billshancepdwd.audiobookplay.club Open in urlscan Pro
2a00:1450:4001:830::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billshancepdwd.audiobookplay.club/
Submission: On March 21 via automatic, source certstream-suspicious (March 21st 2022, 2:29:01 am UTC) — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2a00:1450:4001:830::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is billshancepdwd.audiobookplay.club.
TLS certificate: Issued by GTS CA 1D4 on March 21st 2022. Valid for: 3 months.

This is the only time billshancepdwd.audiobookplay.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:830::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 5	54.158.254.221 54.158.254.221	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 1	172.96.187.246 172.96.187.246	() ()
1	3.221.135.137 3.221.135.137	() ()
25	9

2 2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

billshancepdwd.audiobookplay.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.158.254.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-254-221.compute-1.amazonaws.com

affiliates.audiobooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

covers.audiobooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.96.187.246 (None, ) 1 redirects

ASN- ()

audiobook-download-online-free.vavime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.135.137 (None, )

ASN- ()

www.audiobooks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	audiobooks.com 1 redirects affiliates.audiobooks.com — Cisco Umbrella Rank: 372768 covers.audiobooks.com — Cisco Umbrella Rank: 366637 www.audiobooks.com	142 KB
6	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8530 4.bp.blogspot.com — Cisco Umbrella Rank: 11336 2.bp.blogspot.com — Cisco Umbrella Rank: 11107	8 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	9 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 9506	164 KB
2	audiobookplay.club billshancepdwd.audiobookplay.club	16 KB
1	vavime.com 1 redirects audiobook-download-online-free.vavime.com	278 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	34 KB
25	7

	Domain	Requested by
5	lh3.googleusercontent.com	billshancepdwd.audiobookplay.club
5	affiliates.audiobooks.com	1 redirects billshancepdwd.audiobookplay.club
5	www.blogger.com	billshancepdwd.audiobookplay.club
3	1.bp.blogspot.com	billshancepdwd.audiobookplay.club
2	4.bp.blogspot.com	billshancepdwd.audiobookplay.club
2	billshancepdwd.audiobookplay.club	billshancepdwd.audiobookplay.club
1	www.audiobooks.com
1	audiobook-download-online-free.vavime.com	1 redirects
1	2.bp.blogspot.com	billshancepdwd.audiobookplay.club
1	covers.audiobooks.com	billshancepdwd.audiobookplay.club
1	ajax.googleapis.com	billshancepdwd.audiobookplay.club
25	11

This site contains no links.

Subject Issuer	Validity	Valid
billshancepdwd.audiobookplay.club GTS CA 1D4	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
audiobooks.com Amazon	`2021-04-19` - `2022-05-18`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.audiobooks.com Go Daddy Secure Certificate Authority - G2	`2021-06-07` - `2022-07-09`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.audiobooks.com/signup
Frame ID: A0A7CA98A1EDF955A8DFABA24D154D70
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

372 kB
Transfer

497 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://audiobook-download-online-free.vavime.com/ HTTP 301
https://affiliates.audiobooks.com/tracking/scripts/click.php?a_aid=5d289ac7390e5&a_bid=229e13d4&chan=lucu HTTP 301
https://www.audiobooks.com/signup

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
billshancepdwd.audiobookplay.club/ 59 KB
14 KB 1119ms
211ms Document
text/html 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef7c704da6975dfc4e0fcb2d5985383e540a0bbad3e186a82d7306958f6c27d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
expires: Mon, 21 Mar 2022 02:28:50 GMT
date: Mon, 21 Mar 2022 02:28:50 GMT
cache-control: private, max-age=0
last-modified: Mon, 21 Mar 2022 02:05:26 GMT
etag: W/"d2c42c319ec544b6036d4e8734b9de1c67297849f6c73b68e73b81723b1ce07d"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 13928
server: GSE

GET
H2 200 1324390690-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 405ms
173ms Stylesheet
text/css 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1324390690-widget_css_bundle.css

