2216%22%2C%22item_title_font_size%22%3A%2220%22%2C%22item_description_font_size%22%3A%2218%22%2C%22border%22%3A%22off%22%2C%22css_url%22%3A%22%22%2C%22responsive%22%3A%22on%22%2C%22text_direction%22%3A%22left%22%2C%22text_alignment%22%3A%22left%22%2C%22corner%22%3A%22square%22%2C%22scroll%22%3A%22off%22%2C%22auto_scroll%22%3A%22off%22%2C%22auto_scroll_direction%22%3A%22up%22%2C%22auto_scroll_step_speed%22%3A%221%22%2C%22auto_scroll_mc_speed%22%3A%2220%22%2C%22sort%22%3A%22rnd%22%2C%22title%22%3A%22off%22%2C%22title_sentence%22%3A%22%22%2C%22title_link%22%3A%22%22%2C%22title_bgcolor%22%3A%22%23ffffff%22%2C%22title_color%22%3A%22%23505659%22%2C%22title_bgimage%22%3A%22%22%2C%22item_bgcolor%22%3A%22%23ffffff%22%2C%22item_bgimage%22%3A%22%22%2C%22item_title_length%22%3A%2255%22%2C%22item_title_color%22%3A%22%2301060a%22%2C%22item_border_bottom%22%3A%22on%22%2C%22item_description%22%3A%22both%22%2C%22item_link%22%3A%22off%22%2C%22item_description_length%22%3A%22100%22%2C%22item_description_color%22%3A%22%23505659%22%2C%22item_date%22%3A%22off%22%2C%22item_date_format%22%3A%22%25b%20%25e%2C%20%25Y%20%25k%3A%25M%22%2C%22item_date_timezone%22%3A%22%22%2C%22item_description_style%22%3A%22thumbnail%22%2C%22item_thumbnail%22%3A%22full%22%2C%22item_thumbnail_selection%22%3A%22auto%22%2C%22article_num%22%3A%22150%22%2C%22item_player%22%3A%22off%22%2C%22keyword_inc%22%3A%22%22%2C%22keyword_exc%22%3A%22%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/

Response headers

status: 200
date: Fri, 06 Nov 2020 21:10:40 GMT
content-type: text/html;charset=UTF-8
server: nginx
expires: Fri, 06 Nov 2020 21:13:40 GMT
cache-control: max-age=180
x-xss-protection: 0
content-encoding: gzip

GET 17028.json
img.scupio.com/js/config/ 0
0

GET
H2 200 ad.html
img.scupio.com/html/ Frame ABF3 0
0 38ms
37ms Document
text/html 13.224.194.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.44
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-79.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vmay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CSA20201107051033381911; gx=H4sIAEkspl8A%2fxNmYGDg4uZ49KHx2dkVjZYCrEIsHPYCTAAQiZAMFwAAAA%3d%3d; gxc=1; uxc=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://vmay.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Sep 2020 08:21:28 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 06 Nov 2020 20:27:46 GMT
etag: "5f686288-8906"
expires: Sat, 07 Nov 2020 02:27:46 GMT
cache-control: max-age=21600
x-cache: Hit from cloudfront
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: svkXKhF6WsnYyrms_7Pystq42BzK3cH8LIFAn447wkYBYh-nA8b7-w==
age: 2574

GET cookie.js
partner.googleadservices.com/gampad/ 0
0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
810 B 44ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vmay.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
810 B 46ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vmay.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 6A0D 0
0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vmay.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27601
x-xss-protection: 0
expires: Fri, 06 Nov 2020 21:10:40 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 7B1E 0
0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 98C9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bw.scupio.com
URL: https://bw.scupio.com/adpinline/inview.aspx?cb=0.03962905956572804

Domain: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=NlY5UDE2Q09EQzVBM1hRN0tCSDY=

Domain: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=NTdVWUc5UU4xNENRUENEM1RRQThCRUs1

Domain: 2.bp.blogspot.com
URL: https://2.bp.blogspot.com/-Qj_DgcUhrBQ/VgI8FI9EezI/AAAAAAAAE08/113JP4dpwIQ/w72-h72-p-k-no-nu/getImage.jpg

