www.andmp.com Open in urlscan Pro
2a00:1450:4001:81b::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Submission: On April 10 via manual (April 10th 2019, 5:54:35 am UTC) from US

Summary HTTP 142 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 23 domains to perform 142 HTTP transactions. The main IP is 2a00:1450:4001:81b::2013, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is www.andmp.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 12th 2019. Valid for: 3 months.

This is the only time www.andmp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a00:1450:400... 2a00:1450:4001:81b::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 15	2a00:1450:400... 2a00:1450:4001:80b::2009	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
13	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2 4	199.16.156.122 199.16.156.122	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2.23.104.167 2.23.104.167	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	151.101.120.134 151.101.120.134	54113 (FASTLY) (FASTLY - Fastly)
4	2606:4700::68... 2606:4700::6810:50a6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY - Fastly)
1 1	2a00:1450:400... 2a00:1450:4001:81c::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2606:4700::68... 2606:4700::6810:7591	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
25	93.184.220.70 93.184.220.70	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	151.101.120.64 151.101.120.64	54113 (FASTLY) (FASTLY - Fastly)
2 4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
142	30

14 2a00:1450:4001:81b::2013 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.andmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2009 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81e::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.16.156.122 (San Francisco, United States) 2 redirects

ASN13414 (TWITTER - Twitter Inc., US)

ton.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.104.167 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-23-104-167.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

sigma2.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:50a6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.248.44 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

m.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7591 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 93.184.220.70 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.64 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 2 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	314 KB
14	andmp.com www.andmp.com	474 KB
13	twitter.com 3 redirects ton.twitter.com platform.twitter.com syndication.twitter.com	116 KB
13	blogspot.com 1.bp.blogspot.com 4.bp.blogspot.com	308 KB
10	blogger.com 1 redirects www.blogger.com	186 KB
8	doubleclick.net googleads.g.doubleclick.net
7	facebook.com 2 redirects staticxx.facebook.com graph.facebook.com www.facebook.com	2 KB
6	medium.com cdn-images-1.medium.com	268 KB
6	gstatic.com fonts.gstatic.com	53 KB
5	youtube.com www.youtube.com img.youtube.com	13 KB
5	blogblog.com img1.blogblog.com resources.blogblog.com	2 KB
4	disquscdn.com c.disquscdn.com	209 KB
4	disqus.com sigma2.disqus.com disqus.com links.services.disqus.com	26 KB
4	googleusercontent.com lh6.googleusercontent.com lh3.googleusercontent.com	31 KB
4	addthis.com s7.addthis.com api-public.addthis.com	185 KB
4	googlesyndication.com pagead2.googlesyndication.com	182 KB
2	facebook.net connect.facebook.net	60 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	82 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
2	google.com 1 redirects adservice.google.com accounts.google.com	1 KB
1	addthisedge.com m.addthisedge.com	794 B
1	googletagservices.com www.googletagservices.com	29 KB
1	google.de adservice.google.de	481 B
142	23

	Domain	Requested by
22	pbs.twimg.com	www.andmp.com
14	www.andmp.com	www.andmp.com ajax.googleapis.com www.blogger.com
10	www.blogger.com	1 redirects www.andmp.com www.blogger.com ajax.googleapis.com
9	1.bp.blogspot.com	www.andmp.com ajax.googleapis.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	platform.twitter.com	www.andmp.com platform.twitter.com
6	cdn-images-1.medium.com	www.andmp.com
6	fonts.gstatic.com	www.andmp.com pagead2.googlesyndication.com
4	www.facebook.com	2 redirects connect.facebook.net
4	c.disquscdn.com	sigma2.disqus.com
4	4.bp.blogspot.com	www.andmp.com
4	ton.twitter.com	2 redirects www.andmp.com
4	pagead2.googlesyndication.com	www.andmp.com pagead2.googlesyndication.com
3	ton.twimg.com	platform.twitter.com www.andmp.com
3	img.youtube.com	ajax.googleapis.com
3	lh6.googleusercontent.com	www.andmp.com
3	img1.blogblog.com	www.andmp.com
2	abs.twimg.com	www.andmp.com
2	api-public.addthis.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	syndication.twitter.com	1 redirects www.andmp.com
2	disqus.com	sigma2.disqus.com
2	connect.facebook.net	www.andmp.com connect.facebook.net
2	www.youtube.com	www.andmp.com ajax.googleapis.com
2	resources.blogblog.com	www.andmp.com
2	s7.addthis.com	www.andmp.com s7.addthis.com
2	maxcdn.bootstrapcdn.com	www.andmp.com pagead2.googlesyndication.com
1	lh3.googleusercontent.com
1	links.services.disqus.com	c.disquscdn.com
1	staticxx.facebook.com	connect.facebook.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	m.addthisedge.com	s7.addthis.com
1	accounts.google.com	1 redirects
1	sigma2.disqus.com	www.andmp.com
1	fonts.googleapis.com	www.andmp.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	www.andmp.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
142	39

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.xda-developers.com
1.bp.blogspot.com
twitter.com
www.templatesyard.com

Subject Issuer	Validity	Valid
www.andmp.com Let's Encrypt Authority X3	`2019-02-12` - `2019-05-13`	3 months	crt.sh
*.blogger.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.googleusercontent.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
ton.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-28` - `2019-11-05`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2019-08-05`	4 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-17` - `2019-09-23`	6 months	crt.sh
*.medium.com DigiCert SHA2 Secure Server CA	`2018-07-31` - `2020-09-09`	2 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh

This page contains 24 frames:

Primary Page: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Frame ID: 18CAA1DF9BB1129B34FB0EA6D0A3EA8D
Requests: 94 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js
Frame ID: CF5F3F1FCFA92065C9140E10F35575AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190403/r20190131/zrt_lookup.html
Frame ID: 7B29FB315C062FC4CE2D4C63C474438C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&adk=1812271804&adf=3025194257&lmt=1554795510&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&ea=0&flash=0&pra=5&wgl=1&dt=1554875658314&bpp=11&bdt=81&fdt=55&idt=54&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2279081437435&frm=20&pv=2&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=680&dssz=7&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=2206246548&ifi=0&uci=0.4im51zasnvm5&fsb=1&dtd=76
Frame ID: CBD9633E844369929358FDE3FD57BF09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=179&slotname=9827705670&adk=688274746&adf=123266207&w=730&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=730x179&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875658433&bpp=13&bdt=200&fdt=13&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=10914&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=655&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=3933416846&ifi=1&uci=1.dqacjorc0kzi&fsb=1&xpc=JIkGjNdJna&p=https%3A//www.andmp.com&dtd=19
Frame ID: 2B5D6CD90CC8E66855A78F474D30D0FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=272&slotname=9827705670&adk=2022455955&adf=4109026666&w=1170&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=1170x272&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875658489&bpp=15&bdt=256&fdt=15&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=43658&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=551&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=309161927&ifi=2&uci=2.t907okcu3p1r&fsb=1&xpc=sNTp9lKERl&p=https%3A//www.andmp.com&dtd=19
Frame ID: 6AA070FA1541CB8DFEC8FEDB824F1F37
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/u5OdvnzrJNM?feature=player_embedded
Frame ID: 534597BD569D1D554D6ABFD1A5C360C5
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/blog-post-reactions.g?options=%5Bfunny,+interesting,+cool,+tech,+darknet,+tor%5D&textColor=%23000000
Frame ID: EDB4DA5A9F8F19FFBD7B9B1A8FAC20A8
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537
Frame ID: 59F3BB7E76656FB33D283F51049BF282
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=280&slotname=3414531176&adk=1755021884&adf=2823518132&w=340&fwr_io=true&fwrn=4&fwrnh=100&lmt=1554795510&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=340x280&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1554875658908&bpp=8&bdt=675&fdt=9&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=45771010722&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=1402&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=1448500390&ifi=4&uci=4.juqpsibdfo7q&fsb=1&xpc=SP7T5OeLaQ&p=https%3A//www.andmp.com&dtd=16
Frame ID: 640CCC19F764BFD75BC338B8EF91E5B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=174&slotname=9827705670&adk=382236608&adf=61049850&w=340&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=340x174&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=799&fdt=9&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=183084042890&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=2999&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=542056428&ifi=5&uci=5.gzbg7rfd3v6d&fsb=1&xpc=htFULbwLvJ&p=https%3A//www.andmp.com&dtd=12
Frame ID: F32AE2D38B0BB0FB4F78A2FDFE6EBF25
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/u5OdvnzrJNM?feature=player_embedded
Frame ID: 0FE3B43E2B710325274553069D56158D
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/blog-post-reactions.g?options=%5Bfunny,+interesting,+cool,+tech,+darknet,+tor%5D&textColor=%23000000
Frame ID: 6D297CEB4490D0C5C786B77E17B2BD2B
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537
Frame ID: D44E51AC0E9246DB011D5EE21A248738
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537&bpli=1
Frame ID: C917EEBCC9806107736E9D82A69A668E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.andmp.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 7A92F1DBE09A4BF87C661AE7B0821B9F
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&t_d=%0AXiaomi%20URL%20spoofing%20w%2F%20SSL%20vulnerability%20or%2C%20CVE-2019-10875%20-%20Was%20it%20intentionally%20kept%20in%20the%20global%20versions%20by%20Xiaomi%3F%0A&t_t=%0AXiaomi%20URL%20spoofing%20w%2F%20SSL%20vulnerability%20or%2C%20CVE-2019-10875%20-%20Was%20it%20intentionally%20kept%20in%20the%20global%20versions%20by%20Xiaomi%3F%0A&s_o=default&d_m=2
Frame ID: 0A8461B7334BE1E7FC657B0F53ACEF0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=280&slotname=3414531176&adk=1755021884&adf=2823518132&w=340&fwr_io=true&fwrn=4&fwrnh=100&lmt=1554795510&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=340x280&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=799&fdt=474&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280%2C340x174&nras=1&correlator=2279081437435&pv_h_ch=L0001&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=44695724&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=1426&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=1448500390&ifi=4&uci=4.svjzfaav5jb0&fsb=1&xpc=3uEGeCQzay&p=https%3A//www.andmp.com&dtd=481
Frame ID: C78D245C4F04B611F5DED4C2D529AF98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=174&slotname=9827705670&adk=382236608&adf=61049850&w=340&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=340x174&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=798&fdt=489&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280%2C340x174%2C340x280&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=44695724&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=2775&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=542056428&ifi=5&uci=5.nh1xamvy2zad&fsb=1&xpc=GNcbiOSjb4&p=https%3A//www.andmp.com&dtd=492
Frame ID: C3BF58451AA3A762A9D0F812A08919F2
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 4B8C232A3B29BFB4310A2504638F50B3
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f525.png
Frame ID: 7029CD8EB134F47781EE2081E579F1E1
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0
Frame ID: B1CF0E99F4EF88331FCB9FC16D92A728
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df1387a2e046fd28%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&container_width=340&height=230&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=340
Frame ID: A1E0C3A06C001BECA401B3F0528B6941
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B672C8BBF3935FC4999D411726D7083F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

AddThis (Widgets) Expand

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

env /^DISQUS/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^(?:vglnk(?:$|_)|vl_(?:cB|disable)$)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

142
Requests

98 %
HTTPS

70 %
IPv6

23
Domains

39
Subdomains

30
IPs

3
Countries

2572 kB
Transfer

7855 kB
Size

15
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/11186103388271684699
Title: A Khan

Search URL Search Domain Scan URL

URL: https://www.xda-developers.com/xiaomi-remove-obnoxious-ads-miui-add-new-features/
Title: this

Search URL Search Domain Scan URL

URL: https://1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s1600/Screenshot_2019-04-06-23-59-29-246_com.android.browser.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/email-post.g?blogID=8166728817383736132&postID=6446694991792293381
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=8166728817383736132&postID=6446694991792293381&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=8166728817383736132&postID=6446694991792293381&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=8166728817383736132&postID=6446694991792293381&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=8166728817383736132&postID=6446694991792293381&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=8166728817383736132&postID=6446694991792293381&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=8166728817383736132&postID=6446694991792293381&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/delete-comment.g?blogID=8166728817383736132&postID=2968491209384070532
Title: Delete

Search URL Search Domain Scan URL

URL: https://www.blogger.com/delete-comment.g?blogID=8166728817383736132&postID=2385401357929884608
Title: Delete

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g
Title: Create a Link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=8166728817383736132&widgetType=HTML&widgetId=HTML14&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=8166728817383736132&widgetType=HTML&widgetId=HTML11&action=editWidget&sectionId=social-counter
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=8166728817383736132&widgetType=HTML&widgetId=HTML17&action=editWidget&sectionId=sidebar(1)
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=8166728817383736132&widgetType=AdSense&widgetId=AdSense1&action=editWidget&sectionId=sidebar(1)
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=8166728817383736132&widgetType=BlogArchive&widgetId=BlogArchive2&action=editWidget&sectionId=sidebar(1)
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=8166728817383736132&widgetType=PageList&widgetId=PageList11&action=editWidget&sectionId=sidebar(1)
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/payloadartist

Search URL Search Domain Scan URL

URL: http://www.templatesyard.com/
Title: TemplatesYard

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://ton.twitter.com/1.1/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small HTTP 302
https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small