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2936f2b458305ba76d2cc0bbea050640bcb68a0c7adf470d024e8da0c4f9130d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 14:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6648
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 18:50:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 20 Mar 2023 14:12:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
34 KB 135ms
41ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 09:57:46 GMT

GET
H/1.1 200
OK affe750f.jpg
affiliates.audiobooks.com/tracking/accounts/default1/banners/ 17 KB
17 KB 622ms
281ms Image
image/jpeg 54.158.254.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.audiobooks.com/tracking/accounts/default1/banners/affe750f.jpg
Requested by: Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.254.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-254-221.compute-1.amazonaws.com
Software: Apache/2.4.52 (Amazon) PHP/7.2.34 / PHP/7.2.34
Resource Hash: 844f07ab35aa122a330272103de178bba2938b3d3ee08a463e7ced75e9eb1503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 02:28:51 GMT
Server: Apache/2.4.52 (Amazon) PHP/7.2.34
X-Powered-By: PHP/7.2.34
Content-Type: image/jpeg
Cache-Control: max-age=15, public
Connection: keep-alive
Content-Length: 16922
Expires: Mon, 21 Mar 2022 02:29:06 GMT

GET
H2 200 ABLy4EwGbNRYsmiDrVD92wlS9BMUrv1sDRQj-Kcgo9IcCpllZ3TukVvQM1byTsd88itn2Uc4XVLcuE_U7VZI6j1dNgvwOquiHaCJVZEKnFygj00HD5HL4uhn5FOJiizfw01qYJ_sQssjAqqVOGFwSjTXSkWpLOFcp2o5EYwunL2m7deGhoJ7FetZnWxl=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 43 B
110 B 349ms
254ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EwGbNRYsmiDrVD92wlS9BMUrv1sDRQj-Kcgo9IcCpllZ3TukVvQM1byTsd88itn2Uc4XVLcuE_U7VZI6j1dNgvwOquiHaCJVZEKnFygj00HD5HL4uhn5FOJiizfw01qYJ_sQssjAqqVOGFwSjTXSkWpLOFcp2o5EYwunL2m7deGhoJ7FetZnWxl=s0-d

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1da5cd02d74bb5ba944e3ce44037860ac9f42392eec6c99b9543910e1a3a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 02:28:51 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 25399-6-download-now-button.png
1.bp.blogspot.com/-d9kgO1SWFFk/XQe4cdEVX-I/AAAAAAAAABc/FUeE97JTqa0IjcrFyQKTPDNksdyE9XqaQCLcBGAs/s72-c/ 3 KB
3 KB 627ms
496ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-d9kgO1SWFFk/XQe4cdEVX-I/AAAAAAAAABc/FUeE97JTqa0IjcrFyQKTPDNksdyE9XqaQCLcBGAs/s72-c/25399-6-download-now-button.png

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

367e78e367028f33c6e561282bb2bdda827743a7d99088bb24404cb6e566f672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 02:28:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v18"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="25399-6-download-now-button.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2666
x-xss-protection: 0
expires: Tue, 22 Mar 2022 02:28:51 GMT

GET
H2 200 Download-Download-Now-Button-Green-PNG.png
1.bp.blogspot.com/-EC0-c9LcSs4/XQe5B-G-pRI/AAAAAAAAABs/tTwfSUt3XCYzuItYYDg8qq1gww1ZwrDOgCLcBGAs/s72-c/ 3 KB
3 KB 487ms
355ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-EC0-c9LcSs4/XQe5B-G-pRI/AAAAAAAAABs/tTwfSUt3XCYzuItYYDg8qq1gww1ZwrDOgCLcBGAs/s72-c/Download-Download-Now-Button-Green-PNG.png

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d6b74ca146fd689915f9a65ef017b0b3b05d4d7f08ccbd7194d5380df865a097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 02:28:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Download-Download-Now-Button-Green-PNG.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3365
x-xss-protection: 0
expires: Tue, 22 Mar 2022 02:28:51 GMT