Domain: 1.bp.blogspot.com
URL: https://1.bp.blogspot.com/-i16zfYMZStA/VgJBl_8v9MI/AAAAAAAAE1M/rX20dVL3aI0/s72-c/a.png

Domain: 2.bp.blogspot.com
URL: https://2.bp.blogspot.com/-Qj_DgcUhrBQ/VgI8FI9EezI/AAAAAAAAE08/113JP4dpwIQ/s72-c/getImage.jpg

Domain: img.scupio.com
URL: https://img.scupio.com/js/config/17028.json?v=1.0.3406

Domain: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/cookie.js?domain=vmay.com&callback=_gfp_s_&client=ca-pub-9844861148757328&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=280&slotname=4083838929&adk=3197796340&adf=1551796669&pi=t.ma~as.4083838929&w=728&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=1&format=728x280&url=https%3A%2F%2Fvmay.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697040675&bpp=42&bdt=178&idt=174&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw&correlator=4054243132141&frm=20&pv=2&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1973355599&ga_fc=1&iag=0&icsg=33597952&dssz=38&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=602&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44730556&oid=3&pvsid=1601772595879108&pem=538&ref=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xpQ6azeMfw&p=https%3A//vmay.com&dtd=183

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-351931-33&l=dataLayer&cx=c

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&h=600&slotname=4083838929&adk=1044731413&adf=804977925&pi=t.ma~as.4083838929&w=230&fwrn=4&fwrnh=100&lmt=1566089977&rafmt=1&psa=1&format=230x600&url=https%3A%2F%2Fvmay.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697040759&bpp=3&bdt=262&idt=117&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw&prev_fmts=728x280&correlator=4054243132141&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1973355599&ga_fc=1&iag=0&icsg=570468864&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44730556&oid=3&pvsid=1601772595879108&pem=538&ref=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fSwiaXt49F&p=https%3A//vmay.com&dtd=122

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9844861148757328&output=html&adk=3951757454&adf=3813367316&lmt=1566089977&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fvmay.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604697040821&bpp=2&bdt=324&idt=75&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D03fdee322c5806a5-220285e424b90004%3AT%3D1604697029%3ART%3D1604697029%3AS%3DALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw&prev_fmts=728x280%2C230x600&nras=1&correlator=4054243132141&frm=20&pv=1&ga_vid=918966045.1604697030&ga_sid=1604697030&ga_hid=1973355599&ga_fc=1&iag=0&icsg=570468864&dssz=40&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44730556&oid=3&pvsid=1601772595879108&pem=538&ref=https%3A%2F%2Fvmay.com%2Fwordpress%2Fwp-content%2Fthemes%2Ftwentytwelve%2Ffoot%2F185.exe&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=80