Request Chain 68

https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8166728817383736132%26postID%3D6446694991792293381%26blogspotRpcToken%3D5901537%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D8166728817383736132%26postID%3D6446694991792293381%26blogspotRpcToken%3D5901537%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537&bpli=1

Request Chain 85

https://ton.twitter.com/1.1/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small HTTP 302
https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small

Request Chain 140

https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0

Request Chain 144

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

142 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xiaomi-url-spoofing-w-ssl-vulnerability.html Show response
www.andmp.com/2019/04/ 632 KB
82 KB 242ms
215ms Document
text/html 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

b25b8da1858b954825b598212f2c9405cd223366163d7cbb719274fc8631f7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.andmp.com
:scheme: https
:path: /2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Wed, 10 Apr 2019 05:54:18 GMT
date: Wed, 10 Apr 2019 05:54:18 GMT
cache-control: private, max-age=0
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
etag: W/"f1d9a44ea556e66c26e0cc068c79bf8413dae20f5420b4ea5387aec166dec2a3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 83624
server: GSE

GET
H2 200 3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 33ms
6ms Stylesheet
text/css 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 03 Apr 2019 23:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2019 19:43:05 GMT
server: sffe
age: 541358
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 7979
x-xss-protection: 0
expires: Thu, 02 Apr 2020 23:31:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 83 KB
32 KB 65ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e44f13075f40f368efa9cc0218d56fcf9959df2d66b0f36f609b3c6aef6c3479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 31916
x-xss-protection: 0
server: cafe
etag: 4389441892881927108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2019 05:54:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
481 B 46ms
17ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.andmp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
481 B 44ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.andmp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/ 202 KB
75 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

403f5d2ad444c33d71d5742757f3fdf75ab619e2035e56b5c2deddd31760e4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 76865
x-xss-protection: 0
server: cafe
etag: 7363627075772317136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Apr 2019 05:54:18 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/ Frame CF5F 202 KB
75 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

403f5d2ad444c33d71d5742757f3fdf75ab619e2035e56b5c2deddd31760e4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 76865
x-xss-protection: 0
server: cafe
etag: 7363627075772317136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Apr 2019 05:54:18 GMT

GET
H2 200 ca-pub-3125404910654624.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
276 B 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3125404910654624.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 20:41:48 GMT
server: sffe
age: 3500
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 125
x-xss-protection: 0
expires: Wed, 10 Apr 2019 16:55:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190403/r20190131/ Frame 7B29 0
0 33ms
6ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190403/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190403/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 03 Apr 2019 21:23:49 GMT
expires: Wed, 17 Apr 2019 21:23:49 GMT
content-type: text/html; charset=UTF-8
etag: 3275482936266559025
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6909
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 549029
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2772131
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33576
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:52:07 GMT

GET
H2 200 demo-image.jpg
1.bp.blogspot.com/-7Kd9qaiRHuA/WaEtZyc70TI/AAAAAAAADsA/7WUYBVoY-UwwjdEP3kDFPvH9htN0dDKgQCLcBGAs/s1600/ 37 KB
37 KB 44ms
8ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7Kd9qaiRHuA/WaEtZyc70TI/AAAAAAAADsA/7WUYBVoY-UwwjdEP3kDFPvH9htN0dDKgQCLcBGAs/s1600/demo-image.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ea0a69eff2882342fe7fafc0c3b8be05a8fa9ba19fdb41e3523e58712e4395a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 02:36:18 GMT
x-content-type-options: nosniff
age: 11880
status: 200
content-disposition: inline;filename="demo-image.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 37865
x-xss-protection: 0
server: fife
etag: "vec1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 10 Apr 2019 14:34:23 GMT

GET
H2 200 Screenshot_2019-04-06-23-59-29-246_com.android.browser.png
1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s320/ 11 KB
12 KB 43ms
6ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s320/Screenshot_2019-04-06-23-59-29-246_com.android.browser.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

0c88d34a8de50207ffd42f7560d7fa60d8477cc0924907184778d145fb11a55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:58 GMT
x-content-type-options: nosniff
age: 3500
status: 200
content-disposition: inline;filename="Screenshot_2019-04-06-23-59-29-246_com.android.browser.png"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11551
x-xss-protection: 0
server: fife
etag: "v5c2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Apr 2019 22:01:18 GMT

GET
H2 200 xiaomi-url-spoofing-w-ssl-vulnerability.html
www.andmp.com/2019/04/ 13 KB
13 KB 495ms
494ms Image
text/html 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.andmp.com
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:scheme: https
:method: GET
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: GSE
etag: W/"f1d9a44ea556e66c26e0cc068c79bf8413dae20f5420b4ea5387aec166dec2a3"
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, max-age=0
content-length: 83624
x-xss-protection: 1; mode=block
expires: Wed, 10 Apr 2019 05:54:18 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame CBD9 0
0 44ms
42ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&adk=1812271804&adf=3025194257&lmt=1554795510&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&ea=0&flash=0&pra=5&wgl=1&dt=1554875658314&bpp=11&bdt=81&fdt=55&idt=54&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2279081437435&frm=20&pv=2&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=680&dssz=7&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=2206246548&ifi=0&uci=0.4im51zasnvm5&fsb=1&dtd=76

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&adk=1812271804&adf=3025194257&lmt=1554795510&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&ea=0&flash=0&pra=5&wgl=1&dt=1554875658314&bpp=11&bdt=81&fdt=55&idt=54&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=2279081437435&frm=20&pv=2&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=680&dssz=7&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=2206246548&ifi=0&uci=0.4im51zasnvm5&fsb=1&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:18 GMT
server: cafe
content-length: 707
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 10-Apr-2019 06:09:18 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Wed, 10 Apr 2019 05:54:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa5aa7e8c60251d1efeabdd140d85c4720aebbbc45c0861f027f8158fc79403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1554722263845644"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29096
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c16eb48a6a3b1dbeafe23c947a03a598f9532ca5ef39dedb93d055a8cae296bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 10 Apr 2019 05:54:18 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 10 Apr 2019 05:54:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 10 Apr 2019 05:54:18 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 26ms
20ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
656 B 119ms
118ms Stylesheet
text/css 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8166728817383736132&zx=c7f4e535-3699-4cfa-b38c-1839ce6e6c33

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 10 Apr 2019 05:54:18 GMT
server: GSE
date: Wed, 10 Apr 2019 05:54:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

401

CVa7nTmy.png:small
ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/
Redirect Chain

https://ton.twitter.com/1.1/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small
https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small

0
29 B

145ms
138ms

Image
text/plain

199.16.156.122
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.122 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 5
date: Wed, 10 Apr 2019 05:54:18 GMT
x-content-type-options: nosniff
server: tsa_b
strict-transport-security: max-age=631138519
status: 401
cache-control: no-cache
x-connection-hash: cb24b2a6e25941a8a3938d8e0f4555f7
content-length: 0

Redirect headers

x-response-time: 6
date: Wed, 10 Apr 2019 05:54:18 GMT
x-content-type-options: nosniff
server: tsa_b
location: https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small
strict-transport-security: max-age=631138519
status: 302
cache-control: no-cache
x-connection-hash: cb24b2a6e25941a8a3938d8e0f4555f7
content-length: 0

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 344 KB
110 KB 117ms
39ms Script
application/javascript 2.23.104.167
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-23-104-167.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
surrogate-key: client_dist
last-modified: Thu, 28 Feb 2019 14:32:49 GMT
etag: "5c77f111-561d6"
vary: Accept-Encoding
x-distribution: 99
cache-tag: client_dist
status: 200
cache-control: public, max-age=600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-type: application/javascript

GET
H2 200 icon18_email.gif
img1.blogblog.com/img/ 164 B
278 B 38ms
6ms Image
image/gif 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/icon18_email.gif

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 06 Apr 2019 04:17:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 19:21:14 GMT
server: sffe
age: 351391
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 164
x-xss-protection: 0
expires: Sat, 13 Apr 2019 04:17:47 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
260 B 24ms
7ms Image
image/gif 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 06 Apr 2019 00:41:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2019 20:59:14 GMT
server: sffe
age: 364355
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 162
x-xss-protection: 0
expires: Sat, 13 Apr 2019 00:41:43 GMT

GET
H2 200 blank.gif
img1.blogblog.com/img/ 43 B
156 B 37ms
6ms Image
image/gif 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/blank.gif

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 05 Apr 2019 22:48:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 08:34:40 GMT
server: sffe
age: 371146
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 43
x-xss-protection: 0
expires: Fri, 12 Apr 2019 22:48:32 GMT

GET
H2 200 457480341-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 12 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d72290d51d8fbc626cf8a5661aae06f44b30cad885bb1ae2a7f9024a0b9febe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 13 Mar 2019 23:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Mar 2019 18:22:30 GMT
server: sffe
age: 2355657
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4492
x-xss-protection: 1; mode=block
expires: Thu, 12 Mar 2020 23:33:21 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
614 B 23ms
7ms Image
image/png 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 05 Apr 2019 22:48:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2019 20:59:14 GMT
server: sffe
age: 371127
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 475
x-xss-protection: 0
expires: Fri, 12 Apr 2019 22:48:51 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 63ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/40B0)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 concepts-of-physics-part-1-hc-verma.jpg
4.bp.blogspot.com/-3X2WGjZ4JVw/VUw8FFSAZdI/AAAAAAAAAgY/bYR-fisOZo0/s72-c/ 4 KB
4 KB 35ms
16ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-3X2WGjZ4JVw/VUw8FFSAZdI/AAAAAAAAAgY/bYR-fisOZo0/s72-c/concepts-of-physics-part-1-hc-verma.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

3ead70671fef5f3389ee8f93c6d42deefe53338f4909ff721b729bf41055b0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="concepts-of-physics-part-1-hc-verma.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3815
x-xss-protection: 0
server: fife
etag: "v207"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Apr 2019 19:01:01 GMT

GET
H2 200 TbHnhcWcAI_pP8_aD76SDO6PKIdunT9oyiU7LkBUiz24S5ZnMHprGWRx1yWcmhDRI-zW2VSTjqTzWYhM
lh6.googleusercontent.com/proxy/ 9 KB
9 KB 57ms
16ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/TbHnhcWcAI_pP8_aD76SDO6PKIdunT9oyiU7LkBUiz24S5ZnMHprGWRx1yWcmhDRI-zW2VSTjqTzWYhM

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

83f6087bb126d6ac3463700b06f8d9477fd9899b5af8e4b6e23fdbad986b1fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
x-content-type-options: nosniff
server: fife
access-control-allow-origin: *
vary: Origin
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9314
x-xss-protection: 0
expires: Thu, 11 Apr 2019 05:54:18 GMT

GET
H2 200 Screenshot_2019-04-06-23-59-29-246_com.android.browser.png
1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s72-c/ 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s72-c/Screenshot_2019-04-06-23-59-29-246_com.android.browser.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bda0febef585eb29a068ea9471b92a623d8809938214dad3d6e1b1fb83528868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:57 GMT
x-content-type-options: nosniff
age: 3501
status: 200
content-disposition: inline;filename="Screenshot_2019-04-06-23-59-29-246_com.android.browser.png"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1982
x-xss-protection: 0
server: fife
etag: "v5c2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Apr 2019 22:01:19 GMT

GET
H2 200 oscp.jpg
1.bp.blogspot.com/-FTLos0HMkM4/W5EDIhLDP0I/AAAAAAAABKk/qlXQB3ddgs43C9QqmbIA-KqFK9eFWYbbQCLcBGAs/s72-c/ 4 KB
4 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FTLos0HMkM4/W5EDIhLDP0I/AAAAAAAABKk/qlXQB3ddgs43C9QqmbIA-KqFK9eFWYbbQCLcBGAs/s72-c/oscp.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bb895501e6ccae7e9600ac6bdbf0d0a7986c74a5cc37dc4d8e99235d20ec408b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:57 GMT
x-content-type-options: nosniff
age: 3501
status: 200
content-disposition: inline;filename="oscp.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4468
x-xss-protection: 0
server: fife
etag: "v4aa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Apr 2019 13:20:18 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2B5D 0
0 304ms
302ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=179&slotname=9827705670&adk=688274746&adf=123266207&w=730&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=730x179&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875658433&bpp=13&bdt=200&fdt=13&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=10914&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=655&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=3933416846&ifi=1&uci=1.dqacjorc0kzi&fsb=1&xpc=JIkGjNdJna&p=https%3A//www.andmp.com&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&h=179&slotname=9827705670&adk=688274746&adf=123266207&w=730&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=730x179&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875658433&bpp=13&bdt=200&fdt=13&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=10914&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=655&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=3933416846&ifi=1&uci=1.dqacjorc0kzi&fsb=1&xpc=JIkGjNdJna&p=https%3A//www.andmp.com&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:18 GMT
server: cafe
content-length: 20146
x-xss-protection: 0
set-cookie: IDE=AHWqTUm_UaZ5QufXlhZ9bJhE-Jaw0zi5YMUDgfN3MiXvLQkiTAtcPQhz3sP1sdDp; expires=Mon, 04-May-2020 05:54:18 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Wed, 10 Apr 2019 05:54:18 GMT
cache-control: private