GET
H2 200 9780739302583.jpg
covers.audiobooks.com/images/covers/full/ 23 KB
23 KB 522ms
465ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covers.audiobooks.com/images/covers/full/9780739302583.jpg
Requested by: Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 8e63fa82074fd36f93b53993656ce5ca4df2074bce0cc56cdad567647a86757d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 02:28:51 GMT
last-modified: Thu, 10 Dec 2020 21:37:34 GMT
etag: "1607636254"
x-hw: 1647829731.dop143.am5.t,1647829731.cds253.am5.hn,1647829731.cds005.am5.s,1647829731.dop178.dc2.r,1647829731.cds090.dc2.pr,1647829731.cds005.am5.p
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
accept-ranges: bytes
content-length: 23241

GET
H/1.1 200
OK 27e661ba.jpg
affiliates.audiobooks.com/tracking/accounts/default1/banners/ 35 KB
36 KB 600ms
267ms Image
image/jpeg 54.158.254.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.audiobooks.com/tracking/accounts/default1/banners/27e661ba.jpg
Requested by: Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.254.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-254-221.compute-1.amazonaws.com
Software: Apache/2.4.52 (Amazon) PHP/7.2.34 / PHP/7.2.34
Resource Hash: bcb0e88b5ee2d568ab0aeacae1a88c4d39db623829f109e63ff510ae1887b37a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 02:28:51 GMT
Server: Apache/2.4.52 (Amazon) PHP/7.2.34
X-Powered-By: PHP/7.2.34
Content-Type: image/jpeg
Cache-Control: max-age=15, public
Connection: keep-alive
Content-Length: 36310
Expires: Mon, 21 Mar 2022 02:29:06 GMT

GET
H2 200 ABLy4EwEm28dP9IOkfhm8IdSCA7V4GPdxKUtsS-aYu6xWEzD7MlqxRDouVDqgrkcItvHo6ojqkzqxI3cwcLnbrhfI4dVu0qhKvxiN9BkW7UFBvy0sthIvdGu-UKeqqppMS0uB9r_g14tuCgmCZMVEd3ji7jbFfPuJG5uQcC2U_yjEcHoCKVHo08G3XqJjA=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 43 B
450 B 336ms
252ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EwEm28dP9IOkfhm8IdSCA7V4GPdxKUtsS-aYu6xWEzD7MlqxRDouVDqgrkcItvHo6ojqkzqxI3cwcLnbrhfI4dVu0qhKvxiN9BkW7UFBvy0sthIvdGu-UKeqqppMS0uB9r_g14tuCgmCZMVEd3ji7jbFfPuJG5uQcC2U_yjEcHoCKVHo08G3XqJjA=s0-d

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1da5cd02d74bb5ba944e3ce44037860ac9f42392eec6c99b9543910e1a3a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 02:28:51 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: attachment;filename="unnamed.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ABLy4EyDAt49ttE3of7rLbPbfGW9h0EpPtQmUt48iMG5dMgkKx-hI6gzmr30a0DsdrfNL75IZjLQrjr9aaXkaT77R5CfsicCAEysJT2HWLnlRuGY7Nd6SAfO3j7JZKrMqWkjmLt6RUVHig=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 5 KB
5 KB 770ms
685ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EyDAt49ttE3of7rLbPbfGW9h0EpPtQmUt48iMG5dMgkKx-hI6gzmr30a0DsdrfNL75IZjLQrjr9aaXkaT77R5CfsicCAEysJT2HWLnlRuGY7Nd6SAfO3j7JZKrMqWkjmLt6RUVHig=w72-h72-p-k-no-nu