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:44:57	Name: test_cookie Value: CheckForPermission
.vmay.com/	1970-01-19 13:44:58	Name: __utmb Value: 238542983.1.10.1604697030
.vmay.com/	1969-12-31 23:59:59	Name: __utmc Value: 238542983
.vmay.com/	1970-01-19 13:44:57	Name: __utmt Value: 1
.vmay.com/	1970-01-19 18:07:45	Name: __utmz Value: 238542983.1604697030.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.vmay.com/	1970-01-19 23:06:33	Name: __gads Value: ID=03fdee322c5806a5-220285e424b90004:T=1604697029:RT=1604697029:S=ALNI_MaRyLBsevrS0hzfRHaLVo3AxKbscw
.vmay.com/	1970-01-20 07:16:09	Name: __utma Value: 238542983.918966045.1604697030.1604697030.1604697030.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a.breaktime.com.tw
adservice.google.com
adservice.google.de
ajax.googleapis.com
bw.scupio.com
cdn.rawgit.com
feed.mikle.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.scupio.com
lh5.googleusercontent.com
lh6.googleusercontent.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
ssl.google-analytics.com
tpc.googlesyndication.com
vmay.com
www.blogger.com
www.googletagmanager.com
www.googletagservices.com
1.bp.blogspot.com
2.bp.blogspot.com
a.breaktime.com.tw
bw.scupio.com
googleads.g.doubleclick.net
img.scupio.com
partner.googleadservices.com
www.googletagmanager.com
13.224.194.79
151.101.65.195
151.139.237.11
172.217.21.194
2001:4de0:ac19::1:b:1a
2a00:1450:4001:800::200a
2a00:1450:4001:800::2016
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:802::2009
2a00:1450:4001:803::2001
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2003
2a00:1450:4001:819::2008
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2001
2a00:1450:4001:81f::2009
2a00:1450:4001:81f::200a
52.20.167.220
0186fcf71322680c33c69b6f962b2bd8a5ae017f7f57fa507b7e8ebef4afda5d
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c11e8dfa02dd6772814c42548af39d9aa0bcd08260080535922102d6cf9dffa
0db7f280ecc83aa9135dd5b38d93617f6b77b29a843903ddb657206eb4fde012
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e79e8ae3e0eca20be3ff228ed031c27f28ccc2772933394db9025488358c608
227dcf75d6ddda5beabf7afbca5d05928e500da70ffde9b76727114079c63082
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
267c19b8f292c151d5341929e1f606262c876155e6aada243b54863e1464d65e
2be04c9154b09023d3cdd128939f3a346c552eab109c59108abdb3d3be7ad46d
2f6dd9cb349c884f70ffb86f889985169331f6a91e525bc4aafd52384bc7deea
49037110095cf4b5eed4f89be79529e4d9b9a89938edb7aeedccf0bcda14e258
4d75a4d5837957efab2a6fa9194a5e0715f46529abe866ef2861db2593ad2a63
4e9670e4daefad5ae987b806a4a5b9c813367b7d8f41ac0fc2316d38e0530d77
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5826bca5fbe2cdd4f4247f51b5b64fbf1a4d96e83e3de071c534d490dc9b359a
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
7079ffa7c695c0b9f25ef955ca39e13a9500eba68c53c23cb4e0b7d084a6e9ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88465f62d571fbbb1c4e1b6dab77941ddb6fdb1e76893ea8c74c3d9467c77682
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8d4088fae78f0c8c401a6ebbbfc3f922be903af3eceaf54d36cbd8b471eaae50
8e3935855cd8af0dd10b1210b716b8198f44d0fe24718abc5eb8a8ace08de305
969a9eab37cb9e0b29d24c96922e3e1af1175e2db441047293fb37adcff6f749
995192b4c50790bd1ef6f00d130635c27833fb57a19184ce62b1984423f910d1
9e20d975a3b76e14658862d331c0ecebdb99664affc85bcdda6800fb860346b7
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4c3bcdc96747ecc468606785ed07b53db73dc6926c3bf8a3b1d87291871e899
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b462916a69d777fb1ddbf867acef529197d01215778f88e9c04539286bc51b40
bcc4b4c3ff6607e5b65819e43f6037e993ee0b82fa402bac72deeba791f609ef
bec63bc986f67fd4e707356af401fec13dab11a4ab1e87aa3320bb947b335032
c070c393b3529fd0d50754ad1b3a3f14d2e355a156d35df4fc34999849b55041
c10086fb3a1d59573755184babb461d84f5f9245f7daa9ec5a75ee251c0a0d2b
c395972519e505359d713340de9912e101996b6384aa1db3b2962f44559a0abf
c7d2f5b784b06f534f6755b9f65c6d2372b10c8295aa515d434974b9f55f3819
c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8516f35548bade4e080a618013d31c90c6976299dd79dd63222c260129fae8e
eca136ba521d265f643abf08b9c05b8af16a39e1e5454c65037db1d073cd552b
f9a94effbaa217b38743ca4f0ec3dedd1fc11cf7f23692a87ad2ff88a74ef6be
fcd1bcf168767f2ae1db6d4963e464b51da159e5994e99cf497b9290c7283cb6
fd6f8329e63c94e7660a9b6dbfade14bd63f8fa82b200a070586c4ce7e1b214c
fffb8921e383f48ff150818a0ebe837dbe283af9d34ad6c6ca9379e4465663c7

vmay.com Open in urlscan Pro 151.101.65.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

80 Requests

85 %HTTPS

78 %IPv6

21 Domains

28 Subdomains

24 IPs

3 Countries

773 kBTransfer

1783 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vmay.com Open in urlscan Pro
151.101.65.195 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

85 %
HTTPS

78 %
IPv6

21
Domains

28
Subdomains

24
IPs

3
Countries

773 kB
Transfer

1783 kB
Size

7
Cookies

80 HTTP transactions
0 data transactions