GET
H2 200 captain_jack_sparrow___vector.png
4.bp.blogspot.com/-7pWJpJ09ct0/VnpUJoqNvKI/AAAAAAAAANw/2KR6NOt6GnE/s90-c/ 12 KB
12 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-7pWJpJ09ct0/VnpUJoqNvKI/AAAAAAAAANw/2KR6NOt6GnE/s90-c/captain_jack_sparrow___vector.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

eb8a45f943dfb9823b8ae1218c72ca4703522c42488cb84d270c9fb70cea8bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 03:40:48 GMT
x-content-type-options: nosniff
age: 8010
status: 200
content-disposition: inline;filename="captain_jack_sparrow___vector.png"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 12493
x-xss-protection: 0
server: fife
etag: "vdd"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 09 Apr 2019 07:11:32 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One
Origin: https://www.andmp.com

Response headers

date: Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:10:29 GMT
server: sffe
age: 1330485
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:33 GMT

GET
H2 200 k3kfo8YQJOpFqngdaPTKI0E.woff2
fonts.gstatic.com/s/ruda/v10/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ruda/v10/k3kfo8YQJOpFqngdaPTKI0E.woff2

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fa49936bad7033f541d8e208692aadf1fbcfacc76eb401d76a06b1ac9e912436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One
Origin: https://www.andmp.com

Response headers

date: Fri, 08 Mar 2019 23:18:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jan 2019 19:44:17 GMT
server: sffe
age: 2788575
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:18:03 GMT

GET
H2 200 qWcsB6-ypo7xBdr6Xshe96H3aDvbtxsis4I.woff2
fonts.gstatic.com/s/blackopsone/v10/ 7 KB
7 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/blackopsone/v10/qWcsB6-ypo7xBdr6Xshe96H3aDvbtxsis4I.woff2

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b2958bcc39add8edec26da0441d558a2b8cef8b73d5a696a23bcbab6e5edfa62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One
Origin: https://www.andmp.com

Response headers

date: Sat, 09 Mar 2019 03:19:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jan 2019 20:09:38 GMT
server: sffe
age: 2774072
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7324
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:19:46 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v16/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One
Origin: https://www.andmp.com

Response headers

date: Mon, 25 Mar 2019 20:20:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:49 GMT
server: sffe
age: 1330434
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9728
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:24 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 21ms
19ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.andmp.com

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6AA0 0
0 262ms
258ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=272&slotname=9827705670&adk=2022455955&adf=4109026666&w=1170&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=1170x272&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875658489&bpp=15&bdt=256&fdt=15&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=43658&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=551&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=309161927&ifi=2&uci=2.t907okcu3p1r&fsb=1&xpc=sNTp9lKERl&p=https%3A//www.andmp.com&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&h=272&slotname=9827705670&adk=2022455955&adf=4109026666&w=1170&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=1170x272&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875658489&bpp=15&bdt=256&fdt=15&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=43658&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=551&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=309161927&ifi=2&uci=2.t907okcu3p1r&fsb=1&xpc=sNTp9lKERl&p=https%3A//www.andmp.com&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:18 GMT
server: cafe
content-length: 20285
x-xss-protection: 0
set-cookie: IDE=AHWqTUlVrn8ZihC0fybwzi3mRPQCcS_EUAfKCaGqFyO9MQymU3twfKZ2mQBYQ71o; expires=Mon, 04-May-2020 05:54:18 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Wed, 10 Apr 2019 05:54:18 GMT
cache-control: private

GET
H2 200 u5OdvnzrJNM
www.youtube.com/embed/ Frame 5345 0
0 153ms
134ms Document
text/html 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/u5OdvnzrJNM?feature=player_embedded

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/u5OdvnzrJNM?feature=player_embedded
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 EST
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: no-cache
date: Wed, 10 Apr 2019 05:54:18 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=wK4AINaue4o; path=/; domain=.youtube.com; expires=Mon, 07-Oct-2019 05:54:18 GMT; httponly VISITOR_INFO1_LIVE=wK4AINaue4o; path=/; domain=.youtube.com; expires=Mon, 07-Oct-2019 05:54:18 GMT; httponly YSC=GU34GcA-CA4; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 09-Dec-2019 17:47:18 GMT GPS=1; path=/; domain=.youtube.com; expires=Wed, 10-Apr-2019 06:24:18 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6947ea9a5f331febd240ff99acbc98b35968637bf6a1e804fc6395bf3292abf3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 k3kQo8YQJOpFosM4fdnoLmvDIaI.woff2
fonts.gstatic.com/s/ruda/v10/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ruda/v10/k3kQo8YQJOpFosM4fdnoLmvDIaI.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c59fd6fa30449441bf4f6c01a40f53cfa70b1aac60976e57ee68cd4a7aa1b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One
Origin: https://www.andmp.com

Response headers

date: Fri, 08 Mar 2019 21:17:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jan 2019 19:42:39 GMT
server: sffe
age: 2795811
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 21:17:27 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Ruda:400,700,900|Open+Sans:400,600,700,400italic|Black+Ops+One
Origin: https://www.andmp.com

Response headers

date: Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:28 GMT
server: sffe
age: 1330485
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:33 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
114 B 367ms
364ms Stylesheet
text/css 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8166728817383736132&zx=c7f4e535-3699-4cfa-b38c-1839ce6e6c33

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 10 Apr 2019 05:54:19 GMT
server: GSE
date: Wed, 10 Apr 2019 05:54:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookienotice.js Show response
www.andmp.com/js/ 6 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/js/cookienotice.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.andmp.com
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:scheme: https
:method: GET
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 19:35:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Wed, 17 Apr 2019 05:54:18 GMT

GET
H2 200 513541589-widgets.js Show response
www.blogger.com/static/v1/widgets/ 148 KB
53 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/513541589-widgets.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ab504ebf8f2ffbb9dd8170dd861b19dcc51dc94f7467b5aee2a456d075771627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 03 Apr 2019 23:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2019 19:43:05 GMT
server: sffe
age: 541460
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 54449
x-xss-protection: 0
expires: Thu, 02 Apr 2020 23:29:58 GMT

GET blog-post-reactions.g
www.blogger.com/ Frame EDB4 0
0

GET comment-iframe.g
www.blogger.com/ Frame 59F3 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 70ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5bd89a5d1155ac59cf5e8155a217586e775676be708d77df5e53e46a34d40736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CKs6Sm6xH8T98hMqHwuZfA==
status: 200
date: Wed, 10 Apr 2019 05:54:18 GMT
vary: Accept-Encoding
content-length: 1780
x-fb-debug: 0O6ftsUx0cI6J6UAo4zdNf3yguycF41gI7Ge0kd1x0CR4AN1khD5Yb2sMZw6ppvTluZmVYcesYVXTbBaseH96A==
x-fb-content-md5: 45910bc82519e5495ab1fb9d66560727
etag: "0a1b0e18b233034f187f3f48d5d44c1a"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Apr 2019 06:06:05 GMT

GET
H/1.1 200
OK embed.js Show response
sigma2.disqus.com/ 66 KB
22 KB 104ms
22ms Script
application/javascript 151.101.120.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://sigma2.disqus.com/embed.js

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

592ffc5316a3bbbb42c21c229e3b02e42450af53497cae33f41a4cfb9ad571f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:18 GMT
Content-Encoding: gzip
Server: openresty
Age: 53
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21969

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 640C 0
0 215ms
212ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=280&slotname=3414531176&adk=1755021884&adf=2823518132&w=340&fwr_io=true&fwrn=4&fwrnh=100&lmt=1554795510&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=340x280&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1554875658908&bpp=8&bdt=675&fdt=9&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=45771010722&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=1402&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=1448500390&ifi=4&uci=4.juqpsibdfo7q&fsb=1&xpc=SP7T5OeLaQ&p=https%3A//www.andmp.com&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSnyprrxOECFYyxewodhvwAkA&gqi=CoWtXIbCOo7UgAf7zKSwCA&layout=/sadbundle/%24csp%253Der3%24/5915996332673468427/3flieger.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&h=280&slotname=3414531176&adk=1755021884&adf=2823518132&w=340&fwr_io=true&fwrn=4&fwrnh=100&lmt=1554795510&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=340x280&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1554875658908&bpp=8&bdt=675&fdt=9&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=45771010722&dssz=38&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=1402&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=1448500390&ifi=4&uci=4.juqpsibdfo7q&fsb=1&xpc=SP7T5OeLaQ&p=https%3A//www.andmp.com&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlVrn8ZihC0fybwzi3mRPQCcS_EUAfKCaGqFyO9MQymU3twfKZ2mQBYQ71o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSnyprrxOECFYyxewodhvwAkA&gqi=CoWtXIbCOo7UgAf7zKSwCA&layout=/sadbundle/%24csp%253Der3%24/5915996332673468427/3flieger.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:19 GMT
server: cafe
content-length: 30996
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F32A 0
0 211ms
210ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=174&slotname=9827705670&adk=382236608&adf=61049850&w=340&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=340x174&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=799&fdt=9&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=183084042890&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=2999&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=542056428&ifi=5&uci=5.gzbg7rfd3v6d&fsb=1&xpc=htFULbwLvJ&p=https%3A//www.andmp.com&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&h=174&slotname=9827705670&adk=382236608&adf=61049850&w=340&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=340x174&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=799&fdt=9&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=183084042890&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=2999&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=542056428&ifi=5&uci=5.gzbg7rfd3v6d&fsb=1&xpc=htFULbwLvJ&p=https%3A//www.andmp.com&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlVrn8ZihC0fybwzi3mRPQCcS_EUAfKCaGqFyO9MQymU3twfKZ2mQBYQ71o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:19 GMT
server: cafe
content-length: 23501
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 193 KB
58 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7e2dd4cb133b511719168aca7192de46&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

aed2a144881f0df2fed01cae6853a08c8a645ae7ed64699b384e1874cc933c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Origin: https://www.andmp.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: duWL7W+tNbx9MX45BFgL8Q==
status: 200
date: Wed, 10 Apr 2019 05:54:19 GMT
vary: Accept-Encoding
content-length: 58913
x-fb-debug: USQrBESNRLEKtC1MQtKZDjFC0KZIgyoYZzTdfumoCtHLhcnHQYFeS0/MSbX9Jd9JNl+Viq7OrY3SPcYgx5i5VQ==
x-fb-content-md5: 5a1ce921b654478e726fd83989930ebb
etag: "8f380f2a4fd9af0ab1be268e670521de"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 09 Apr 2020 05:11:19 GMT

GET
H2 200 default Show response
www.andmp.com/feeds/posts/ 105 KB
20 KB 254ms
253ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658407&_=1554875658408

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

a317521a58cfabd03dff61fac88b800acb55bfaaadfaf231f62f6628ce4ccf1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658407&_=1554875658408
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"091c31def05a396007bebcf97d7d7fdc794dded7ac2ae9a3eaeec2f9362b4dab"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 19844
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 default Show response
www.andmp.com/feeds/comments/ 10 KB
2 KB 302ms
300ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/comments/default?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658409&_=1554875658410

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

562ce7a7b3eaa91d2e5c5beffb5e44bdf42eafb391472931374185489379bdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/comments/default?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658409&_=1554875658410
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2019 16:44:15 GMT
server: blogger-renderd
etag: W/"2b9600a899fc391ed9e1f38b3d333036a7b12096059edbe9eb79bd78c717ca87"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 2007
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 default Show response
www.andmp.com/feeds/posts/ 105 KB
19 KB 288ms
287ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658411&_=1554875658412

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

2f5ffa884d57eb0fd594eaea3ef769398d65940a6ff2d189447cf32850a3c347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658411&_=1554875658412
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"091c31def05a396007bebcf97d7d7fdc794dded7ac2ae9a3eaeec2f9362b4dab"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 19844
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 Technology Show response
www.andmp.com/feeds/posts/default/-/ 4 KB
2 KB 276ms
275ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default/-/Technology?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658413&_=1554875658414

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3b4f50e1199ea8c8ea11d9e3aac2082b3b71d10962913087e875b2bca86965a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Technology?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658413&_=1554875658414
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"4933464b67008920081a9253b0f43f2e9519826cecff1f33e6e9ffe0d33daaaf"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 1728
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 News Show response
www.andmp.com/feeds/posts/default/-/ 4 KB
2 KB 278ms
277ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default/-/News?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658415&_=1554875658416

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

3a8f8284a05d08243c313085240a7127e4f32f87399b4d62da1ba933f79bce7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/News?alt=json-in-script&max-results=5&callback=jQuery111006781917845864032_1554875658415&_=1554875658416
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"507e43f0909f54190e17569dbbc6e5e93d5bfe256673cb576a3475100e95bac0"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 1722
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 concepts-of-physics-part-1-hc-verma.jpg
4.bp.blogspot.com/-3X2WGjZ4JVw/VUw8FFSAZdI/AAAAAAAAAgY/bYR-fisOZo0/s1600/ 38 KB
38 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-3X2WGjZ4JVw/VUw8FFSAZdI/AAAAAAAAAgY/bYR-fisOZo0/s1600/concepts-of-physics-part-1-hc-verma.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

e204ef7270dfe1153d66be607742c6dcd9cc92eca29cf39f94325b07688eeffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="concepts-of-physics-part-1-hc-verma.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38452
x-xss-protection: 0
server: fife
etag: "v207"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 30 Mar 2019 22:22:18 GMT