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e0d28225320f5534d818de6c790e897bf8b09dd90b360e4fd5cc5bbcac3c6a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 02:28:52 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 ABLy4Ezl-cvXcaYZl-gTqggsHzYR6Exi9JY_pRnnzUL3Z1M-R2BTE9zc5GSHBfsh0wnkPFFjZGcPj9OyjwO1hOhYFXLNNQ9Y72Lely3Ic6hcQYZO-E-LvA9QV5DTsECwJslV-t4dCnshIfwR4RwOJUlvCXaqUhrYqX7DdnlUa3_q=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 2407ms
2323ms Image
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ezl-cvXcaYZl-gTqggsHzYR6Exi9JY_pRnnzUL3Z1M-R2BTE9zc5GSHBfsh0wnkPFFjZGcPj9OyjwO1hOhYFXLNNQ9Y72Lely3Ic6hcQYZO-E-LvA9QV5DTsECwJslV-t4dCnshIfwR4RwOJUlvCXaqUhrYqX7DdnlUa3_q=w72-h72-p-k-no-nu
Requested by: Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ABLy4EyT4KRakfhQh-O5IN9Nu-DzBYIHizcxhISITlVJHptNEWDbeCZS6JLF-NdiYdDV3zUKSMtn_SVOgf5GgrqpLD8SNMG1cBCNbNdm-L2L77mZReiCtYhc6dWU669pyOD_Kc8aoPMCIA=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 796ms
712ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4EyT4KRakfhQh-O5IN9Nu-DzBYIHizcxhISITlVJHptNEWDbeCZS6JLF-NdiYdDV3zUKSMtn_SVOgf5GgrqpLD8SNMG1cBCNbNdm-L2L77mZReiCtYhc6dWU669pyOD_Kc8aoPMCIA=w72-h72-p-k-no-nu

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0255a892f1aa03b9031cfafa5a1dd266ae898ce971ce9821703c4e43947ff1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 02:28:52 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 717ca34a.jpg
affiliates.audiobooks.com/tracking/accounts/default1/banners/ 66 KB
66 KB 588ms
285ms Image
image/jpeg 54.158.254.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.audiobooks.com/tracking/accounts/default1/banners/717ca34a.jpg
Requested by: Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.254.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-254-221.compute-1.amazonaws.com
Software: Apache/2.4.52 (Amazon) PHP/7.2.34 / PHP/7.2.34
Resource Hash: 452c18656008990ca30276e30c8e567694df29806bcdd704be143c07771e18bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 02:28:51 GMT
Server: Apache/2.4.52 (Amazon) PHP/7.2.34
X-Powered-By: PHP/7.2.34
Content-Type: image/jpeg
Cache-Control: max-age=15, public
Connection: keep-alive
Content-Length: 67336
Expires: Mon, 21 Mar 2022 02:29:06 GMT

GET
H/1.1 200
OK imp.php
affiliates.audiobooks.com/tracking/scripts/ 42 B
441 B 422ms
118ms Image
image/gif 54.158.254.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affiliates.audiobooks.com/tracking/scripts/imp.php?a_aid=5d289ac7390e5&a_bid=717ca34a&chan=lucu&data1=footer3
Requested by: Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.254.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-254-221.compute-1.amazonaws.com
Software: Apache/2.4.52 (Amazon) PHP/7.2.34 / PHP/7.2.34
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 02:28:51 GMT
Server: Apache/2.4.52 (Amazon) PHP/7.2.34
X-Powered-By: PHP/7.2.34
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, max-age=0
Connection: keep-alive
Content-Length: 42
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookienotice.js Show response
billshancepdwd.audiobookplay.club/js/ 6 KB
2 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://billshancepdwd.audiobookplay.club/js/cookienotice.js

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 02:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 20 Mar 2022 19:49:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 28 Mar 2022 02:28:51 GMT

GET
H2 200 4110782-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
156 KB 90ms
42ms Script
text/javascript 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4110782-widgets.js

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f956284fc054cb78486f64f59c5d41e54436b3de0e4bbfae67b86995336ebfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 14:12:32 GMT
x-content-type-options: nosniff
age: 44179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159187
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 03:57:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 20 Mar 2023 14:12:32 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 139ms
138ms Stylesheet
text/css 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8114508750782278150&zx=ae22e923-8782-43b6-af94-6ca9d4456e0b