GET
H2 200 Screenshot_2019-04-06-23-59-29-246_com.android.browser.png
1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s1600/ 48 KB
48 KB 11ms
10ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-1nqX6V0xYx4/XKjwLgDlagI/AAAAAAAABcE/aCnLWQXrwEkeFny0upDO1CKLp3tsDX_lwCLcBGAs/s1600/Screenshot_2019-04-06-23-59-29-246_com.android.browser.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d7d89c5ec52c06e933c83779065ae802cadec586e4b1c0ffdbd21f81063871b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:57 GMT
x-content-type-options: nosniff
age: 3502
status: 200
content-disposition: inline;filename="Screenshot_2019-04-06-23-59-29-246_com.android.browser.png"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 48730
x-xss-protection: 0
server: fife
etag: "v5c2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Apr 2019 22:01:20 GMT

GET
H2 200 oscp.jpg
1.bp.blogspot.com/-FTLos0HMkM4/W5EDIhLDP0I/AAAAAAAABKk/qlXQB3ddgs43C9QqmbIA-KqFK9eFWYbbQCLcBGAs/s1600/ 119 KB
119 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FTLos0HMkM4/W5EDIhLDP0I/AAAAAAAABKk/qlXQB3ddgs43C9QqmbIA-KqFK9eFWYbbQCLcBGAs/s1600/oscp.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

5313e65f13a111999d21bdbc00e1367bebf60843b73411fe0c89a4c6951c3625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:57 GMT
x-content-type-options: nosniff
age: 3502
status: 200
content-disposition: inline;filename="oscp.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 121352
x-xss-protection: 0
server: fife
etag: "v4aa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Apr 2019 19:01:01 GMT

GET
H2 200 lounge.694ea7181ea49f1ce306dfc00c532f53.css
c.disquscdn.com/next/embed/styles/ 104 KB
20 KB 74ms
12ms Stylesheet
text/css 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.694ea7181ea49f1ce306dfc00c532f53.css

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73336a70c8e2b73cd8e349c54db26910f6f1c51be47806790252b72587ebf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4c52772698709700-FRA
status: 200
vary: Accept-Encoding
content-length: 19687
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Apr 2019 22:19:57 GMT
server: cloudflare
etag: "5cad1a8d-4ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Apr 2020 22:26:48 GMT

GET
H2 200 common.bundle.880980e048a2432334f13013030456ac.js Show response
c.disquscdn.com/next/embed/ 243 KB
81 KB 84ms
22ms Script
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.880980e048a2432334f13013030456ac.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e0dc39f19e2f5c035766778759fd1d349c90208c66607b506aad592fbebac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4c52772698719700-FRA
status: 200
vary: Accept-Encoding
content-length: 82966
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2019 20:05:06 GMT
server: cloudflare
cache-control: max-age=31536000, public, immutable, no-transform
etag: "5c8027f2-14416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
fastly-debug-digest: 9f0f94a9a6d4fa3232045c3cdd41cb592a1cd147b02c9c277c0ab251cd4d2db3
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Mar 2020 21:34:00 GMT

GET
H2 200 lounge.bundle.98707fed95924bce08af95208637b782.js Show response
c.disquscdn.com/next/embed/ 392 KB
101 KB 75ms
13ms Script
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.98707fed95924bce08af95208637b782.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

165fec68df0dbc8a5a187c806b5d7de0b9177e0dc5fe6c91b1bcb46bae2156d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4c52772698729700-FRA
status: 200
vary: Accept-Encoding
content-length: 103129
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Apr 2019 22:19:57 GMT
server: cloudflare
etag: "5cad1a8d-192d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Apr 2020 22:26:48 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 6 KB
3 KB 44ms
7ms Script
application/javascript 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

7851829e0ef2f6371a5cf853198d9b543ce7ba0f00043c8188a5faf34091c952

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 31
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 2689
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET
H2 200 xiaomi-url-spoofing-w-ssl-vulnerability.html Show response
www.andmp.com/2019/04/ 494 B
423 B 234ms
234ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html?action=backlinks&widgetId=Blog1&widgetType=Blog&responseType=js&postID=6446694991792293381&xssi_token=AOuZoY7l1D7tXXlo-OWMX-rDja1_pZh1HA%3A1554807203057

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/513541589-widgets.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

2fbf428aedf80bcc2179df32c51ec0a623a9d04e7b342367c5e203580f68957b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html?action=backlinks&widgetId=Blog1&widgetType=Blog&responseType=js&postID=6446694991792293381&xssi_token=AOuZoY7l1D7tXXlo-OWMX-rDja1_pZh1HA%3A1554807203057
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.andmp.com
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:scheme: https
:method: GET
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: GSE
etag: "c7f4e535-3699-4cfa-b38c-1839ce6e6c33"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=0
content-length: 301
x-xss-protection: 1; mode=block
expires: Wed, 10 Apr 2019 05:54:19 GMT

GET
H2 200 u5OdvnzrJNM
www.youtube.com/embed/ Frame 0FE3 0
0 159ms
132ms Document
text/html 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/u5OdvnzrJNM?feature=player_embedded

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/u5OdvnzrJNM?feature=player_embedded
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: VISITOR_INFO1_LIVE=wK4AINaue4o; YSC=GU34GcA-CA4; PREF=f1=50000000; GPS=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 EST
x-content-type-options: nosniff
content-encoding: br
strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2019 05:54:19 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 blog-post-reactions.g
www.blogger.com/ Frame 6D29 0
0 199ms
187ms Document
text/html 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/blog-post-reactions.g?options=%5Bfunny,+interesting,+cool,+tech,+darknet,+tor%5D&textColor=%23000000

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /blog-post-reactions.g?options=%5Bfunny,+interesting,+cool,+tech,+darknet,+tor%5D&textColor=%23000000
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
expires: Wed, 10 Apr 2019 05:54:19 GMT
date: Wed, 10 Apr 2019 05:54:19 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 902
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET comment-iframe.g
www.blogger.com/ Frame D44E 0
0

GET
H2 200 default Show response
www.andmp.com/feeds/posts/ 1 MB
165 KB 676ms
676ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default?alt=json-in-script&callback=jQuery111006781917845864032_1554875658417&_=1554875658418

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

ee6c442300e6c297073c699c7d30decf48b89a972bc406f57cae0a1e4ecefa05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default?alt=json-in-script&callback=jQuery111006781917845864032_1554875658417&_=1554875658418
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"28696bdfa227cb1c37719eb7ec6922b36b75de4048b603f9e4c6c8dd794b9fb8"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 168832
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2

200

comment-iframe.g
www.blogger.com/ Frame C917
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8166728817383736132%26postID%3D6446694991792293381%26blogspotRpcToken%3D5901537%26bpli%3D1&follow...
https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537&bpli=1

0
0

168ms
168ms

Document
text/html

2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537&bpli=1

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: NID=181=JgvEx3fvsKFwzVfz2LzqY0MHvMctP194YDJNopcj-XV79dzf4RerY1ovm55R4FCrP2--RM6rsOLQFX6lQ5Z0K1F4-DHOQj00Z9q1wlMN9jDE2p5CJn8GWh7AMbFUqQ0LuxJtA8atlhWMTyv5yu62ikosU-UQXZlC6rbekHkUs3k
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1956
server: GSE
set-cookie: S=blogger=Q5o8F98VemOvTPoJsaIaYC0cfe1q6KaC; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 10 Apr 2019 05:54:20 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-nKVpAwCnDtGz6kXiBz/pdw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 258
server: GSE
set-cookie: GAPS=1:K7j8Uks__YR8Wzl0VT3bD3h7Mhg30A:95cGsGRboFox0y0i;Path=/;Expires=Fri, 09-Apr-2021 05:54:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 bypassing-cve-2019-10875-or-xiaomis.html Show response
www.andmp.com/2019/04/ 597 KB
72 KB 1205ms
1204ms XHR
text/html 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/2019/04/bypassing-cve-2019-10875-or-xiaomis.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

7e28e5e5fc851abbe93e124226832a48fc6448da8b5f02afce7790a0ac874771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /2019/04/bypassing-cve-2019-10875-or-xiaomis.html
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: GSE
etag: W/"f1d9a44ea556e66c26e0cc068c79bf8413dae20f5420b4ea5387aec166dec2a3"
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, max-age=0
content-length: 73942
x-xss-protection: 1; mode=block
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 the-case-of-unusual-10k-worth-content-based-sqli-bug.html Show response
www.andmp.com/2019/03/ 611 KB
76 KB 1195ms
1194ms XHR
text/html 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/2019/03/the-case-of-unusual-10k-worth-content-based-sqli-bug.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

59d5bf9066d0b14d51017532502427d198a1a8a6197a61bb37d9e74705ddec46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /2019/03/the-case-of-unusual-10k-worth-content-based-sqli-bug.html
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: GSE
etag: W/"f1d9a44ea556e66c26e0cc068c79bf8413dae20f5420b4ea5387aec166dec2a3"
content-type: text/html; charset=UTF-8
status: 200
cache-control: private, max-age=0
content-length: 77127
x-xss-protection: 1; mode=block
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 xiaomi%20security%20issue Show response
www.andmp.com/feeds/posts/default/-/ 54 KB
12 KB 306ms
306ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default/-/xiaomi%20security%20issue?alt=json-in-script&max-results=3&callback=jQuery111006781917845864032_1554875658419&_=1554875658420

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

e3f58608b7677387563d0e6cf4684d9dc205e6046d4c93dd700f3bbe7985f78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/xiaomi%20security%20issue?alt=json-in-script&max-results=3&callback=jQuery111006781917845864032_1554875658419&_=1554875658420
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"f2f3b0c2d91782bfd02ad4393019d424819bb0b7d77e027fca036f6a10a993e0"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 11932
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 _ate.track.config_resp Show response
m.addthisedge.com/live/boost/ra-54a3a64d1b0fbe97/ 2 KB
794 B 97ms
29ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthisedge.com/live/boost/ra-54a3a64d1b0fbe97/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 5cf61ada82cef4e30f5b9f528f099699bb5de10e1f13e7c9cfb547e282785962

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
surrogate-key: ra-54a3a64d1b0fbe97
server: Jetty(9.4.8.v20180619)
etag: 801095762--gzip
vary: Accept-Encoding
cache-tag: ra-54a3a64d1b0fbe97
status: 200
cache-control: public, max-age=22, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 549

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 7A92 0
0 12ms
10ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.andmp.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Accept-Encoding: gzip, deflate, br
Cookie: personalization_id="v1_Uy2pdWGXDj4JOKfvisHZQw=="; guest_id=v1%3A155487565876238350
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 10 Apr 2019 05:54:19 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4185)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js Show response
platform.twitter.com/js/ 24 KB
8 KB 23ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/4186)
Etag: "da3e8002f83d92efe615008a56f12f48+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7925

GET
H/1.1 200
OK timeline.4c6ab682148a0366f9efb1647a3f4799.js Show response
platform.twitter.com/js/ 39 KB
12 KB 30ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4c6ab682148a0366f9efb1647a3f4799.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A1) /
Resource Hash: 68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:16 GMT
Server: ECS (fcn/41A1)
Etag: "0b75ea6c252ef45cd6d3a2e31473d9d5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 11574

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 0A84 0
0 160ms
159ms Document
text/html 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=sigma2&t_u=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&t_d=%0AXiaomi%20URL%20spoofing%20w%2F%20SSL%20vulnerability%20or%2C%20CVE-2019-10875%20-%20Was%20it%20intentionally%20kept%20in%20the%20global%20versions%20by%20Xiaomi%3F%0A&t_t=%0AXiaomi%20URL%20spoofing%20w%2F%20SSL%20vulnerability%20or%2C%20CVE-2019-10875%20-%20Was%20it%20intentionally%20kept%20in%20the%20global%20versions%20by%20Xiaomi%3F%0A&s_o=default&d_m=2

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 05 Apr 2019 10:16:51 GMT
ETag: W/"lounge:view:7338955376.341f0b5ba7b715b2748f3fea79b530d1.2"
Content-Encoding: gzip
Content-Length: 2675
Date: Wed, 10 Apr 2019 05:54:19 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C78D 0
0 134ms
132ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=280&slotname=3414531176&adk=1755021884&adf=2823518132&w=340&fwr_io=true&fwrn=4&fwrnh=100&lmt=1554795510&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=340x280&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=799&fdt=474&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280%2C340x174&nras=1&correlator=2279081437435&pv_h_ch=L0001&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=44695724&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=1426&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=1448500390&ifi=4&uci=4.svjzfaav5jb0&fsb=1&xpc=3uEGeCQzay&p=https%3A//www.andmp.com&dtd=481

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2E7ZrrxOECFYWgewodKKQNBw&gqi=C4WtXJebIMKE-gah7aXIAQ&layout=/sadbundle/%24csp%253Der3%24/5915996332673468427/3flieger.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&h=280&slotname=3414531176&adk=1755021884&adf=2823518132&w=340&fwr_io=true&fwrn=4&fwrnh=100&lmt=1554795510&rafmt=1&npa=1&guci=1.2.0.0.2.1.0.0&format=340x280&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&fwrattr=true&resp_fmts=3&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=799&fdt=474&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280%2C340x174&nras=1&correlator=2279081437435&pv_h_ch=L0001&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=44695724&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=1426&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=1448500390&ifi=4&uci=4.svjzfaav5jb0&fsb=1&xpc=3uEGeCQzay&p=https%3A//www.andmp.com&dtd=481
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlVrn8ZihC0fybwzi3mRPQCcS_EUAfKCaGqFyO9MQymU3twfKZ2mQBYQ71o; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5915996332673468427/3flieger.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2E7ZrrxOECFYWgewodKKQNBw&gqi=C4WtXJebIMKE-gah7aXIAQ&layout=/sadbundle/%24csp%253Der3%24/5915996332673468427/3flieger.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:19 GMT
server: cafe
content-length: 30641
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C3BF 0
0 133ms
132ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3125404910654624&output=html&h=174&slotname=9827705670&adk=382236608&adf=61049850&w=340&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=340x174&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=798&fdt=489&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280%2C340x174%2C340x280&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=44695724&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=2775&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=542056428&ifi=5&uci=5.nh1xamvy2zad&fsb=1&xpc=GNcbiOSjb4&p=https%3A//www.andmp.com&dtd=492

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190403/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3125404910654624&output=html&h=174&slotname=9827705670&adk=382236608&adf=61049850&w=340&lmt=1554795510&rafmt=11&npa=1&guci=1.2.0.0.2.1.0.0&format=340x174&url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&flash=0&wgl=1&adsid=NT&dt=1554875659032&bpp=8&bdt=798&fdt=489&idt=-M&shv=r20190403&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C730x179%2C1170x272%2C340x280%2C340x174%2C340x280&nras=1&correlator=2279081437435&frm=20&pv=1&ga_vid=217237609.1554875658&ga_sid=1554875658&ga_hid=532318322&ga_fc=0&iag=0&icsg=44695724&dssz=30&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=2775&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=542056428&ifi=5&uci=5.nh1xamvy2zad&fsb=1&xpc=GNcbiOSjb4&p=https%3A//www.andmp.com&dtd=492
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlVrn8ZihC0fybwzi3mRPQCcS_EUAfKCaGqFyO9MQymU3twfKZ2mQBYQ71o; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 10 Apr 2019 05:54:19 GMT
server: cafe
content-length: 23504
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 b16-rounded.gif
img1.blogblog.com/img/ 148 B
239 B 7ms
7ms Image
image/gif 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/b16-rounded.gif

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a18a4d2cfad8006b61b07535b28af563cb1da85adbeda9c63477aefa4ef513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 05 Apr 2019 20:54:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Apr 2019 19:21:14 GMT
server: sffe
age: 378008
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 148
x-xss-protection: 0
expires: Fri, 12 Apr 2019 20:54:11 GMT

GET
H2 200 photo.jpg
lh6.googleusercontent.com/-YQkDoGFKcuE/AAAAAAAAAAI/AAAAAAAAAGg/-fsw7r8QZXU/s512-c/ 18 KB
18 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-YQkDoGFKcuE/AAAAAAAAAAI/AAAAAAAAAGg/-fsw7r8QZXU/s512-c/photo.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

30e038ad0605fb8bd3a3889d85bd8364106a9e2c4a3cfee404d1cba98e7d14bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename=""
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 18653
x-xss-protection: 0
server: fife
etag: "v68"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Apr 2019 19:11:18 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/0m3V1UMIuGk/ 4 KB
4 KB 65ms
24ms Image
image/jpeg 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0m3V1UMIuGk/mqdefault.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d40b74de63a344ba5fb543da4e42a702b53e368396e3266a9701b2d01731b8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: https://imasdk.googleapis.com
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4359
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:59:19 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/5QeZXwoqJGU/ 2 KB
3 KB 56ms
15ms Image
image/jpeg 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/5QeZXwoqJGU/mqdefault.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3552e00fe354de0ca1e3b5bf20ade0f74b8a93031d85c2ea8b217a99637dd69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: https://imasdk.googleapis.com
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2488
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:59:19 GMT

GET
H2 200 images.png
1.bp.blogspot.com/-x_noGuRTP_I/XKELjzPakmI/AAAAAAAABZg/I7HOGiM3OCYXSbX2Lqw92Ax1_exw9kF6gCLcBGAs/s320/ 5 KB
5 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-x_noGuRTP_I/XKELjzPakmI/AAAAAAAABZg/I7HOGiM3OCYXSbX2Lqw92Ax1_exw9kF6gCLcBGAs/s320/images.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

44cccf74a7b0079dbfd0aeae8acad13418ed59475ce5b525118bc3d97b21a019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:58 GMT
x-content-type-options: nosniff
age: 3501
status: 200
content-disposition: inline;filename="images.png"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 5369
x-xss-protection: 0
server: fife
etag: "v59c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 09 Apr 2019 10:10:24 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/d5LjoitHkIY/ 6 KB
6 KB 47ms
6ms Image
image/jpeg 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/d5LjoitHkIY/mqdefault.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6735dbcba6203f0145f4592ab0ef00efbedd0b95bb43ff1e240c3889b1343d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:59 GMT
x-content-type-options: nosniff
server: sffe
age: 3500
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: https://imasdk.googleapis.com
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 6069
x-xss-protection: 0
expires: Wed, 10 Apr 2019 06:55:59 GMT

GET
H2

401

CVa7nTmy.png:small
ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/
Redirect Chain

https://ton.twitter.com/1.1/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small
https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small

0
23 B

139ms
135ms

Image
text/plain

199.16.156.122
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.122 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 7
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
server: tsa_b
strict-transport-security: max-age=631138519
status: 401
cache-control: no-cache
x-connection-hash: cb24b2a6e25941a8a3938d8e0f4555f7
content-length: 0

Redirect headers

x-response-time: 7
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
server: tsa_b
location: https://ton.twitter.com/i/ton/data/dm/1114183069240414214/1114183031009341441/CVa7nTmy.png:small
strict-transport-security: max-age=631138519
status: 302
cache-control: no-cache
x-connection-hash: cb24b2a6e25941a8a3938d8e0f4555f7
content-length: 0

GET
H2 200 images%2B%25283%2529.jpeg
1.bp.blogspot.com/-HmX1QTn-eJk/XKEJmkHparI/AAAAAAAABZY/1KgyJ2sbjhM-rPDD2Scc3eJiogsMvuBGACEwYBhgL/s320/ 19 KB
19 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-HmX1QTn-eJk/XKEJmkHparI/AAAAAAAABZY/1KgyJ2sbjhM-rPDD2Scc3eJiogsMvuBGACEwYBhgL/s320/images%2B%25283%2529.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

86ab0dad6aa381b06281727ac59719837e461c440111c7d13a3e60b06a54a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:58 GMT
x-content-type-options: nosniff
age: 3501
status: 200
content-disposition: inline;filename="images (3).jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 19315
x-xss-protection: 0
server: fife
etag: "v596"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Apr 2019 19:01:01 GMT

GET
H2 200 1*VPKKHkJihwBU5EGmiCO87Q.jpeg
cdn-images-1.medium.com/max/958/ 38 KB
38 KB 85ms
22ms Image
image/jpeg 2606:4700::6810:7591
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/958/1*VPKKHkJihwBU5EGmiCO87Q.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

db4cf42951cdff9c7100b755f6963250d20ab15b2e2696f2d1cac220bd5b4110

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3192-d9ea9bb
status: 200
vary: Accept-Encoding
content-length: 38838
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4c527728a8a6640f-FRA
expires: Fri, 10 May 2019 05:54:19 GMT

GET
H2 200 1*FnYAmegCjYie3tJD31dW7A.jpeg
cdn-images-1.medium.com/max/958/ 60 KB
60 KB 84ms
22ms Image
image/jpeg 2606:4700::6810:7591
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/958/1*FnYAmegCjYie3tJD31dW7A.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

7350a2f8630e145ba32c9fe465d389aaa1d81f54068dfd4ecd951f9d0935e951

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3192-d9ea9bb
status: 200
vary: Accept-Encoding
content-length: 61780
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4c527728a8ab640f-FRA
expires: Fri, 10 May 2019 05:54:19 GMT

GET
H2 200 1*2V5EtNmYL9dLuWzzE5Pahg.jpeg
cdn-images-1.medium.com/max/958/ 31 KB
31 KB 84ms
22ms Image
image/jpeg 2606:4700::6810:7591
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/958/1*2V5EtNmYL9dLuWzzE5Pahg.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

e56775b57356738c4c8f6e7fc6c35e5dc1dc142f26d0f9e7644ef11411f9340c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3192-d9ea9bb
status: 200
vary: Accept-Encoding
content-length: 31383
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4c527728a8ad640f-FRA
expires: Fri, 10 May 2019 05:54:19 GMT

GET
H2 200 1*i3SoADa-WPpR624Nr9BPyA.jpeg
cdn-images-1.medium.com/max/958/ 29 KB
30 KB 83ms
21ms Image
image/jpeg 2606:4700::6810:7591
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/958/1*i3SoADa-WPpR624Nr9BPyA.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

658b94cb598ae1c811b7fc679c47b849f628477437f4d746717b5ba49e7e8fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3192-d9ea9bb
status: 200
vary: Accept-Encoding
content-length: 30181
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4c527728a8ac640f-FRA
expires: Fri, 10 May 2019 05:54:19 GMT

GET
H2 200 1*OM8Cx-NTdPsFxkGJgMcqxQ.jpeg
cdn-images-1.medium.com/max/958/ 35 KB
36 KB 78ms
16ms Image
image/jpeg 2606:4700::6810:7591
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/958/1*OM8Cx-NTdPsFxkGJgMcqxQ.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

543c295a9d0fc471b30662d027360ccf7a893283b8dfbc47f030a7d8592a4aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3190-7966abc
status: 200
vary: Accept-Encoding
content-length: 35993
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4c527728a8a8640f-FRA
expires: Fri, 10 May 2019 05:54:19 GMT

GET
H2 200 1*cp_Noolq5VnWPNf3NqgNGg.jpeg
cdn-images-1.medium.com/max/958/ 73 KB
73 KB 83ms
22ms Image
image/jpeg 2606:4700::6810:7591
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/958/1*cp_Noolq5VnWPNf3NqgNGg.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7591 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Geomyidae artificij

Resource Hash

0146051af30172d280ba70ca97567c325fe0d9a47f8cef9f6804d7a5cee18b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Geomyidae artificij
x-obvious-info: 16.3, 3192-d9ea9bb
status: 200
vary: Accept-Encoding
content-length: 74979
pragma: public
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 4c527728a8aa640f-FRA
expires: Fri, 10 May 2019 05:54:19 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 140 KB
13 KB 280ms
246ms Script
application/javascript 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_payloadartist_old&dnt=false&domain=www.andmp.com&lang=en&screen_name=payloadartist&suppress_response_codes=true&t=1727639&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_o /

Resource Hash

dd1994f0f67c481db4eb23921803309981b34b98b68ae273bd605acf030ce74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 12956
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 236
last-modified: Wed, 10 Apr 2019 05:54:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 7124ddb33c6d4e33962668ac9120e328
timing-allow-origin: *
x-transaction: 009dded800780478
expires: Wed, 10 Apr 2019 05:59:19 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
124 B 131ms
131ms Image
image/gif 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1554875659599%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 110
pragma: no-cache
last-modified: Wed, 10 Apr 2019 05:54:19 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 64431b245c767ed408cfbd1bdca95960
x-transaction: 0042cfe50030ca28
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 layers.7745e3f0a0a2fc3494ea.js Show response
s7.addthis.com/static/ 261 KB
74 KB 39ms
38ms Script
application/javascript 2.23.104.167
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/static/layers.7745e3f0a0a2fc3494ea.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.23.104.167 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-23-104-167.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 25af11b16e392c694ab93c7cf061f6173c62f37e6653cfea1420e9bf123d08ae

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
content-encoding: gzip
last-modified: Thu, 28 Feb 2019 14:32:50 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 4B8C 0
0 36ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7e2dd4cb133b511719168aca7192de46&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Wed, 08 Apr 2020 18:44:31 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 97LcBZyxi48/QCsUl4hGGU/KEsfiR7xNIibWMexj4NvPiuKy1UMgTQ8Z8pK2RLJxIGXAs4cxwg7lzRTNOjqnbA==
content-length: 10983
date: Wed, 10 Apr 2019 05:54:19 GMT

GET
H2 200 / Show response
graph.facebook.com/ 615 B
542 B 140ms
114ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&callback=_ate.cbs.rcb_7i4i0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e55a4049d343ca57d86c8a2ef842a418033dc6fc157551b7c72e76cb7d78e5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Wed, 10 Apr 2019 05:54:19 GMT
x-fb-rev: 1000587013
content-length: 353
pragma: no-cache
x-fb-debug: QQPxXuIwp1dJ30ZLuhCo1wVRihB/6xEyFwSc3Met3T8jyHfQH/SwIrgD8QS25hSg6afgDQvpitHwFlswDWmFNA==
x-fb-trace-id: ACHhDUpXkfj
etag: "6306357b26487635dc7b5d284d5f04c4e424f277"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AoxMLDUZEQ_BObZSyUAk_-j
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
301 B 189ms
153ms Script
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&callback=_ate.cbs.rcb_cbgj0
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f0a0ed059a9b91f2bd774eed011786aae9525dd564be95918abcc905dfeec4f