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 02:28:51 GMT
server: GSE
date: Mon, 21 Mar 2022 02:28:51 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-16.png
www.blogger.com/img/ 279 B
418 B 44ms
43ms Image
image/png 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 17:37:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 14 Mar 2022 13:50:50 GMT
server: sffe
age: 550282
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 21 Mar 2022 17:37:29 GMT

GET
H2 200 arrow_right.gif
1.bp.blogspot.com/-9FCgC3SpZ00/UPMiEedG1VI/AAAAAAAACl0/zLgl3K6_d3I/s1600/ 62 B
457 B 150ms
41ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-9FCgC3SpZ00/UPMiEedG1VI/AAAAAAAACl0/zLgl3K6_d3I/s1600/arrow_right.gif

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb57165d255438328c270b4fd85a6873c65f61a6ba64eedcd2dbade61386edf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 23:52:38 GMT
x-content-type-options: nosniff
age: 9373
content-disposition: inline;filename="arrow_right.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
server: fife
etag: "vb79"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 11 Dec 2021 13:18:26 GMT

GET
H2 200 batas.gif
4.bp.blogspot.com/-tk5hQcNMq6M/T8zPEwjH-RI/AAAAAAAAGm0/t8xkrJitkxg/s1600/ 35 B
426 B 148ms
43ms Image
image/gif 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-tk5hQcNMq6M/T8zPEwjH-RI/AAAAAAAAGm0/t8xkrJitkxg/s1600/batas.gif

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dbe40fa96687ac16e7d79ce7d0cada9b5fbda6a3021a79c0681e8396211c04a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 00:09:20 GMT
x-content-type-options: nosniff
age: 8371
content-disposition: inline;filename="batas.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
server: fife
etag: "v2965"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:00:23 GMT

GET
H2 200 bullet.png
4.bp.blogspot.com/-Bt0JYGRHfpk/T7ZpN5RNSQI/AAAAAAAAGJQ/zQtrWVZwgHA/s1600/ 371 B
500 B 148ms
43ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Bt0JYGRHfpk/T7ZpN5RNSQI/AAAAAAAAGJQ/zQtrWVZwgHA/s1600/bullet.png

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2fbfb43c94b1c039658f1bfad75207b267001be16a2f1061bff2752bac9d191d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 23:45:19 GMT
x-content-type-options: nosniff
age: 9812
content-disposition: inline;filename="bullet.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
server: fife
etag: "v1894"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 07:22:07 GMT

GET
H2 200 arrow_down.gif
2.bp.blogspot.com/-QB-QrnRTSJI/UPMiEYKozJI/AAAAAAAAClw/ieBOFWLIqlM/s1600/ 56 B
451 B 135ms
43ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-QB-QrnRTSJI/UPMiEYKozJI/AAAAAAAAClw/ieBOFWLIqlM/s1600/arrow_down.gif

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ebe34389aa08d8f4494fc8c0c7e8a90029e7092d9b857ca635fa493999716675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 00:07:18 GMT
x-content-type-options: nosniff
age: 8493
content-disposition: inline;filename="arrow_down.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
server: fife
etag: "vb99"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 05:41:43 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 599ms
598ms Stylesheet
text/css 2a00:1450:4001:827::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8114508750782278150&zx=ae22e923-8782-43b6-af94-6ca9d4456e0b

Requested by

Host: billshancepdwd.audiobookplay.club
URL: https://billshancepdwd.audiobookplay.club/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 02:28:52 GMT
server: GSE
date: Mon, 21 Mar 2022 02:28:52 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

signup
www.audiobooks.com/
Redirect Chain

https://audiobook-download-online-free.vavime.com/
https://affiliates.audiobooks.com/tracking/scripts/click.php?a_aid=5d289ac7390e5&a_bid=229e13d4&chan=lucu
https://www.audiobooks.com/signup