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
surrogate-key: www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
last-modified: Wed, 10 Apr 2019 05:54:20 GMT
vary: Accept-Encoding
x-varnish: 3505267921
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges: bytes
content-type: application/json
content-length: 53

GET
H2 200 / Show response
graph.facebook.com/ 182 B
572 B 138ms
114ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&callback=_ate.cbs.rcb_ywo0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

97eb68058369b9725d473325a3423a97fc9085c2c47c1208a60274144daa2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Wed, 10 Apr 2019 05:54:19 GMT
x-fb-rev: 1000587013
content-length: 128
pragma: no-cache
x-fb-debug: 4r09SVLnlO3lntuiA/2kPoY4AcX7FNIKbO3fBF8S9L2ytvv8gCIdX6VqCTGtgBTfaEwPgJFuXPeX3/0pw1nCMA==
x-fb-trace-id: Ci1Qd7iXU2V
etag: "64699697fd4732bbf6834cf72c82c30d05a46efc"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AKh4e8YoJt5x2v-TcO4Dw5V
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
302 B 194ms
159ms Script
application/json 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&callback=_ate.cbs.rcb_85un0
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.44 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ab1218d56bbf3dd5fe0f39f905ed9feeab0a295dbaf32ec5ef3b98cfc5b29f6

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
surrogate-key: www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
last-modified: Wed, 10 Apr 2019 05:54:20 GMT
vary: Accept-Encoding
x-varnish: 3505267927
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
accept-ranges: bytes
content-type: application/json
content-length: 53

GET
H2 200 1f525.png
abs.twimg.com/emoji/v2/72x72/ Frame 7029 928 B
1 KB 44ms
7ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f525.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
x-ton-expected-size: 928
x-cache: HIT
status: 200
content-length: 928
x-response-time: 149
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECS (fcn/40D1)
etag: "SGKFnTk7KmjONB+h88D/mw=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ff2c480b236901508d8ee9771418d795
accept-ranges: bytes
expires: Thu, 09 Apr 2020 05:54:19 GMT

GET
H2 200 1f447.png
abs.twimg.com/emoji/v2/72x72/ Frame 7029 467 B
612 B 44ms
8ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f447.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
x-ton-expected-size: 467
x-cache: HIT
status: 200
content-length: 467
x-response-time: 120
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:34 GMT
server: ECS (fcn/40E7)
etag: "BjsCV7rNDg+DxmKk6QZ/eA=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: a277595fa5479b974dbc4d860e536dfe
accept-ranges: bytes
expires: Thu, 09 Apr 2020 05:54:19 GMT

GET
H2 200 EnZtfRXO
pbs.twimg.com/card_img/1115511706216747008/ Frame 7029 74 KB
74 KB 18ms
8ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1115511706216747008/EnZtfRXO?format=jpg&name=600x314

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

5aabf92c6f199ac49f267c0e4515c03fb82633e286ea8a1a6e4cc4b0a492231f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 188
date: Wed, 10 Apr 2019 05:54:17 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/9 card_img/1115511706216747008
last-modified: Tue, 09 Apr 2019 07:06:10 GMT
server: ECS (fcn/419D)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f2ef5811f87e4712d7701464cce0f4ed
accept-ranges: bytes
content-length: 75862

GET
H2 200 5N2gEIWC
pbs.twimg.com/card_img/1113792498361487361/ Frame 7029 14 KB
14 KB 27ms
18ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1113792498361487361/5N2gEIWC?format=jpg&name=800x419

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

3e18017c08dcb5c0c9889350f0b67807c54eed56ac8a3f227fd00687e42bf7a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 148
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/6 card_img/1113792498361487361
last-modified: Thu, 04 Apr 2019 13:14:39 GMT
server: ECS (fcn/40D1)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 994e24503d4d6de84b41341d94d8c49b
accept-ranges: bytes
content-length: 14312

GET
H2 200 9bioQwwm
pbs.twimg.com/card_img/1114906951089934336/ Frame 7029 6 KB
6 KB 28ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1114906951089934336/9bioQwwm?format=jpg&name=144x144_2

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

6c9580786649870ea9172e1e3da0cc1d15986d4e2c435f585b4c35ae17399eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 154
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/8 card_img/1114906951089934336
last-modified: Sun, 07 Apr 2019 15:03:05 GMT
server: ECS (fcn/40E7)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c999dd33e0f11c00220550a9d91c91e5
accept-ranges: bytes
content-length: 5648

GET
H2 200 H-DKPxQi
pbs.twimg.com/card_img/1115439558135439361/ Frame 7029 9 KB
10 KB 28ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1115439558135439361/H-DKPxQi?format=jpg&name=600x314

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

11c3fcb6b5d0b5fb2739929f349feb47ed802a823e0660383ab7d402b79f8bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 152
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/5 card_img/1115439558135439361
last-modified: Tue, 09 Apr 2019 02:19:29 GMT
server: ECS (fcn/41A6)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4168b839bbf2642abe08c1c0b9f7fe7c
accept-ranges: bytes
content-length: 9682

GET
H2 200 nkZY-g85
pbs.twimg.com/card_img/1115308502090518528/ Frame 7029 6 KB
7 KB 9ms
9ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1115308502090518528/nkZY-g85?format=jpg&name=280x280

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40AD) /

Resource Hash

2fce4bfc987baa065a0290070297326956235e7e8200d7ac85db632f60373f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 171
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/0 card_img/1115308502090518528
last-modified: Mon, 08 Apr 2019 17:38:42 GMT
server: ECS (fcn/40AD)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a71a37e492a5f8df5008acd58a2b2597
accept-ranges: bytes
content-length: 6613

GET
H2 200 H6JDyJRm
pbs.twimg.com/card_img/1114891505259438080/ Frame 7029 12 KB
12 KB 10ms
9ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1114891505259438080/H6JDyJRm?format=jpg&name=280x280

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

1c2d565b8da05fa678e27fd1aba6e7820c5d8404d89635915e085803852cca6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 155
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/8 card_img/1114891505259438080
last-modified: Sun, 07 Apr 2019 14:01:43 GMT
server: ECS (fcn/40D9)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 80ee635d48b088f9ed4faf3107de9383
accept-ranges: bytes
content-length: 12010

GET
H/1.1 200
OK timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ Frame 7029 55 KB
13 KB 8ms
6ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: 7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:10 GMT
Server: ECS (fcn/41A4)
Etag: "db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12542

GET
H/1.1 200
OK timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 55 KB
55 KB 7ms
6ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 10 Apr 2019 05:54:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:10 GMT
Server: ECS (fcn/41A4)
Etag: "db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12542

GET
H2 200 WcOp5GQu_normal.jpg
pbs.twimg.com/profile_images/1094290400813010945/ Frame 7029 2 KB
2 KB 8ms
8ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1094290400813010945/WcOp5GQu_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

35ba411475783647a21c96fe5c113e7703d2689e0c5b74a472f2365ffd0605f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 133
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/2 profile_images/1094290400813010945
last-modified: Sat, 09 Feb 2019 17:40:17 GMT
server: ECS (fcn/40E6)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6a697efa10b05b612f4d34edf20896d5
accept-ranges: bytes
content-length: 1883

GET
H2 200 LVgdo9-9_normal.jpg
pbs.twimg.com/profile_images/1066385098487066625/ Frame 7029 2 KB
2 KB 11ms
10ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1066385098487066625/LVgdo9-9_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

d959bbb90d8ff01e3fa8bece35a41574ab7b51378b8268dcfb28bd0b9091935b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 142
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/6 profile_images/1066385098487066625
last-modified: Sat, 24 Nov 2018 17:34:34 GMT
server: ECS (fcn/418C)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6febbc5132da780ee3b2297bd888e714
accept-ranges: bytes
content-length: 1883

GET
H2 200 Md9lc3Ob_normal.jpg
pbs.twimg.com/profile_images/1110642662384627712/ Frame 7029 2 KB
2 KB 9ms
9ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1110642662384627712/Md9lc3Ob_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

a80fcbfd7e907d474d06e96210f99fe9c2bbdbe6df51134d1753f91057dc8da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 152
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/7 profile_images/1110642662384627712
last-modified: Tue, 26 Mar 2019 20:38:20 GMT
server: ECS (fcn/4191)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e2b0ec54fcfd3f886046ecc299515850
accept-ranges: bytes
content-length: 2035

GET
H2 200 is5mSep2_normal.png
pbs.twimg.com/profile_images/542789702365892608/ Frame 7029 3 KB
3 KB 9ms
9ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/542789702365892608/is5mSep2_normal.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

9ce05f444e82bdeaa45fcb475a4a01761d687fc8369b1f12af28ae8a869275d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
content-md5: dGcQsk1/K1fMP2XeO2mPhQ==
x-cache: HIT
status: 200
content-length: 3251
x-response-time: 130
surrogate-key: profile_images profile_images/bucket/7 profile_images/542789702365892608
last-modified: Wed, 10 Dec 2014 21:13:24 GMT
server: ECS (fcn/4199)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f30164e271babbab649c199c7081c11f
accept-ranges: bytes

GET
H2 200 aQltRN9T_normal.jpg
pbs.twimg.com/profile_images/1013436760859299847/ Frame 7029 2 KB
2 KB 9ms
8ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1013436760859299847/aQltRN9T_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

6201a273f1ad2f07c74fb1d286fd99f15eb73e3c2ae07245d0d7878b2800ff2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 139
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/4 profile_images/1013436760859299847
last-modified: Sun, 01 Jul 2018 14:56:47 GMT
server: ECS (fcn/40B2)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2b61b93ef0d074bdca5dc34de29c7a66
accept-ranges: bytes
content-length: 1883

GET
H2 200 ZyjzKRPW_normal.png
pbs.twimg.com/profile_images/459353510090260480/ Frame 7029 4 KB
4 KB 9ms
8ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/459353510090260480/ZyjzKRPW_normal.png

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

f3b168c0a350aa2911b7425a02e33deff55fb50d18316ce29785767f48ebea1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
content-md5: +t+RJQUItt00zOFrK0BXFQ==
x-cache: HIT
status: 200
content-length: 4011
x-response-time: 252
surrogate-key: profile_images profile_images/bucket/8 profile_images/459353510090260480
last-modified: Thu, 24 Apr 2014 15:27:45 GMT
server: ECS (fcn/40F7)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bb387294e1b4f815d36f062fe10530c7
accept-ranges: bytes

GET
H2 200 his46HdJ_normal.jpg
pbs.twimg.com/profile_images/1064054647457931264/ Frame 7029 2 KB
2 KB 10ms
9ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1064054647457931264/his46HdJ_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

b686220160cd1962ce8bf47ec6e955115e4e1773c2f0c3ba9f7554bf4bbb08ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 134
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/2 profile_images/1064054647457931264
last-modified: Sun, 18 Nov 2018 07:14:11 GMT
server: ECS (fcn/4199)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 974d1b0ae849d428d31a73e380002ccf
accept-ranges: bytes
content-length: 2035

GET
H2 200 dIaU5qfc_normal.jpg
pbs.twimg.com/profile_images/737415890594082816/ Frame 7029 2 KB
2 KB 11ms
10ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/737415890594082816/dIaU5qfc_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EB) /

Resource Hash

8d66220c5879ddba7af1b4d72f0431d97d7da85a81422454d2d53fdb64da676b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
content-md5: AjqLgtJPtBYeFKetFIqwLg==
x-cache: HIT
status: 200
content-length: 2187
x-response-time: 146
surrogate-key: profile_images profile_images/bucket/3 profile_images/737415890594082816
last-modified: Mon, 30 May 2016 22:48:23 GMT
server: ECS (fcn/40EB)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4a9452187e58626287c679e68b60378f
accept-ranges: bytes

GET
H2 200 z79HkNvx_normal.jpg
pbs.twimg.com/profile_images/859140652617142272/ Frame 7029 2 KB
3 KB 8ms
8ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/859140652617142272/z79HkNvx_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FB) /

Resource Hash

12315352f6d2594b7d3ae10a3193401a5de760713a77b1bd1f843e940fb7f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
content-md5: DaLuEESseaptYE8JydEEdw==
x-cache: HIT
status: 200
content-length: 2491
x-response-time: 164
surrogate-key: profile_images profile_images/bucket/4 profile_images/859140652617142272
last-modified: Mon, 01 May 2017 20:19:08 GMT
server: ECS (fcn/40FB)
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 00ae8d9100ad13ad
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 6
x-connection-hash: 2eebad8dd65e7be85a653d466391faca
accept-ranges: bytes

GET
H2 200 Tz0v3uQq_normal.jpg
pbs.twimg.com/profile_images/1085491201736953857/ Frame 7029 2 KB
2 KB 10ms
10ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1085491201736953857/Tz0v3uQq_normal.jpg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

5b4b114d573175505ccc8062576a6f97dfeeebec37c8abe4e137dbf86d288eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 145
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/8 profile_images/1085491201736953857
last-modified: Wed, 16 Jan 2019 10:55:24 GMT
server: ECS (fcn/41AB)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c207a2ba69beb7df881abada44b553f
accept-ranges: bytes
content-length: 1959

GET
H2 200 5tvRetaF_normal.jpeg
pbs.twimg.com/profile_images/566666025383366656/ Frame 7029 2 KB
2 KB 9ms
9ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/566666025383366656/5tvRetaF_normal.jpeg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419C) /

Resource Hash

b5a5ac698eae70cc7c2b0183ee96e298f38cd18bbb553f4fc77fdd4bc28966c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
content-md5: m2UbvFgzXaiyK4wfii2Nag==
x-cache: HIT
status: 200
content-length: 1883
x-response-time: 305
surrogate-key: profile_images profile_images/bucket/2 profile_images/566666025383366656
last-modified: Sat, 14 Feb 2015 18:29:23 GMT
server: ECS (fcn/419C)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bd64a874444f36fe81eeec86857d283b
accept-ranges: bytes

GET
H2 200 D3u2ugzWAAA_rGN
pbs.twimg.com/media/ Frame 7029 27 KB
27 KB 1240ms
1240ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D3u2ugzWAAA_rGN?format=jpg&name=360x360

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

1f0c5df6fb7d8c023f66088c13b233d32237469de67c6889ec2af6a8e4a17c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 157
date: Wed, 10 Apr 2019 05:54:21 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/6 media/1115686242899853312
last-modified: Tue, 09 Apr 2019 18:39:43 GMT
server: ECS (fcn/41AF)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba2e7fe56326e5fc33d70f2fceeff07c
accept-ranges: bytes
content-length: 27167

GET
H2 200 D3uipMYW0AAZdXC
pbs.twimg.com/media/ Frame 7029 24 KB
24 KB 24ms
24ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D3uipMYW0AAZdXC?format=jpg&name=360x360

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

3fc716afa3c5856e4b28ce5720fb1721e1b7abcd1174343fe2955fbb07b98e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 183
date: Wed, 10 Apr 2019 05:54:15 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/1 media/1115664161286049792
last-modified: Tue, 09 Apr 2019 17:11:58 GMT
server: ECS (fcn/419E)
access-control-allow-origin: *
x-cache: MISS
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a94856ddc3810aac59c3779f18923d71
accept-ranges: bytes
content-length: 24508

GET
H2 200 D3o4jheXsAAKgK4
pbs.twimg.com/media/ Frame 7029 6 KB
6 KB 10ms
9ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D3o4jheXsAAKgK4?format=jpg&name=360x360

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4192) /

Resource Hash

1175889407ac4ba82bf909fdc25e6a4ddc68f014fb62e3ff59b1f7432d4c0edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 155
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/3 media/1115266040659947520
last-modified: Mon, 08 Apr 2019 14:49:59 GMT
server: ECS (fcn/4192)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec0dd0f3808fd77303a0d0dff7ef5cae
accept-ranges: bytes
content-length: 6183

GET
H2 200 D2lWYhhWoAAGDbt
pbs.twimg.com/media/ Frame 7029 14 KB
14 KB 12ms
11ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D2lWYhhWoAAGDbt?format=jpg&name=360x360

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

1c4b0eb4b8292247b34d485ab44a19ed3a2c78d9abf57eb606b23a97fbcd0870

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 162
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/3 media/1110513762438651904
last-modified: Tue, 26 Mar 2019 12:06:07 GMT
server: ECS (fcn/41D8)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7eb916f669d8127bf685f4ac22db4648
accept-ranges: bytes
content-length: 14361

GET
H2 200 D3fWRwVX4AEw5eC
pbs.twimg.com/media/ Frame 7029 27 KB
27 KB 10ms
10ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D3fWRwVX4AEw5eC?format=jpg&name=360x360

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D0) /

Resource Hash

adeefcc9a5cf117c662d02acc710a53c2e80eafc2b09c9122ff2fc94cd7ba7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 165
date: Wed, 10 Apr 2019 05:54:19 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/5 media/1114595033318154241
last-modified: Sat, 06 Apr 2019 18:23:38 GMT
server: ECS (fcn/40D0)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 382fde20c137c311a7c48bbbfaa17bad
accept-ranges: bytes
content-length: 27265

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 7029 44 KB
7 KB 80ms
7ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6944
x-response-time: 119
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 0031078900ced605
perf: 6
x-connection-hash: 88a89c52793540537155b590f8d5726c
accept-ranges: bytes
expires: Wed, 17 Apr 2019 05:54:20 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 55ms
7ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 45170
x-cache: HIT
status: 200
content-length: 6944
x-response-time: 119
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 0031078900ced605
perf: 6
x-connection-hash: 88a89c52793540537155b590f8d5726c
accept-ranges: bytes
expires: Wed, 17 Apr 2019 05:54:20 GMT

GET
DATA 200
OK truncated
/ Frame 7029 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7029 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7029 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7029 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7029 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7029 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7029 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 12ms
11ms Script
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: sigma2.disqus.com
URL: https://sigma2.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4c52772b68729700-FRA
status: 200
vary: Accept-Encoding
content-length: 6605
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Oct 2018 22:50:54 GMT
server: cloudflare
cache-control: max-age=31536000, public, immutable, no-transform
etag: "5bb547ce-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
fastly-debug-digest: baac760ca1e6f62ea6380d62d4f07b5dfbb97755c19df0448623d4ede950e2e4
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2019 00:14:16 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 240 B
861 B 137ms
52ms XHR
text/javascript 151.101.120.64
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&subId=526051&v=1&jsonp=vglnk_jsonp_15548756601040
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.64 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a4601f96adb9145615b927a936ce95ee08112f24e77a8d407c27082804bfd8f3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
Origin: https://www.andmp.com

Response headers

Pragma: no-cache
Date: Wed, 10 Apr 2019 05:54:20 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.andmp.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 240
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame 7029 829 B
566 B 7ms
6ms Image
image/svg+xml 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: www.andmp.com
URL: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 829
x-cache: HIT
status: 200
content-length: 395
x-response-time: 112
surrogate-key: tfw
last-modified: Fri, 25 Jan 2019 15:01:44 GMT
server: ECS (fcn/41AC)
etag: "CTUg6L9PuY+d9h5xpE0zmw=="
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://twitter.com
x-connection-hash: c9dd90129697ab628f6ccb467aebdb61
accept-ranges: bytes
expires: Wed, 17 Apr 2019 05:54:21 GMT

GET
H2 200 368954415-lightbox_bundle.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/513541589-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 05:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Mar 2019 17:25:05 GMT
server: sffe
age: 2768052
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 6541
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 05:00:08 GMT

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame B1CF
Redirect Chain

https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dw...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.and...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.and...

0
0

147ms
147ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7e2dd4cb133b511719168aca7192de46&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: jew/KEdZGykS7ELmkMarUCxNnmN7WME+zMkPlqGXKBk7Nntqe5AlZuq17dq2fsBzAJ3mHZS7J6FP3dh0U/9J0g==
date: Wed, 10 Apr 2019 05:54:20 GMT

Redirect headers

status: 302
strict-transport-security: max-age=15552000; preload
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df29b2b2c642becc%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=https%3A%2F%2Fwww.andmp.com%2F2019%2F04%2Fxiaomi-url-spoofing-w-ssl-vulnerability.html&locale=en_US&numposts=5&sdk=joey&version=v2.0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
access-control-allow-credentials: true
vary: Origin
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
x-fb-debug: AYjdDMenYUms653otthxQKJFhf2zd5RTCrfT7f7BrBmdx1y6AvM6vnsoErZsD2vKT4O7KbjKTdFXrW2//UxOfw==
content-length: 0
date: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 page.php
www.facebook.com/v2.0/plugins/ Frame A1E0 0
0 118ms
117ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df1387a2e046fd28%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&container_width=340&height=230&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=340

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7e2dd4cb133b511719168aca7192de46&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df1387a2e046fd28%26domain%3Dwww.andmp.com%26origin%3Dhttps%253A%252F%252Fwww.andmp.com%252Ff210196bf22259c%26relation%3Dparent.parent&container_width=340&height=230&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F&locale=en_US&sdk=joey&show_facepile=false&show_posts=false&width=340
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version: v2.8
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 9jZRQrxxwcAksgfNfh5buID8VK3FXAoV7fk9C6+2n7rWSLFcSeWmqQaaLXs4OsuuBXOqjXrQPbI83ijchoeffQ==
date: Wed, 10 Apr 2019 05:54:20 GMT

GET
H2 200 2587430734-lbx__en_gb.js Show response
www.blogger.com/static/v1/jsbin/ 348 KB
112 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80b::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2587430734-lbx__en_gb.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/513541589-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

834aa6a6b86a1bfbdc59321d9fdb20a2234ecb6c66db754ac43bf1d4f10e1819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Mar 2019 23:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 22:16:00 GMT
server: sffe
age: 1318497
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 114841
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 23:39:23 GMT

GET
H2 200 default Show response
www.andmp.com/feeds/posts/ 19 KB
6 KB 203ms
203ms XHR
text/javascript 2a00:1450:4001:81b::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.andmp.com/feeds/posts/default?alt=json-in-script&start-index=9&max-results=1&callback=jQuery111006781917845864032_1554875658417&_=1554875658421

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81b::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

b56e68fe4108f404b32cb5d9061ef03463be056fdf8b8d968fe871591c803194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default?alt=json-in-script&start-index=9&max-results=1&callback=jQuery111006781917845864032_1554875658417&_=1554875658421
pragma: no-cache
cookie: __atuvc=1%7C15; __atuvs=5cad850ad1ff7e44000
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: www.andmp.com
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2019 07:38:30 GMT
server: blogger-renderd
etag: W/"cb3d6d502e5418142e7333b209873ae7f9503cfb850d53600519bdf5ba026f7b"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
content-length: 6326
x-xss-protection: 0
expires: Wed, 10 Apr 2019 05:54:21 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame B672
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DC) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Cookie: personalization_id="v1_Uy2pdWGXDj4JOKfvisHZQw=="; guest_id=v1%3A155487565876238350
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 10 Apr 2019 05:54:20 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DC)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 10 Apr 2019 05:54:20 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 10 Apr 2019 05:54:20 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 64431b245c767ed408cfbd1bdca95960
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 120
x-transaction: 000222f50056d9f4
x-tsa-request-body-time: 20
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 concepts-of-physics-part-1-hc-verma.jpg
4.bp.blogspot.com/-3X2WGjZ4JVw/VUw8FFSAZdI/AAAAAAAAAgY/bYR-fisOZo0/s72-c/ 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-3X2WGjZ4JVw/VUw8FFSAZdI/AAAAAAAAAgY/bYR-fisOZo0/s72-c/concepts-of-physics-part-1-hc-verma.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

3ead70671fef5f3389ee8f93c6d42deefe53338f4909ff721b729bf41055b0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:18 GMT
x-content-type-options: nosniff
age: 2
status: 200
content-disposition: inline;filename="concepts-of-physics-part-1-hc-verma.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3815
x-xss-protection: 0
server: fife
etag: "v207"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Apr 2019 19:01:01 GMT

GET
H2 200 oscp.jpg
1.bp.blogspot.com/-FTLos0HMkM4/W5EDIhLDP0I/AAAAAAAABKk/qlXQB3ddgs43C9QqmbIA-KqFK9eFWYbbQCLcBGAs/s72-c/ 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-FTLos0HMkM4/W5EDIhLDP0I/AAAAAAAABKk/qlXQB3ddgs43C9QqmbIA-KqFK9eFWYbbQCLcBGAs/s72-c/oscp.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bb895501e6ccae7e9600ac6bdbf0d0a7986c74a5cc37dc4d8e99235d20ec408b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 04:55:57 GMT
x-content-type-options: nosniff
age: 3503
status: 200
content-disposition: inline;filename="oscp.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4468
x-xss-protection: 0
server: fife
etag: "v4aa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Apr 2019 13:20:18 GMT

GET
H2 200 zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=s35
lh3.googleusercontent.com/ 2 KB
2 KB 23ms
5ms Image
image/png 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=s35

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 03:54:52 GMT
x-content-type-options: nosniff
age: 7168
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1766
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Apr 2019 03:54:52 GMT

GET
H2 200 photo.jpg
lh6.googleusercontent.com/-YQkDoGFKcuE/AAAAAAAAAAI/AAAAAAAAAGg/-fsw7r8QZXU/s35-c/ 1002 B
1 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/-YQkDoGFKcuE/AAAAAAAAAAI/AAAAAAAAAGg/-fsw7r8QZXU/s35-c/photo.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

a45370b62ab8703d77a29f9cefc8824af22ecabefcc106e29fd378cd67d66a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 05:54:20 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename=""
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1002
x-xss-protection: 0
server: fife
etag: "v68"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Apr 2019 19:11:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.blogger.com
URL: https://www.blogger.com/blog-post-reactions.g?options=%5Bfunny,+interesting,+cool,+tech,+darknet,+tor%5D&textColor=%23000000

Domain: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537

Domain: www.blogger.com
URL: https://www.blogger.com/comment-iframe.g?blogID=8166728817383736132&postID=6446694991792293381&blogspotRpcToken=5901537

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts.google.com/	1970-01-19 17:25:47	Name: GAPS Value: 1:K7j8Uks__YR8Wzl0VT3bD3h7Mhg30A:95cGsGRboFox0y0i
.google.com/	1970-01-19 04:18:06	Name: NID Value: 181=FIeU5VC4bJuCMCcxTmkNstsUvxoJW53c6cnUlUCNjabOrmBqk2GK19GeF87OnqkF882CBwDIAyz1B9mfaGDfgZz0Q68Do10Exkc_5WDsuIAICqqdLFM6DvDvMJqDyNkJwdI0BTyky8uXEq3PcipSvv_j30EyJQa5xbgAsRO541s
.disqus.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.twitter.com/	1970-01-19 17:25:47	Name: guest_id Value: v1%3A155487565876238350
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=Q5o8F98VemOvTPoJsaIaYC0cfe1q6KaC
.blogger.com/	1970-01-19 04:18:06	Name: NID Value: 181=JgvEx3fvsKFwzVfz2LzqY0MHvMctP194YDJNopcj-XV79dzf4RerY1ovm55R4FCrP2--RM6rsOLQFX6lQ5Z0K1F4-DHOQj00Z9q1wlMN9jDE2p5CJn8GWh7AMbFUqQ0LuxJtA8atlhWMTyv5yu62ikosU-UQXZlC6rbekHkUs3k
.youtube.com/	1970-01-18 23:54:37	Name: GPS Value: 1
.youtube.com/	1970-01-19 05:45:13	Name: PREF Value: f1=50000000
www.andmp.com/	1970-01-18 23:54:37	Name: __atuvs Value: 5cad850ad1ff7e44000
.twitter.com/	1970-01-19 17:25:47	Name: personalization_id Value: "v1_Uy2pdWGXDj4JOKfvisHZQw=="
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GU34GcA-CA4
.doubleclick.net/	1970-01-18 23:54:39	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 09:16:11	Name: IDE Value: AHWqTUlVrn8ZihC0fybwzi3mRPQCcS_EUAfKCaGqFyO9MQymU3twfKZ2mQBYQ71o
.youtube.com/	1970-01-19 04:13:47	Name: VISITOR_INFO1_LIVE Value: wK4AINaue4o
www.andmp.com/	1970-01-19 09:24:50	Name: __atuvc Value: 1%7C15

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
abs.twimg.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-public.addthis.com
c.disquscdn.com
cdn-images-1.medium.com
cdn.syndication.twimg.com
connect.facebook.net
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
img.youtube.com
img1.blogblog.com
lh3.googleusercontent.com
lh6.googleusercontent.com
links.services.disqus.com
m.addthisedge.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
resources.blogblog.com
s7.addthis.com
sigma2.disqus.com
staticxx.facebook.com
syndication.twitter.com
ton.twimg.com
ton.twitter.com
www.andmp.com
www.blogger.com
www.facebook.com
www.googletagservices.com
www.youtube.com
www.blogger.com
104.244.42.200
151.101.120.134
151.101.120.64
151.101.64.134
199.16.156.122
2.23.104.167
209.197.3.15
23.210.248.44
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:50a6
2606:4700::6810:7591
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2009
2a00:1450:4001:815::2001
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81b::2013
2a00:1450:4001:81c::200d
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
93.184.220.70
0146051af30172d280ba70ca97567c325fe0d9a47f8cef9f6804d7a5cee18b58
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0963eb43c3d252b47c972245961dc22cd6d8e288551c68be356147e977c6b84f
0c88d34a8de50207ffd42f7560d7fa60d8477cc0924907184778d145fb11a55e
0fa5aa7e8c60251d1efeabdd140d85c4720aebbbc45c0861f027f8158fc79403
1175889407ac4ba82bf909fdc25e6a4ddc68f014fb62e3ff59b1f7432d4c0edb
11c3fcb6b5d0b5fb2739929f349feb47ed802a823e0660383ab7d402b79f8bb1
12315352f6d2594b7d3ae10a3193401a5de760713a77b1bd1f843e940fb7f4d4
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
165fec68df0dbc8a5a187c806b5d7de0b9177e0dc5fe6c91b1bcb46bae2156d4
1ab1218d56bbf3dd5fe0f39f905ed9feeab0a295dbaf32ec5ef3b98cfc5b29f6
1c2d565b8da05fa678e27fd1aba6e7820c5d8404d89635915e085803852cca6c
1c4b0eb4b8292247b34d485ab44a19ed3a2c78d9abf57eb606b23a97fbcd0870
1f0c5df6fb7d8c023f66088c13b233d32237469de67c6889ec2af6a8e4a17c69
25af11b16e392c694ab93c7cf061f6173c62f37e6653cfea1420e9bf123d08ae
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f5ffa884d57eb0fd594eaea3ef769398d65940a6ff2d189447cf32850a3c347
2fbf428aedf80bcc2179df32c51ec0a623a9d04e7b342367c5e203580f68957b
2fce4bfc987baa065a0290070297326956235e7e8200d7ac85db632f60373f28
30e038ad0605fb8bd3a3889d85bd8364106a9e2c4a3cfee404d1cba98e7d14bb
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
3552e00fe354de0ca1e3b5bf20ade0f74b8a93031d85c2ea8b217a99637dd69f
35ba411475783647a21c96fe5c113e7703d2689e0c5b74a472f2365ffd0605f6
3a8f8284a05d08243c313085240a7127e4f32f87399b4d62da1ba933f79bce7d
3b4f50e1199ea8c8ea11d9e3aac2082b3b71d10962913087e875b2bca86965a8
3e18017c08dcb5c0c9889350f0b67807c54eed56ac8a3f227fd00687e42bf7a3
3ead70671fef5f3389ee8f93c6d42deefe53338f4909ff721b729bf41055b0ff
3fc716afa3c5856e4b28ce5720fb1721e1b7abcd1174343fe2955fbb07b98e40
403f5d2ad444c33d71d5742757f3fdf75ab619e2035e56b5c2deddd31760e4f0
44cccf74a7b0079dbfd0aeae8acad13418ed59475ce5b525118bc3d97b21a019
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5313e65f13a111999d21bdbc00e1367bebf60843b73411fe0c89a4c6951c3625
543c295a9d0fc471b30662d027360ccf7a893283b8dfbc47f030a7d8592a4aaf
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
562ce7a7b3eaa91d2e5c5beffb5e44bdf42eafb391472931374185489379bdcb
592ffc5316a3bbbb42c21c229e3b02e42450af53497cae33f41a4cfb9ad571f3
59d5bf9066d0b14d51017532502427d198a1a8a6197a61bb37d9e74705ddec46
5aabf92c6f199ac49f267c0e4515c03fb82633e286ea8a1a6e4cc4b0a492231f
5b4b114d573175505ccc8062576a6f97dfeeebec37c8abe4e137dbf86d288eed
5bd89a5d1155ac59cf5e8155a217586e775676be708d77df5e53e46a34d40736
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
5cf61ada82cef4e30f5b9f528f099699bb5de10e1f13e7c9cfb547e282785962
5d72290d51d8fbc626cf8a5661aae06f44b30cad885bb1ae2a7f9024a0b9febe
6201a273f1ad2f07c74fb1d286fd99f15eb73e3c2ae07245d0d7878b2800ff2b
658b94cb598ae1c811b7fc679c47b849f628477437f4d746717b5ba49e7e8fd5
6735dbcba6203f0145f4592ab0ef00efbedd0b95bb43ff1e240c3889b1343d91
68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36
6947ea9a5f331febd240ff99acbc98b35968637bf6a1e804fc6395bf3292abf3
6c9580786649870ea9172e1e3da0cc1d15986d4e2c435f585b4c35ae17399eb4
7350a2f8630e145ba32c9fe465d389aaa1d81f54068dfd4ecd951f9d0935e951
7851829e0ef2f6371a5cf853198d9b543ce7ba0f00043c8188a5faf34091c952
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295
7e28e5e5fc851abbe93e124226832a48fc6448da8b5f02afce7790a0ac874771
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
834aa6a6b86a1bfbdc59321d9fdb20a2234ecb6c66db754ac43bf1d4f10e1819
83f6087bb126d6ac3463700b06f8d9477fd9899b5af8e4b6e23fdbad986b1fae
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
86ab0dad6aa381b06281727ac59719837e461c440111c7d13a3e60b06a54a1e4
8d66220c5879ddba7af1b4d72f0431d97d7da85a81422454d2d53fdb64da676b
97eb68058369b9725d473325a3423a97fc9085c2c47c1208a60274144daa2509
99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e
9ce05f444e82bdeaa45fcb475a4a01761d687fc8369b1f12af28ae8a869275d7
9f0a0ed059a9b91f2bd774eed011786aae9525dd564be95918abcc905dfeec4f
a317521a58cfabd03dff61fac88b800acb55bfaaadfaf231f62f6628ce4ccf1d
a45370b62ab8703d77a29f9cefc8824af22ecabefcc106e29fd378cd67d66a13
a4601f96adb9145615b927a936ce95ee08112f24e77a8d407c27082804bfd8f3
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5e0dc39f19e2f5c035766778759fd1d349c90208c66607b506aad592fbebac2
a80fcbfd7e907d474d06e96210f99fe9c2bbdbe6df51134d1753f91057dc8da7
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
ab504ebf8f2ffbb9dd8170dd861b19dcc51dc94f7467b5aee2a456d075771627
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adeefcc9a5cf117c662d02acc710a53c2e80eafc2b09c9122ff2fc94cd7ba7c5
ae3ea387b378c0292d88b248f89469115159836aa628d33862e409f2cc7ba67a
aed2a144881f0df2fed01cae6853a08c8a645ae7ed64699b384e1874cc933c18
b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25b8da1858b954825b598212f2c9405cd223366163d7cbb719274fc8631f7c6
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2958bcc39add8edec26da0441d558a2b8cef8b73d5a696a23bcbab6e5edfa62
b4a18a4d2cfad8006b61b07535b28af563cb1da85adbeda9c63477aefa4ef513
b56e68fe4108f404b32cb5d9061ef03463be056fdf8b8d968fe871591c803194
b5a5ac698eae70cc7c2b0183ee96e298f38cd18bbb553f4fc77fdd4bc28966c5
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
b686220160cd1962ce8bf47ec6e955115e4e1773c2f0c3ba9f7554bf4bbb08ee
b73336a70c8e2b73cd8e349c54db26910f6f1c51be47806790252b72587ebf24
bb895501e6ccae7e9600ac6bdbf0d0a7986c74a5cc37dc4d8e99235d20ec408b
bda0febef585eb29a068ea9471b92a623d8809938214dad3d6e1b1fb83528868
c16eb48a6a3b1dbeafe23c947a03a598f9532ca5ef39dedb93d055a8cae296bf
c59fd6fa30449441bf4f6c01a40f53cfa70b1aac60976e57ee68cd4a7aa1b929
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d40b74de63a344ba5fb543da4e42a702b53e368396e3266a9701b2d01731b8a1
d7d89c5ec52c06e933c83779065ae802cadec586e4b1c0ffdbd21f81063871b4
d959bbb90d8ff01e3fa8bece35a41574ab7b51378b8268dcfb28bd0b9091935b
db4cf42951cdff9c7100b755f6963250d20ab15b2e2696f2d1cac220bd5b4110
dd1994f0f67c481db4eb23921803309981b34b98b68ae273bd605acf030ce74c
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e204ef7270dfe1153d66be607742c6dcd9cc92eca29cf39f94325b07688eeffd
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f58608b7677387563d0e6cf4684d9dc205e6046d4c93dd700f3bbe7985f78e
e44f13075f40f368efa9cc0218d56fcf9959df2d66b0f36f609b3c6aef6c3479
e55a4049d343ca57d86c8a2ef842a418033dc6fc157551b7c72e76cb7d78e5fb
e56775b57356738c4c8f6e7fc6c35e5dc1dc142f26d0f9e7644ef11411f9340c
ea0a69eff2882342fe7fafc0c3b8be05a8fa9ba19fdb41e3523e58712e4395a9
eb8a45f943dfb9823b8ae1218c72ca4703522c42488cb84d270c9fb70cea8bbd
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
ee6c442300e6c297073c699c7d30decf48b89a972bc406f57cae0a1e4ecefa05
f3b168c0a350aa2911b7425a02e33deff55fb50d18316ce29785767f48ebea1a
fa49936bad7033f541d8e208692aadf1fbcfacc76eb401d76a06b1ac9e912436
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.andmp.com Open in urlscan Pro 2a00:1450:4001:81b::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

142 Requests

98 %HTTPS

70 %IPv6

23 Domains

39 Subdomains

30 IPs

3 Countries

2572 kBTransfer

7855 kBSize

15 Cookies

23 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.andmp.com Open in urlscan Pro
2a00:1450:4001:81b::2013 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

98 %
HTTPS

70 %
IPv6

23
Domains

39
Subdomains

30
IPs

3
Countries

2572 kB
Transfer

7855 kB
Size

15
Cookies

142 HTTP transactions
8 data transactions