0
0

747ms
516ms

Document
text/html

3.221.135.137

General

Check archive.org

Show headers Download Go to

Full URL

https://www.audiobooks.com/signup

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.135.137 -, , ASN (),

Reverse DNS

Software

Apache/2.4.52 () /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://billshancepdwd.audiobookplay.club/

Response headers

date: Mon, 21 Mar 2022 02:29:01 GMT
content-type: text/html; charset=UTF-8
content-length: 39421
server: Apache/2.4.52 ()
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains;
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *;

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Mar 2022 02:29:00 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.audiobooks.com/signup
Server: Apache/2.4.52 (Amazon) PHP/7.2.34
X-Powered-By: PHP/7.2.34
Content-Length: 0
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			affiliates.audiobooks.com/	1970-01-20 10:29:25	Name: PAPCookie_Imp_717ca34a Value: pap

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/ABLy4Ezl-cvXcaYZl-gTqggsHzYR6Exi9JY_pRnnzUL3Z1M-R2BTE9zc5GSHBfsh0wnkPFFjZGcPj9OyjwO1hOhYFXLNNQ9Y72Lely3Ic6hcQYZO-E-LvA9QV5DTsECwJslV-t4dCnshIfwR4RwOJUlvCXaqUhrYqX7DdnlUa3_q=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
affiliates.audiobooks.com
ajax.googleapis.com
audiobook-download-online-free.vavime.com
billshancepdwd.audiobookplay.club
covers.audiobooks.com
lh3.googleusercontent.com
www.audiobooks.com
www.blogger.com
172.96.187.246
205.185.216.10
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2001
2a00:1450:4001:827::2009
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2013
3.221.135.137
54.158.254.221
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0255a892f1aa03b9031cfafa5a1dd266ae898ce971ce9821703c4e43947ff1d8
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1f956284fc054cb78486f64f59c5d41e54436b3de0e4bbfae67b86995336ebfe
2936f2b458305ba76d2cc0bbea050640bcb68a0c7adf470d024e8da0c4f9130d
2fbfb43c94b1c039658f1bfad75207b267001be16a2f1061bff2752bac9d191d
367e78e367028f33c6e561282bb2bdda827743a7d99088bb24404cb6e566f672
452c18656008990ca30276e30c8e567694df29806bcdd704be143c07771e18bf
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
844f07ab35aa122a330272103de178bba2938b3d3ee08a463e7ced75e9eb1503
8e63fa82074fd36f93b53993656ce5ca4df2074bce0cc56cdad567647a86757d
bcb0e88b5ee2d568ab0aeacae1a88c4d39db623829f109e63ff510ae1887b37a
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
d6b74ca146fd689915f9a65ef017b0b3b05d4d7f08ccbd7194d5380df865a097
dbe40fa96687ac16e7d79ce7d0cada9b5fbda6a3021a79c0681e8396211c04a0
e0d28225320f5534d818de6c790e897bf8b09dd90b360e4fd5cc5bbcac3c6a3c
e1da5cd02d74bb5ba944e3ce44037860ac9f42392eec6c99b9543910e1a3a5fe
ebe34389aa08d8f4494fc8c0c7e8a90029e7092d9b857ca635fa493999716675
ef7c704da6975dfc4e0fcb2d5985383e540a0bbad3e186a82d7306958f6c27d0
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fb57165d255438328c270b4fd85a6873c65f61a6ba64eedcd2dbade61386edf4

billshancepdwd.audiobookplay.club Open in urlscan Pro 2a00:1450:4001:830::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

60 %IPv6

7 Domains

11 Subdomains

9 IPs

2 Countries

372 kBTransfer

497 kBSize

1 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

billshancepdwd.audiobookplay.club Open in urlscan Pro
2a00:1450:4001:830::2013 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

372 kB
Transfer

497 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions