www.sandiq.work Open in urlscan Pro
2a00:1450:4001:81c::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.citizengo.org/sites/default/files/webform/gspsv2.html
Effective URL:
http://www.sandiq.work/2017/12/s9.html
Submission: On July 18 via manual (July 18th 2018, 12:05:35 pm UTC) from TR

Summary HTTP 171 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 171 HTTP transactions. The main IP is 2a00:1450:4001:81c::2013, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is www.sandiq.work.

This is the only time www.sandiq.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	35.227.201.5 35.227.201.5	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:81c::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 27	2a00:1450:400... 2a00:1450:4001:817::2009	15169 (GOOGLE) (GOOGLE - Google LLC)
27	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
16	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	94.101.80.84 94.101.80.84	42926 (RADORE) (RADORE)
17	94.101.80.102 94.101.80.102	42926 (RADORE) (RADORE)
21	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
12	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:817::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
8	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	107.182.233.217 107.182.233.217	29854 (WESTHOST) (WESTHOST - WestHost)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST - Steadfast)
3	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST - Steadfast)
1	69.4.231.30 69.4.231.30	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST - Steadfast)
1	208.100.17.184 208.100.17.184	32748 (STEADFAST) (STEADFAST - Steadfast)
1	107.182.231.45 107.182.231.45	29854 (WESTHOST) (WESTHOST - WestHost)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST - Steadfast)
171	25

2 35.227.201.5 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 5.201.227.35.bc.googleusercontent.com

www.citizengo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2013 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.sandiq.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:817::2009 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.101.80.84 (Turkey)

ASN42926 (RADORE, TR)
PTR: server-94.101.80.84.radore.net.tr

mediatrend.mediamarkt.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 94.101.80.102 (Turkey)

ASN42926 (RADORE, TR)
PTR: server-94.101.80.102.radore.net.tr

shiftdelete.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ceres.shiftdelete.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:817::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.225.208.133 (None, )

ASN13213 (UK2NET-AS, GB)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.182.233.217 (Providence, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e9d9.setaptr.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.87.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.186 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip186.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip184.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.182.231.45 (New York, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e72d.setaptr.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	google.com 1 redirects apis.google.com adservice.google.com accounts.google.com	289 KB
30	googleusercontent.com lh6.googleusercontent.com lh4.googleusercontent.com lh3.googleusercontent.com lh5.googleusercontent.com	33 KB
22	googlesyndication.com pagead2.googlesyndication.com	231 KB
18	blogger.com 1 redirects www.blogger.com	225 KB
17	shiftdelete.net shiftdelete.net ceres.shiftdelete.net	2 MB
11	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	21 KB
9	blogblog.com resources.blogblog.com	1011 B
8	doubleclick.net googleads.g.doubleclick.net
6	sandiq.work www.sandiq.work	61 KB
4	google.de www.google.de adservice.google.de	1 KB
3	amung.us whos.amung.us	693 B
3	dtscout.com t.dtscout.com	1000 B
3	waust.at waust.at	21 KB
2	citizengo.org www.citizengo.org	35 KB
1	mediamarkt.com.tr mediatrend.mediamarkt.com.tr	714 KB
1	youtube.com www.youtube.com
0	kaspersky-labs.com Failed ff.kis.v2.scr.kaspersky-labs.com Failed
171	17

	Domain	Requested by
27	apis.google.com	www.sandiq.work apis.google.com
22	pagead2.googlesyndication.com	www.sandiq.work pagead2.googlesyndication.com
18	www.blogger.com	1 redirects www.sandiq.work www.blogger.com apis.google.com
13	shiftdelete.net	www.sandiq.work
9	lh3.googleusercontent.com	www.sandiq.work
9	lh6.googleusercontent.com	www.sandiq.work
9	resources.blogblog.com	www.sandiq.work
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	ic.tynt.com	www.sandiq.work
6	lh5.googleusercontent.com	www.sandiq.work
6	lh4.googleusercontent.com	www.sandiq.work
6	www.sandiq.work	www.google.de www.sandiq.work
4	ceres.shiftdelete.net	www.sandiq.work
4	accounts.google.com	1 redirects apis.google.com
3	cdn.tynt.com	waust.at
3	whos.amung.us	waust.at
3	t.dtscout.com	waust.at
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	waust.at	www.sandiq.work
2	www.citizengo.org	www.citizengo.org
1	de.tynt.com	cdn.tynt.com
1	mediatrend.mediamarkt.com.tr	www.sandiq.work
1	www.google.de	www.citizengo.org
1	www.youtube.com	www.citizengo.org
0	ff.kis.v2.scr.kaspersky-labs.com Failed	www.citizengo.org
171	26

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
mediatrend.mediamarkt.com.tr
whos.amung.us

Subject Issuer	Validity	Valid
*.citizengo.org Go Daddy Secure Certificate Authority - G2	`2018-04-16` - `2020-04-16`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2018-07-03` - `2018-09-11`	2 months	crt.sh
www.google.de Google Internet Authority G3	`2018-06-19` - `2018-08-28`	2 months	crt.sh
*.blogger.com Google Internet Authority G3	`2018-06-19` - `2018-08-28`	2 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-06-19` - `2018-08-28`	2 months	crt.sh
accounts.google.com Google Internet Authority G3	`2018-07-03` - `2018-09-11`	2 months	crt.sh

This page contains 43 frames:

Primary Page: http://www.sandiq.work/2017/12/s9.html
Frame ID: 27453CCD9CB77EBE10F214686A7511CC
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4HYx07j_wz8=2
Frame ID: 3A0638118868980DE0C64ABEAC5C34D4
Requests: 1 HTTP requests in this frame

Frame: http://www.sandiq.work/
Frame ID: DB60E4EFE6600BC2FAB1CF47BF221DC9
Requests: 41 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818&bpli=1
Frame ID: 4384F9762C66EA06FF71382B104ABF9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180711/r20180604/zrt_lookup.html
Frame ID: 2C4B8896CBCE5CCA5866C824CB0F3C33
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: 0B4E8CAF672ED9467B61DC201A8163AC
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&targetPostID=5998507870066707614&blogPostOrPageUrl=http://www.sandiq.work/2017/12/s9.html&vt=-5191458793821199628&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 8E14554920BEF3B4AB0DE5E3DD1A8ECA
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 9A442E66A4B9B2C71FB56BD0B7982A45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=2605601830&w=300&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&avail_w=296&wgl=1&adsid=NT&dt=1531915523107&bpp=16&bdt=101&fdt=18&idt=171&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&correlator=4119922462156&frm=20&pv=2&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=547916332&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1011&ady=178&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=jsClIlx8CG&p=http%3A//www.sandiq.work&dtd=192
Frame ID: A50315BFB3524CA2D188153732C39DB3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: 7132EAC449E46F2B4C4BAA92C5AA75ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=600&slotname=9851626522&adk=3893998847&adf=1319644600&w=296&fwrn=4&fwrnh=100&lmt=1531859025&rafmt=1&npa=1&guci=1.2.0.0.2.1.0&format=296x600&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rh=0&rw=296&resp_fmts=4&wgl=1&adsid=NT&dt=1531915523196&bpp=11&bdt=190&fdt=124&idt=125&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4119922462156&frm=20&pv=1&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=137986869804&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1721&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&fsb=1&xpc=seuMoBeFFS&p=http%3A//www.sandiq.work&dtd=137
Frame ID: 73C14F08C02D6C04296368F07458D641
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: CD6D8D305BDBD0F326F72F1839156182
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: E9881ACF9A1F74072CE6087E85E9AF39
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=90&slotname=8346099391&adk=4177391497&adf=3214710465&w=728&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=728x90&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&wgl=1&adsid=NT&dt=1531915523234&bpp=4&bdt=228&fdt=160&idt=163&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x250%2C296x600&correlator=4119922462156&frm=20&pv=1&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=137986869804&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=2836&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&fsb=1&xpc=ZgfKJoGT0c&p=http%3A//www.sandiq.work&dtd=183
Frame ID: F0D1271E64ADF699444AC903209A6CD8
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&vt=3034840651634160064&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 49CBACC1E1CAF9ACE58401D7E1870621
Requests: 1 HTTP requests in this frame

Frame: http://www.sandiq.work/
Frame ID: AEAABC5C99848FB5A2DC14B50413A372
Requests: 41 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: 2D38FB723C68338B97FA5CF13B292C64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=1146778205&w=300&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&avail_w=296&wgl=1&dt=1531915523652&bpp=7&bdt=101&fdt=7&idt=9&shv=r20180711&cbv=r20180604&saldr=aa&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=133770&nhd=1&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=604&ady=2140&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&fsb=1&dtd=15
Frame ID: EF49A6E7D35AFB157EAA9375C129D431
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: E6678B5CABE40C2CCE58E8F51D8E66E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=9851626522&adk=3412058414&adf=793235384&w=296&fwrn=3&fwrnh=100&rafmt=1&npa=1&guci=1.2.0.0.2.1.0&format=296x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rh=0&rw=296&resp_fmts=3&wgl=1&dt=1531915523678&bpp=5&bdt=128&fdt=6&idt=7&shv=r20180711&cbv=r20180604&saldr=aa&prev_fmts=300x250&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=2632234&nhd=1&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=608&ady=3683&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=148&bc=7&ifi=2&fsb=1&dtd=15
Frame ID: 9A64F6E615D735B06EB8894D63CF94A1
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: 84D9D6036566B84459E90B33B9F6D3AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=90&slotname=8346099391&adk=4177391497&adf=1810335069&w=728&npa=1&guci=1.2.0.0.2.1.0&format=728x90&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&wgl=1&dt=1531915523733&bpp=6&bdt=182&fdt=7&idt=9&shv=r20180711&cbv=r20180604&saldr=aa&prev_fmts=300x250%2C296x250&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=42115746&nhd=1&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=22&ady=5054&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=3&fsb=1&dtd=16
Frame ID: E5D99E843565C0387485C067BF82B91A
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: AFA9DCADED2E499E59B163B361B29CFD
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post_1.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 8D8B7B827804C1B3E1A417176B182629
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fp20.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 8DF6DFDF84648E76C647E405D1B7D786
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fxa2.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 571A52286DD72B82B4B7D8F1DEBD9EBA
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fs9-s9.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 205526640EF6AB732D3077B00B3167EC
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2F6.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 00957D3798A8681AED8689511A70A9DA
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fblog-post_15.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 503E46AC5F017B4832E7DD934C48E4BB
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: B8315C9E257DC64E25231F485D9D7293
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&vt=3034840651634160064&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 219174958B44F91FE2523D50148670F5
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: 7B31E24769E1CD496C34B78152088A26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=635204798&w=300&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F&ea=0&flash=0&avail_w=296&wgl=1&dt=1531915524270&bpp=9&bdt=57&fdt=9&idt=11&shv=r20180711&cbv=r20180604&saldr=aa&correlator=4119922462156&frm=23&ife=1&pv=1&ga_vid=1701013525.1531915524&ga_sid=1531915524&ga_hid=2145815170&ga_fc=0&iag=15&icsg=133770&nhd=2&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=212&ady=5033&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226401%2C26835106&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&top=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&cms=1&fu=20&bc=7&ifi=1&fsb=1&dtd=20
Frame ID: 479A011469D1399AE0933A8B039FFBC9
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: D8905A0483171D6F3E1C60C00F5F1441
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js
Frame ID: 7489DCD865215D8241236B54FA46A36B
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 6465A6A767A77BA099E0643C137C6459
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post_1.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 8AE2116EFEFCF5C04AC52984ACB3EB09
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fp20.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 18003AA69CFD88328DF82BC9994D4B6E
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fxa2.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 1D8AB649A4E444BEFBD188B26AF5FFE7
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fs9-s9.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: E0DFD66418DE303B8689F0019E880252
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2F6.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 139113ED67FE2D20B5534EB29620080E
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fblog-post_15.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 51E917C4F699581513D585B4E781C1E9
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
Frame ID: 2F8FEE79C24FCAF145AFBF7EE2604EF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.citizengo.org/sites/default/files/webform/gspsv2.html Page URL
https://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiWj5-guKbcAhVPyKYKHXWWCr... Page URL
http://www.sandiq.work/2017/12/s9.html Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Page Statistics

171
Requests

20 %
HTTPS

42 %
IPv6

17
Domains

26
Subdomains

25
IPs

4
Countries

3395 kB
Transfer

7444 kB
Size

3
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=crosscol
Title:

Search URL Search Domain Scan URL

URL: https://mediatrend.mediamarkt.com.tr/wp-content/uploads/2017/12/galaxy-s9-quick-charge-4-2.png

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7153862393770945733&postID=5998507870066707614&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7153862393770945733&postID=5998507870066707614&target=email
Title: إرسال بالبريد الإلكتروني

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7153862393770945733&postID=5998507870066707614&target=blog
Title: كتابة مدونة حول هذه المشاركة

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7153862393770945733&postID=5998507870066707614&target=twitter
Title: ‏المشاركة في Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7153862393770945733&postID=5998507870066707614&target=facebook
Title: ‏المشاركة في Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7153862393770945733&postID=5998507870066707614&target=pinterest
Title: ‏المشاركة على Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=FeaturedPost&widgetId=FeaturedPost1&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=HTML&widgetId=HTML5&action=editWidget&sectionId=main
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=HTML&widgetId=HTML2&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=PopularPosts&widgetId=PopularPosts1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=AdSense&widgetId=AdSense1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=BlogArchive&widgetId=BlogArchive1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: http://whos.amung.us/stats/57v28mbus5/
Title: 2

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=HTML&widgetId=HTML4&action=editWidget&sectionId=sidebar-right-2-1
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=Label&widgetId=Label1&action=editWidget&sectionId=sidebar-right-2-2
Title:

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=HTML&widgetId=HTML3&action=editWidget&sectionId=footer-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: http://www.blogger.com/rearrange?blogID=7153862393770945733&widgetType=Attribution&widgetId=Attribution1&action=editWidget&sectionId=footer-3
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.citizengo.org/sites/default/files/webform/gspsv2.html Page URL
https://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiWj5-guKbcAhVPyKYKHXWWCrYQFggnMAA&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&usg=AOvVaw02hAGxu75-B_zvTZhQ2IfC Page URL
http://www.sandiq.work/2017/12/s9.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D7153862393770945733%26postID%3D5998507870066707614%26blogspotRpcToken%3D4278818%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D7153862393770945733%26postID%3D5998507870066707614%26blogspotRpcToken%3D4278818%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818&bpli=1

171 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 gspsv2.html Show response
www.citizengo.org/sites/default/files/webform/ 11 KB
11 KB 15ms
15ms Document
text/html 35.227.201.5
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.citizengo.org/sites/default/files/webform/gspsv2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.201.5 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 5.201.227.35.bc.googleusercontent.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.36 /
Resource Hash: f941dd981ed51f44025a8baee892a58bfed7e4bf906005df90b4d29a9f00e997

Request headers

:method: GET
:authority: www.citizengo.org
:scheme: https
:path: /sites/default/files/webform/gspsv2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC

Response headers

status: 200
date: Wed, 18 Jul 2018 12:05:22 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.36
last-modified: Wed, 18 Jul 2018 12:03:48 GMT
etag: "2ca8-57144daf121be"
accept-ranges: bytes
content-length: 11432
cache-control: max-age=1209600
expires: Wed, 01 Aug 2018 12:05:22 GMT
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

GET
H2 404 0
www.citizengo.org/sites/default/files/webform/ 24 KB
24 KB 48ms
47ms Image
text/html 35.227.201.5
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.citizengo.org/sites/default/files/webform/0

Requested by

Host: www.citizengo.org
URL: https://www.citizengo.org/sites/default/files/webform/gspsv2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.227.201.5 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

5.201.227.35.bc.googleusercontent.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.36 / PHP/5.6.36

Resource Hash

83a0238c50db0241e69d5bcd27fc5d636cb045c7f10f245a69c448b5f7d980ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /sites/default/files/webform/0
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.citizengo.org
referer: https://www.citizengo.org/sites/default/files/webform/gspsv2.html
:scheme: https
:method: GET
Referer: https://www.citizengo.org/sites/default/files/webform/gspsv2.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:05:22 GMT
content-encoding: gzip
vary: Cookie,Accept-Encoding
x-powered-by: PHP/5.6.36
status: 404
alt-svc: clear
content-length: 6659
x-ua-compatible: IE=edge,chrome=1
last-modified: Wed, 18 Jul 2018 12:04:20 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.36
etag: "1531915460-1"
x-frame-options: SAMEORIGIN
content-language: en
via: 1.1 google
x-generator: Drupal 7 (http://drupal.org)
cache-control: public, max-age=900
content-type: text/html; charset=utf-8
link: <http://www.citizengo.org/en>; rel="canonical",<http://www.citizengo.org/en>; rel="shortlink"
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET main.js
ff.kis.v2.scr.kaspersky-labs.com/09907A55-7EDE-6B46-9511-95FBF55FF127/ 0
0

GET
H2 200 4HYx07j_wz8=2
www.youtube.com/embed/ Frame 3A06 0
0 65ms
64ms Document
text/html 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4HYx07j_wz8=2

Requested by

Host: www.citizengo.org
URL: https://www.citizengo.org/sites/default/files/webform/gspsv2.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/4HYx07j_wz8=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.citizengo.org/sites/default/files/webform/gspsv2.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: https://www.citizengo.org/sites/default/files/webform/gspsv2.html

Response headers

status: 200
content-encoding: gzip
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 EST
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cache-control: no-cache
date: Wed, 18 Jul 2018 12:05:22 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=5mhahPu8Zys; path=/; domain=.youtube.com; expires=Mon, 14-Jan-2019 12:05:22 GMT; httponly YSC=mhjaiPvLVpY; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 18-Mar-2019 23:58:22 GMT GPS=1; path=/; domain=.youtube.com; expires=Wed, 18-Jul-2018 12:35:22 GMT VISITOR_INFO1_LIVE=5mhahPu8Zys; path=/; domain=.youtube.com; expires=Mon, 14-Jan-2019 12:05:22 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 url Show response
www.google.de/ 454 B
601 B 27ms
26ms Document
text/html 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiWj5-guKbcAhVPyKYKHXWWCrYQFggnMAA&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&usg=AOvVaw02hAGxu75-B_zvTZhQ2IfC

Requested by

Host: www.citizengo.org
URL: https://www.citizengo.org/sites/default/files/webform/gspsv2.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

c60ffe007f74adee813576702eca89f908f325dfb2eda371d2784c6c028bfe7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.de
:scheme: https
:path: /url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiWj5-guKbcAhVPyKYKHXWWCrYQFggnMAA&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&usg=AOvVaw02hAGxu75-B_zvTZhQ2IfC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.citizengo.org/sites/default/files/webform/gspsv2.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: https://www.citizengo.org/sites/default/files/webform/gspsv2.html

Response headers

status: 200
date: Wed, 18 Jul 2018 12:05:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: gzip
server: gws
content-length: 286
x-xss-protection: 1; mode=block
set-cookie: NID=134=pptAGX36QOQIfYIbpAH7GqVfUcoOkPvApBivPWaD9duY2miq2NutLDfge4ebEjgZT1OcFGTLnN4pfNhqEl5u2WCk0ep2R2ytyrIIIWzWolvbxtzIq_tCN1iuyey8MWQj; expires=Thu, 17-Jan-2019 12:05:22 GMT; path=/; domain=.google.de; HttpOnly CONSENT=WP.26f568; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.de
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK Primary Request s9.html Show response
www.sandiq.work/2017/12/ 64 KB
16 KB 432ms
431ms Document
text/html 2a00:1450:4001:81c::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.sandiq.work/2017/12/s9.html

Requested by

Host: www.google.de
URL: https://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiWj5-guKbcAhVPyKYKHXWWCrYQFggnMAA&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&usg=AOvVaw02hAGxu75-B_zvTZhQ2IfC

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

c8601a6a6b31eb37b9563890b307742381a4d21370ae8d839db19eb67486d428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.sandiq.work
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.google.de/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: https://www.google.de/

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Wed, 18 Jul 2018 12:05:22 GMT
Date: Wed, 18 Jul 2018 12:05:22 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 17 Jul 2018 20:23:45 GMT
ETag: W/"1de2d073e486a05ad0c57d602d336ac99ddd44fe5d34fd332d094b29c3f5f27b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15734
Server: GSE

GET
S 200 31027104-css_bundle_v2_rtl.css
www.blogger.com/static/v1/widgets/ 41 KB
9 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/31027104-css_bundle_v2_rtl.css

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

209be008e3d4c9f9e9a8cbcd639eada2b85dfb499313454e9fb91932da6a908a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 13:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 17:28:13 GMT
server: sffe
age: 427990
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9148
x-xss-protection: 1; mode=block
expires: Sat, 13 Jul 2019 13:12:13 GMT

GET
S 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

37c5fa3e10b9c5efe235ea79656573eac168676a4983801acd4fbfa23d0883cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-N7/SN5lasiSkjoHqp7QmDb1dQpU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "a946935d25873181035be85bf860b9eb"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 73 KB
27 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a69dfac0fb0f63ed50189ebe191d7498f157560b85d19a328142b60cac7f240f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9401390821887325258
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 27466
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
S 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
539 B 7ms
5ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 14 Jul 2018 06:27:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 19:27:35 GMT
server: sffe
age: 365879
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 475
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 06:27:24 GMT

GET
S 200 galaxy-s9-quick-charge-4-2.png
mediatrend.mediamarkt.com.tr/wp-content/uploads/2017/12/ 712 KB
714 KB 49ms
48ms Image
image/png 94.101.80.84
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediatrend.mediamarkt.com.tr/wp-content/uploads/2017/12/galaxy-s9-quick-charge-4-2.png
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: SPDY
Server: 94.101.80.84 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-94.101.80.84.radore.net.tr
Software: LiteSpeed /
Resource Hash: 955852d4821b545ab1c041224c374e95144c9654caec8397751242c2baf81648

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:52 GMT
last-modified: Sun, 29 Apr 2018 20:08:24 GMT
server: LiteSpeed
etag: "b1eb8-5ae62638-84ca6bd"
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 728760
expires: Wed, 25 Jul 2018 12:04:52 GMT

GET
S 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
226 B 7ms
6ms Image
image/gif 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 14 Jul 2018 00:43:30 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 03:33:27 GMT
server: sffe
age: 386513
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 162
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 00:43:30 GMT

GET
S 200 2567313873-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/2567313873-comment_from_post_iframe.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c1b7760c095804a679a51b4c7f7d6138d6db722c4210976b1e9381f0e07ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 00:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 17:28:13 GMT
server: sffe
age: 474812
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 4392
x-xss-protection: 1; mode=block
expires: Sat, 13 Jul 2019 00:11:51 GMT

GET
H/1.1 200
OK google-u%C3%A7u%C5%9Flar-2.jpg
shiftdelete.net/wp-content/uploads/2018/02/ 38 KB
39 KB 52ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/02/google-u%C3%A7u%C5%9Flar-2.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

68e09373bf0e4b9c2319b0e60ec1f1b7410b6371418eba64e130af862b827d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a72d15c-98fa"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39162
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
S 200 NqSyhCHCTigy6TiAbTZu-EwxkDENj6GXLuO2zQCz0yMhLJ8623Fb_Zq4gRug5hJJ-t5MXd1gtzv3rpWpCKcD9bSMLxWR1zMMYLs_C6XnPw7lGZIId7E8l6sE65IT0YTljALudMU=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ 3 KB
3 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/NqSyhCHCTigy6TiAbTZu-EwxkDENj6GXLuO2zQCz0yMhLJ8623Fb_Zq4gRug5hJJ-t5MXd1gtzv3rpWpCKcD9bSMLxWR1zMMYLs_C6XnPw7lGZIId7E8l6sE65IT0YTljALudMU=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d0a15a9c7824b25c682752eb829fdb0cceb7a9292d744251cca54284ded4affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3009
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 klGEH_kWk51ZawOsToRrdVu2Y_PACoG3iyJdlTBpa0cOstBRhpLjZb7l7zxwETzcwVkbx9ZT6BQ_UxoBg5Mi-_TK6Xc-E5HWYRAj8x12oSISuK0V=w72-h72-p-k-no-nu
lh4.googleusercontent.com/proxy/ 3 KB
3 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/klGEH_kWk51ZawOsToRrdVu2Y_PACoG3iyJdlTBpa0cOstBRhpLjZb7l7zxwETzcwVkbx9ZT6BQ_UxoBg5Mi-_TK6Xc-E5HWYRAj8x12oSISuK0V=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

801560bf9ad4a2da17e61ea59d0f5a7c194b309eb715a5692142e7bdcad170ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3452
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 GH6XxDOztZ6r7kaDo0wLZfEGfbXApLUFw3Ei7QPsvUZAebJPv2BR3WV8DwuvmaIAVfQYSBarSHKgwCIE09iM2hrhN9bhW8VrQLUCctcYnD4mF7hRxDt1OCKSQ3w4NpQ=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/GH6XxDOztZ6r7kaDo0wLZfEGfbXApLUFw3Ei7QPsvUZAebJPv2BR3WV8DwuvmaIAVfQYSBarSHKgwCIE09iM2hrhN9bhW8VrQLUCctcYnD4mF7hRxDt1OCKSQ3w4NpQ=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d551590be01da9e196495e06f99a4e09f97fb70a01fd8fa40221833197108dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1787
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 o3ai1x7bJcjZ49notF_4RKn_HI6wO4jget4r1PnN_45tbt3GAHL1QjucYGeZotKc0KNPhjMxNzU012MbQi1wAUzGyOYSz0OFuzAApuNutrVZssqIusil6Ui_mc_zMW8MKgqjemOp26P3BcpCFy9q=w72-h72-p-k-no-nu
lh5.googleusercontent.com/proxy/ 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/o3ai1x7bJcjZ49notF_4RKn_HI6wO4jget4r1PnN_45tbt3GAHL1QjucYGeZotKc0KNPhjMxNzU012MbQi1wAUzGyOYSz0OFuzAApuNutrVZssqIusil6Ui_mc_zMW8MKgqjemOp26P3BcpCFy9q=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

35d56aa7cd63d6a2dea4937991d96428ba45fd88ac7c351be15d2bfd27b946d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2258
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 IqT0xD20l20v076TgGhOHTOWeIBbSsvkPxzbgwLjwAu0XEAkUijW5GBefSTSTFgK1D9AD_wCv_OZ03L5ezVvcXY9L1TO92Etwa6dvJszBpDfWQ=w72-h72-p-k-no-nu
lh4.googleusercontent.com/proxy/ 3 KB
4 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/IqT0xD20l20v076TgGhOHTOWeIBbSsvkPxzbgwLjwAu0XEAkUijW5GBefSTSTFgK1D9AD_wCv_OZ03L5ezVvcXY9L1TO92Etwa6dvJszBpDfWQ=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

71de3ad9a7567a5a4291c4c0b4178d321d81fb014fce6e1557c866fe30d459ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3578
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 eLspIcxMVhHhR4rgYFIOcW3ilQjlH7yc4sik-0dQyWzu8QGZdWjEgXANQx8RhWosAywk-3uWDCcD1M6AXUpZ7esqfnzyvIPSRvB8b5zv8HaSsxFNDkN5yOn-Bc7xZ9eIT8DMXfD3tnxHMRmlbd6Ngqdy2SWsc7kh9CFC0XjWvSw=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ 2 KB
2 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/eLspIcxMVhHhR4rgYFIOcW3ilQjlH7yc4sik-0dQyWzu8QGZdWjEgXANQx8RhWosAywk-3uWDCcD1M6AXUpZ7esqfnzyvIPSRvB8b5zv8HaSsxFNDkN5yOn-Bc7xZ9eIT8DMXfD3tnxHMRmlbd6Ngqdy2SWsc7kh9CFC0XjWvSw=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

2ca891468f5959ff21209d3cf6e07a79c5c219de5663bf12ebf22955e21902ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2371
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 Fl27JYaiCfCEmih1mO3eYhWfgN1QqvEDwlV6KEqiqOlylJhtZmeOAHy6AXjFmVc-FNi-sBqIEtai0kftZZ1pxVfZgMOHgm-Ay2tLgPRGP7M0zRrtHUIq-SZl7tJS=w72-h72-p-k-no-nu
lh5.googleusercontent.com/proxy/ 3 KB
3 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/Fl27JYaiCfCEmih1mO3eYhWfgN1QqvEDwlV6KEqiqOlylJhtZmeOAHy6AXjFmVc-FNi-sBqIEtai0kftZZ1pxVfZgMOHgm-Ay2tLgPRGP7M0zRrtHUIq-SZl7tJS=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

77ca57651ea5651e5da4daecf25d7df88136e13c9d42ab189d904f1cc1d4d12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2596
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 Q82Gse4RMfMagPBcbefi0z4CAGccTKHQhih-VdbdILyUjNtuzCgufil8KpNPSNQcWyhwkFo5xx8ZjpTlOR9OQ3R8SjYQ7gEOQDVJYRx8GUg3h5EYerEKi-20LqXiur0M6uTuHu4Sc66qJw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ 2 KB
2 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/Q82Gse4RMfMagPBcbefi0z4CAGccTKHQhih-VdbdILyUjNtuzCgufil8KpNPSNQcWyhwkFo5xx8ZjpTlOR9OQ3R8SjYQ7gEOQDVJYRx8GUg3h5EYerEKi-20LqXiur0M6uTuHu4Sc66qJw=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bfb6d0451ced4865c376d92c06e0398d0bec2f5232fc69bc257553cf6d37711a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2330
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ 9 KB
9 KB 9ms
8ms Image
image/png 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bbb622b66c7641668a8736908ff82a6dee382652ccc326ef9ef08113e17c6edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8769
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 1cgEKm8glFKkx5Eg8vSwY5x2aopeB0YPYk-vtrIAGKE1NkxPhh7PufN4Pi-LfCi0Xy14bbWj6_cNekaLXaJBso2YSUZUKboaaxi6lB4a6o8RlpgvVpgt18Xwl-Q=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ 2 KB
3 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/1cgEKm8glFKkx5Eg8vSwY5x2aopeB0YPYk-vtrIAGKE1NkxPhh7PufN4Pi-LfCi0Xy14bbWj6_cNekaLXaJBso2YSUZUKboaaxi6lB4a6o8RlpgvVpgt18Xwl-Q=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

b7da9bc108bd516e5041308836a39e9011e09c0f9a62d1d0d8a3679291d45650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2528
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 12 KB
7 KB 32ms
16ms Script
application/x-javascript 185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: bc0f28387fdc58b79c22fa82216bcd6a19412dbe541fee83c1314a8d39448d30

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jul 2018 21:46:33 GMT
ETag: W/"5b4e63b9-2f33"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, private
Connection: keep-alive
Expires: Thu, 19 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.sandiq.work/js/ 6 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.sandiq.work/js/cookienotice.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sandiq.work
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.sandiq.work/2017/12/s9.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 17 Jul 2018 18:03:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Jul 2018 17:37:22 GMT
Server: sffe
Age: 64943
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Jul 2018 18:03:00 GMT

GET
S 200 1109080293-widgets.js Show response
www.blogger.com/static/v1/widgets/ 146 KB
52 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1109080293-widgets.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53bc8e0d10219c99f095bdcc2b0210f07be024705e0b15e4f874c9bfc0bba27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 14 Jul 2018 13:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 14 Jul 2018 10:14:38 GMT
server: sffe
age: 341091
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 53573
x-xss-protection: 1; mode=block
expires: Sun, 14 Jul 2019 13:20:32 GMT

GET
S 200 authorization.css
www.blogger.com/dyn-css/ 1 B
139 B 114ms
113ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7153862393770945733&zx=c1ecc8ff-d21a-49cc-a20c-caa0a2ea2c8a

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 18 Jul 2018 12:05:23 GMT
server: GSE
date: Wed, 18 Jul 2018 12:05:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: private, max-age=1800
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ 131 KB
46 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

27d0b2f79b3a90ccf74c8be137edd09fd3be6230e634ab3308213a5d9d47ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 54124
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46639
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:19 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ 55 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

01959738688896ce0770006b1534350b03111b8d5b70507fe457bd2945824693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 54089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 18409
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:54 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
627 B 10ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 12 Jul 2018 12:43:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 516096
ETag: 13036835877489095579
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 67
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Jul 2018 12:43:47 GMT

GET
S 200 tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ 182 B
246 B 6ms
6ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 13:17:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 19:52:57 GMT
server: sffe
age: 427675
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 182
x-xss-protection: 1; mode=block
expires: Fri, 20 Jul 2018 13:17:28 GMT

GET
S 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 6ms
5ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/2567313873-comment_from_post_iframe.js

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.blogger.com/static/v1/widgets/31027104-css_bundle_v2_rtl.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 14 Jul 2018 00:47:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 06:30:01 GMT
server: sffe
age: 386280
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 5080
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 00:47:23 GMT

GET
H/1.1 200
OK / Show response
www.sandiq.work/ Frame DB60 107 KB
22 KB 480ms
480ms Document
text/html 2a00:1450:4001:81c::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.sandiq.work/

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

2b934dff3616a96369a49d6a840ccddfa1c8e73f338a53358c7dad749dcf24a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.sandiq.work
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.sandiq.work/2017/12/s9.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Wed, 18 Jul 2018 12:05:23 GMT
Date: Wed, 18 Jul 2018 12:05:23 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 17 Jul 2018 20:23:45 GMT
ETag: W/"1de2d073e486a05ad0c57d602d336ac99ddd44fe5d34fd332d094b29c3f5f27b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 21683
Server: GSE

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sandiq.work

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sandiq.work

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2

200

comment-iframe.g
www.blogger.com/ Frame 4384
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D7153862393770945733%26postID%3D5998507870066707614%26blogspotRpcToken%3D4278818%26bpli%3D1&follow...
https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818&bpli=1

0
0

532ms
532ms

Document
text/html

2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/2567313873-comment_from_post_iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1731
server: GSE
set-cookie: S=blogger=h8Wg07QDwrDIh0KEMY8mKz2ln2btMRwr; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status: 302
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=7153862393770945733&postID=5998507870066707614&blogspotRpcToken=4278818&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-SgZUO0jtj3kreYrCUHYP/QKt6Yg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 259
server: GSE
set-cookie: GAPS=1:palBS_CIFVv55WjRJZ568U4F4qAGuw:kqs5sDHmSjPe7jLV;Path=/;Expires=Fri, 17-Jul-2020 12:05:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 ca-pub-7149843128166834.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
188 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7149843128166834.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Jul 2018 20:22:30 GMT
server: sffe
age: 62
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Thu, 19 Jul 2018 00:04:21 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180711/r20180604/ Frame 2C4B 0
0 6ms
6ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20180711/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20180711/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 13 Jul 2018 03:13:59 GMT
expires: Fri, 27 Jul 2018 03:13:59 GMT
content-type: text/html; charset=UTF-8
etag: 4726315756816018096
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6958
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 463884
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame 0B4E 185 KB
69 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 navbar.g
www.blogger.com/ Frame 8E14 0
0 658ms
658ms Document
text/html 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&targetPostID=5998507870066707614&blogPostOrPageUrl=http://www.sandiq.work/2017/12/s9.html&vt=-5191458793821199628&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&targetPostID=5998507870066707614&blogPostOrPageUrl=http://www.sandiq.work/2017/12/s9.html&vt=-5191458793821199628&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2690
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 17 B
379 B 290ms
145ms Script
application/javascript 107.182.233.217
WestHost

General

Check archive.org

Show headers Download Go to

Full URL: http://t.dtscout.com/i/?l=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&j=https%3A%2F%2Fwww.google.de%2F
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 107.182.233.217 Providence, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS: 6bb6e9d9.setaptr.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Z: I
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Wed, 18 Jul 2018 12:05:22 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 28 B
231 B 212ms
107ms Script
text/javascript 67.202.94.86
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=57v28mbus5&t=%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%3A%20%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&c=d&y=https%3A%2F%2Fwww.google.de%2F&a=0&r=6308
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 7c182a141b6f910f9ca5acfda286bb815c6461ad9e38fb8ebe7f25c7b690912a

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
S 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ 76 KB
27 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9987a412e4dba9e63115a41652218297576182bfda38c8f22a57273b244d9610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 53986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27241
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:05:37 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 9A44 0
0 30ms
29ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-7kOGg3dSJf9VQw8Kvt269f6RK6k' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A503 0
0 190ms
189ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=2605601830&w=300&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&avail_w=296&wgl=1&adsid=NT&dt=1531915523107&bpp=16&bdt=101&fdt=18&idt=171&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&correlator=4119922462156&frm=20&pv=2&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=547916332&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1011&ady=178&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=jsClIlx8CG&p=http%3A//www.sandiq.work&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=2605601830&w=300&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&avail_w=296&wgl=1&adsid=NT&dt=1531915523107&bpp=16&bdt=101&fdt=18&idt=171&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&correlator=4119922462156&frm=20&pv=2&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=547916332&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1011&ady=178&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpoeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=jsClIlx8CG&p=http%3A//www.sandiq.work&dtd=192
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:23 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jul-2018 12:20:23 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ 70 KB
26 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a203507148f6ac9ac807eaabbcc715e08966d4c8d41374851c5813da246425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 20:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26249
x-xss-protection: 1; mode=block
server: cafe
etag: 2423183749728313736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 20:26:02 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame 7132 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 73C1 0
0 139ms
139ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=600&slotname=9851626522&adk=3893998847&adf=1319644600&w=296&fwrn=4&fwrnh=100&lmt=1531859025&rafmt=1&npa=1&guci=1.2.0.0.2.1.0&format=296x600&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rh=0&rw=296&resp_fmts=4&wgl=1&adsid=NT&dt=1531915523196&bpp=11&bdt=190&fdt=124&idt=125&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4119922462156&frm=20&pv=1&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=137986869804&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1721&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&fsb=1&xpc=seuMoBeFFS&p=http%3A//www.sandiq.work&dtd=137

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=600&slotname=9851626522&adk=3893998847&adf=1319644600&w=296&fwrn=4&fwrnh=100&lmt=1531859025&rafmt=1&npa=1&guci=1.2.0.0.2.1.0&format=296x600&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rh=0&rw=296&resp_fmts=4&wgl=1&adsid=NT&dt=1531915523196&bpp=11&bdt=190&fdt=124&idt=125&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x250&correlator=4119922462156&frm=20&pv=1&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=137986869804&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1721&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&fsb=1&xpc=seuMoBeFFS&p=http%3A//www.sandiq.work&dtd=137
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:23 GMT
server: cafe
cache-control: private
content-length: 384
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jul-2018 12:20:23 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame CD6D 0
0 41ms
41ms Document
text/html 2a00:1450:4001:817::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v3xxkwNgxrN5/z4KlEA7gIyGFTk' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-v3xxkwNgxrN5/z4KlEA7gIyGFTk' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame E988 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F0D1 0
0 133ms
132ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=90&slotname=8346099391&adk=4177391497&adf=3214710465&w=728&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=728x90&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&wgl=1&adsid=NT&dt=1531915523234&bpp=4&bdt=228&fdt=160&idt=163&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x250%2C296x600&correlator=4119922462156&frm=20&pv=1&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=137986869804&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=2836&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&fsb=1&xpc=ZgfKJoGT0c&p=http%3A//www.sandiq.work&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=90&slotname=8346099391&adk=4177391497&adf=3214710465&w=728&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=728x90&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&flash=0&wgl=1&adsid=NT&dt=1531915523234&bpp=4&bdt=228&fdt=160&idt=163&shv=r20180711&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x250%2C296x600&correlator=4119922462156&frm=20&pv=1&ga_vid=2053417403.1531915523&ga_sid=1531915523&ga_hid=1964005728&ga_fc=0&iag=0&icsg=137986869804&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=2836&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C368226400%2C370204028&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&fsb=1&xpc=ZgfKJoGT0c&p=http%3A//www.sandiq.work&dtd=183
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/2017/12/s9.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/2017/12/s9.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:23 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jul-2018 12:20:23 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 7132 0
442 B 40ms
39ms Image
text/html 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=3893998847&adf=1319644600&fmt=296x600&str=true&ad_y=1720.96875&vph=1200&r_nh=0&qid=CLDy4YTOqNwCFQQ44AodKZgCvA&w=296&h=600&rsz=o%7Co%7CpeE%7C&abl=NS&frsz=false&err=0&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tc.js Show response
cdn.tynt.com/ 15 KB
7 KB 22ms
12ms Script
application/javascript 104.16.87.26
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Apr 2018 18:36:52 GMT
Server: cloudflare
ETag: W/"5acd0444-3ddc"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 43c4d0f5e53abedf-FRA
Expires: Sat, 21 Jul 2018 12:05:23 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
335 B 235ms
119ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0&img=https%3A%2F%2Flh3.googleusercontent.com%2Fproxy%2F8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi%3Dw1200-h630-p-k-no-nu&ct=%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&r=https%3A%2F%2Fwww.google.de%2F&t=%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%3A%20%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&cu=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Server: nginx/1.14.0
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
S 200 31027104-css_bundle_v2_rtl.css
www.blogger.com/static/v1/widgets/ Frame DB60 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/31027104-css_bundle_v2_rtl.css

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

209be008e3d4c9f9e9a8cbcd639eada2b85dfb499313454e9fb91932da6a908a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 13:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 17:28:13 GMT
server: sffe
age: 427990
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9148
x-xss-protection: 1; mode=block
expires: Sat, 13 Jul 2019 13:12:13 GMT

GET
S 200 plusone.js Show response
apis.google.com/js/ Frame DB60 43 KB
0 27ms
27ms Script
application/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

37c5fa3e10b9c5efe235ea79656573eac168676a4983801acd4fbfa23d0883cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-N7/SN5lasiSkjoHqp7QmDb1dQpU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "a946935d25873181035be85bf860b9eb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DB60 73 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a69dfac0fb0f63ed50189ebe191d7498f157560b85d19a328142b60cac7f240f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9401390821887325258
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 27466
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
S 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ Frame DB60 475 B
0 7ms
5ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 14 Jul 2018 06:27:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 19:27:35 GMT
server: sffe
age: 365879
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 475
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 06:27:24 GMT

GET
H/1.1 200
OK google-u%C3%A7u%C5%9Flar-2.jpg
shiftdelete.net/wp-content/uploads/2018/02/ Frame DB60 38 KB
0 52ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/02/google-u%C3%A7u%C5%9Flar-2.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

68e09373bf0e4b9c2319b0e60ec1f1b7410b6371418eba64e130af862b827d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a72d15c-98fa"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39162
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
S 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ Frame DB60 162 B
0 7ms
6ms Image
image/gif 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 14 Jul 2018 00:43:30 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 03:33:27 GMT
server: sffe
age: 386513
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 162
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 00:43:30 GMT

GET
H/1.1 200
OK apple-homepod-hangi-ses-kaynaklarini-destekliyor-sdn-01.jpg
ceres.shiftdelete.net/580x330/original/2018/02/ Frame DB60 48 KB
49 KB 96ms
95ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ceres.shiftdelete.net/580x330/original/2018/02/apple-homepod-hangi-ses-kaynaklarini-destekliyor-sdn-01.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx/1.13.4 /

Resource Hash

1079cd388b140b8616632c9f8c69a18543beceb0e1c2ba27b3a959f0a231a819

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Last-Modified: Thu, 01 Feb 2018 15:09:53 GMT
Server: nginx/1.13.4
ETag: W/"5a732dc1-2df8e"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Content-Length: 49392
Expires: Wed, 05 Jun 2019 14:59:23 GMT

GET
H/1.1 200
OK p22.png
shiftdelete.net/wp-content/uploads/2018/02/ Frame DB60 664 KB
665 KB 54ms
54ms Image
image/png 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/02/p22.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

b462f9e1cb67e3b1675903b6e9897c7a09b9864912795cbfa5f35e87632b69cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:22 GMT
Server: nginx
ETag: "5a731745-a6108"
Strict-Transport-Security: max-age=157680000
Content-Type: image/png
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 680200
Expires: Sun, 16 Sep 2018 12:04:22 GMT

GET
H/1.1 200
OK Xperia-XA2-768x412.png
shiftdelete.net/wp-content/uploads/2018/01/ Frame DB60 25 KB
25 KB 51ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/01/Xperia-XA2-768x412.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

575603f5f5dd92bc61a3d80498310d1060e60112adb30e006d25585bbd657814

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:05:23 GMT
Server: nginx
ETag: W/"PSA-aj-70Wx4cQcD6"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: max-age=5183937, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25446
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
H/1.1 200
OK xperia-xa2-1-768x438.png
shiftdelete.net/wp-content/uploads/2018/01/ Frame DB60 166 KB
0 51ms
50ms Image
image/png 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/01/xperia-xa2-1-768x438.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:05:23 GMT
Server: nginx
ETag: W/"PSA-aj-4XgFSRrU4G"
Strict-Transport-Security: max-age=157680000
Content-Type: image/png
Cache-Control: max-age=5183937, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 215512
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
H/1.1 200
OK galaxy-s9.jpg
shiftdelete.net/wp-content/uploads/2018/01/ Frame DB60 36 KB
37 KB 50ms
50ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/01/galaxy-s9.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

30b44c40101ee7ab5f88a8eba1ae9ec7e7c757fa6a13e1b13e26de8e33283c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a4b934c-91aa"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37290
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
S 200 authorization.css
www.blogger.com/dyn-css/ Frame DB60 1 B
93 B 332ms
331ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7153862393770945733&zx=c1ecc8ff-d21a-49cc-a20c-caa0a2ea2c8a

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 18 Jul 2018 12:05:23 GMT
server: GSE
date: Wed, 18 Jul 2018 12:05:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: private, max-age=1800
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ Frame DB60 131 KB
46 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

27d0b2f79b3a90ccf74c8be137edd09fd3be6230e634ab3308213a5d9d47ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 54124
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46639
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:19 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ Frame DB60 55 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

01959738688896ce0770006b1534350b03111b8d5b70507fe457bd2945824693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 54089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 18409
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:54 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DB60 47 B
627 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 12 Jul 2018 12:43:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 516096
ETag: 13036835877489095579
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 67
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Jul 2018 12:43:47 GMT

GET
H/1.1 200
OK gm6-2.jpg
ceres.shiftdelete.net/580x330/original/2017/12/ Frame DB60 43 KB
43 KB 108ms
107ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ceres.shiftdelete.net/580x330/original/2017/12/gm6-2.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx/1.13.4 /

Resource Hash

336b924701e752c0c238bad450eba49b2b524d97929ebbc40868bf369087fec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Last-Modified: Fri, 15 Dec 2017 14:38:45 GMT
Server: nginx/1.13.4
ETag: W/"5a33de75-a9978"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Content-Length: 43711
Expires: Sun, 24 Feb 2019 18:05:50 GMT

GET
H/1.1 200
OK samsung-apple-akilli-hoparlor-sdn-02-768x384.jpg
shiftdelete.net/wp-content/uploads/2017/12/ Frame DB60 29 KB
29 KB 51ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2017/12/samsung-apple-akilli-hoparlor-sdn-02-768x384.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

55fabf9efb4cd0bbd150a905b8692ab82fbb2cae45c3e66c5061ef41bf3dcf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a3437a8-7421"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29729
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
S 200 NqSyhCHCTigy6TiAbTZu-EwxkDENj6GXLuO2zQCz0yMhLJ8623Fb_Zq4gRug5hJJ-t5MXd1gtzv3rpWpCKcD9bSMLxWR1zMMYLs_C6XnPw7lGZIId7E8l6sE65IT0YTljALudMU=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ Frame DB60 3 KB
0 8ms
6ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/NqSyhCHCTigy6TiAbTZu-EwxkDENj6GXLuO2zQCz0yMhLJ8623Fb_Zq4gRug5hJJ-t5MXd1gtzv3rpWpCKcD9bSMLxWR1zMMYLs_C6XnPw7lGZIId7E8l6sE65IT0YTljALudMU=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d0a15a9c7824b25c682752eb829fdb0cceb7a9292d744251cca54284ded4affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3009
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 klGEH_kWk51ZawOsToRrdVu2Y_PACoG3iyJdlTBpa0cOstBRhpLjZb7l7zxwETzcwVkbx9ZT6BQ_UxoBg5Mi-_TK6Xc-E5HWYRAj8x12oSISuK0V=w72-h72-p-k-no-nu
lh4.googleusercontent.com/proxy/ Frame DB60 3 KB
0 8ms
7ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/klGEH_kWk51ZawOsToRrdVu2Y_PACoG3iyJdlTBpa0cOstBRhpLjZb7l7zxwETzcwVkbx9ZT6BQ_UxoBg5Mi-_TK6Xc-E5HWYRAj8x12oSISuK0V=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

801560bf9ad4a2da17e61ea59d0f5a7c194b309eb715a5692142e7bdcad170ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3452
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 GH6XxDOztZ6r7kaDo0wLZfEGfbXApLUFw3Ei7QPsvUZAebJPv2BR3WV8DwuvmaIAVfQYSBarSHKgwCIE09iM2hrhN9bhW8VrQLUCctcYnD4mF7hRxDt1OCKSQ3w4NpQ=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame DB60 2 KB
0 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/GH6XxDOztZ6r7kaDo0wLZfEGfbXApLUFw3Ei7QPsvUZAebJPv2BR3WV8DwuvmaIAVfQYSBarSHKgwCIE09iM2hrhN9bhW8VrQLUCctcYnD4mF7hRxDt1OCKSQ3w4NpQ=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d551590be01da9e196495e06f99a4e09f97fb70a01fd8fa40221833197108dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1787
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 o3ai1x7bJcjZ49notF_4RKn_HI6wO4jget4r1PnN_45tbt3GAHL1QjucYGeZotKc0KNPhjMxNzU012MbQi1wAUzGyOYSz0OFuzAApuNutrVZssqIusil6Ui_mc_zMW8MKgqjemOp26P3BcpCFy9q=w72-h72-p-k-no-nu
lh5.googleusercontent.com/proxy/ Frame DB60 2 KB
0 7ms
6ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

35d56aa7cd63d6a2dea4937991d96428ba45fd88ac7c351be15d2bfd27b946d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2258
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 IqT0xD20l20v076TgGhOHTOWeIBbSsvkPxzbgwLjwAu0XEAkUijW5GBefSTSTFgK1D9AD_wCv_OZ03L5ezVvcXY9L1TO92Etwa6dvJszBpDfWQ=w72-h72-p-k-no-nu
lh4.googleusercontent.com/proxy/ Frame DB60 3 KB
0 9ms
7ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/IqT0xD20l20v076TgGhOHTOWeIBbSsvkPxzbgwLjwAu0XEAkUijW5GBefSTSTFgK1D9AD_wCv_OZ03L5ezVvcXY9L1TO92Etwa6dvJszBpDfWQ=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

71de3ad9a7567a5a4291c4c0b4178d321d81fb014fce6e1557c866fe30d459ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3578
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 eLspIcxMVhHhR4rgYFIOcW3ilQjlH7yc4sik-0dQyWzu8QGZdWjEgXANQx8RhWosAywk-3uWDCcD1M6AXUpZ7esqfnzyvIPSRvB8b5zv8HaSsxFNDkN5yOn-Bc7xZ9eIT8DMXfD3tnxHMRmlbd6Ngqdy2SWsc7kh9CFC0XjWvSw=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ Frame DB60 2 KB
0 11ms
9ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

2ca891468f5959ff21209d3cf6e07a79c5c219de5663bf12ebf22955e21902ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2371
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 Fl27JYaiCfCEmih1mO3eYhWfgN1QqvEDwlV6KEqiqOlylJhtZmeOAHy6AXjFmVc-FNi-sBqIEtai0kftZZ1pxVfZgMOHgm-Ay2tLgPRGP7M0zRrtHUIq-SZl7tJS=w72-h72-p-k-no-nu
lh5.googleusercontent.com/proxy/ Frame DB60 3 KB
0 10ms
9ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/Fl27JYaiCfCEmih1mO3eYhWfgN1QqvEDwlV6KEqiqOlylJhtZmeOAHy6AXjFmVc-FNi-sBqIEtai0kftZZ1pxVfZgMOHgm-Ay2tLgPRGP7M0zRrtHUIq-SZl7tJS=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

77ca57651ea5651e5da4daecf25d7df88136e13c9d42ab189d904f1cc1d4d12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2596
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 Q82Gse4RMfMagPBcbefi0z4CAGccTKHQhih-VdbdILyUjNtuzCgufil8KpNPSNQcWyhwkFo5xx8ZjpTlOR9OQ3R8SjYQ7gEOQDVJYRx8GUg3h5EYerEKi-20LqXiur0M6uTuHu4Sc66qJw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame DB60 2 KB
0 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bfb6d0451ced4865c376d92c06e0398d0bec2f5232fc69bc257553cf6d37711a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2330
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame DB60 9 KB
0 9ms
8ms Image
image/png 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bbb622b66c7641668a8736908ff82a6dee382652ccc326ef9ef08113e17c6edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8769
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 1cgEKm8glFKkx5Eg8vSwY5x2aopeB0YPYk-vtrIAGKE1NkxPhh7PufN4Pi-LfCi0Xy14bbWj6_cNekaLXaJBso2YSUZUKboaaxi6lB4a6o8RlpgvVpgt18Xwl-Q=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ Frame DB60 2 KB
0 8ms
8ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/1cgEKm8glFKkx5Eg8vSwY5x2aopeB0YPYk-vtrIAGKE1NkxPhh7PufN4Pi-LfCi0Xy14bbWj6_cNekaLXaJBso2YSUZUKboaaxi6lB4a6o8RlpgvVpgt18Xwl-Q=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

b7da9bc108bd516e5041308836a39e9011e09c0f9a62d1d0d8a3679291d45650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2528
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ Frame DB60 12 KB
7 KB 17ms
17ms Script
application/x-javascript 185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/
Protocol: HTTP/1.1
Server: 185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: bc0f28387fdc58b79c22fa82216bcd6a19412dbe541fee83c1314a8d39448d30

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jul 2018 21:46:33 GMT
ETag: W/"5b4e63b9-2f33"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, private
Connection: keep-alive
Expires: Thu, 19 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.sandiq.work/js/ Frame DB60 6 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.sandiq.work/js/cookienotice.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sandiq.work
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.sandiq.work/2017/12/s9.html
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 17 Jul 2018 18:03:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Jul 2018 17:37:22 GMT
Server: sffe
Age: 64943
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Jul 2018 18:03:00 GMT

GET
S 200 1109080293-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame DB60 146 KB
0 7ms
6ms Script
text/javascript 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1109080293-widgets.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53bc8e0d10219c99f095bdcc2b0210f07be024705e0b15e4f874c9bfc0bba27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 14 Jul 2018 13:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 14 Jul 2018 10:14:38 GMT
server: sffe
age: 341091
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 53573
x-xss-protection: 1; mode=block
expires: Sun, 14 Jul 2019 13:20:32 GMT

GET
S 200 tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ Frame DB60 182 B
0 6ms
6ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 13:17:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 19:52:57 GMT
server: sffe
age: 427675
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 182
x-xss-protection: 1; mode=block
expires: Fri, 20 Jul 2018 13:17:28 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame DB60 109 B
171 B 120ms
119ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sandiq.work

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame DB60 109 B
171 B 113ms
113ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sandiq.work

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 navbar.g
www.blogger.com/ Frame 49CB 0
0 688ms
687ms Document
text/html 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&vt=3034840651634160064&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&vt=3034840651634160064&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2652
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK / Show response
www.sandiq.work/ Frame AEAA 107 KB
22 KB 563ms
563ms Document
text/html 2a00:1450:4001:81c::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.sandiq.work/

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

6023c9916d971b35e88917ef6cc092b7cd4b3c9494e332b608654017a507d720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.sandiq.work
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.sandiq.work/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Wed, 18 Jul 2018 12:05:24 GMT
Date: Wed, 18 Jul 2018 12:05:24 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 17 Jul 2018 20:23:45 GMT
ETag: W/"1de2d073e486a05ad0c57d602d336ac99ddd44fe5d34fd332d094b29c3f5f27b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 21683
Server: GSE

GET
S 200 ca-pub-7149843128166834.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame DB60 133 B
185 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7149843128166834.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Jul 2018 20:22:30 GMT
server: sffe
age: 62
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Thu, 19 Jul 2018 00:04:21 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame 2D38 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame EF49 0
0 211ms
210ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=1146778205&w=300&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&avail_w=296&wgl=1&dt=1531915523652&bpp=7&bdt=101&fdt=7&idt=9&shv=r20180711&cbv=r20180604&saldr=aa&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=133770&nhd=1&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=604&ady=2140&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=1146778205&w=300&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&avail_w=296&wgl=1&dt=1531915523652&bpp=7&bdt=101&fdt=7&idt=9&shv=r20180711&cbv=r20180604&saldr=aa&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=133770&nhd=1&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=604&ady=2140&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=20&bc=7&ifi=1&fsb=1&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:23 GMT
server: cafe
cache-control: private
content-length: 382
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUnq9uPLhXAX5NWNCrh4xVkO0AccdVDmaatHz01bpfksmSNwQeCapcLQm8ZJ; expires=Mon, 12-Aug-2019 12:05:23 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame DB60 70 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a203507148f6ac9ac807eaabbcc715e08966d4c8d41374851c5813da246425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 20:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26249
x-xss-protection: 1; mode=block
server: cafe
etag: 2423183749728313736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 20:26:02 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame E667 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9A64 0
0 176ms
176ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=9851626522&adk=3412058414&adf=793235384&w=296&fwrn=3&fwrnh=100&rafmt=1&npa=1&guci=1.2.0.0.2.1.0&format=296x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rh=0&rw=296&resp_fmts=3&wgl=1&dt=1531915523678&bpp=5&bdt=128&fdt=6&idt=7&shv=r20180711&cbv=r20180604&saldr=aa&prev_fmts=300x250&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=2632234&nhd=1&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=608&ady=3683&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=148&bc=7&ifi=2&fsb=1&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=9851626522&adk=3412058414&adf=793235384&w=296&fwrn=3&fwrnh=100&rafmt=1&npa=1&guci=1.2.0.0.2.1.0&format=296x250&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rh=0&rw=296&resp_fmts=3&wgl=1&dt=1531915523678&bpp=5&bdt=128&fdt=6&idt=7&shv=r20180711&cbv=r20180604&saldr=aa&prev_fmts=300x250&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=2632234&nhd=1&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=608&ady=3683&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&fu=148&bc=7&ifi=2&fsb=1&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:23 GMT
server: cafe
cache-control: private
content-length: 383
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUlgEBKTWC5veoG5eTAi3vAOsCyBlcwAbKf5AuoUs6xiBiH89wmWw27sXdOa; expires=Mon, 12-Aug-2019 12:05:23 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame DB60 17 B
242 B 187ms
94ms Script
application/javascript 69.4.231.30
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://t.dtscout.com/i/?l=http%3A%2F%2Fwww.sandiq.work%2F&j=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: no-rdns.ord02.hostingservicesinc.net
Software: /
Resource Hash: 37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript
X-Z: I
Transfer-Encoding: chunked
Expires: Wed, 18 Jul 2018 12:05:22 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame 84D9 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E5D9 0
0 190ms
182ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=90&slotname=8346099391&adk=4177391497&adf=1810335069&w=728&npa=1&guci=1.2.0.0.2.1.0&format=728x90&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&wgl=1&dt=1531915523733&bpp=6&bdt=182&fdt=7&idt=9&shv=r20180711&cbv=r20180604&saldr=aa&prev_fmts=300x250%2C296x250&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=42115746&nhd=1&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=22&ady=5054&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=3&fsb=1&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=90&slotname=8346099391&adk=4177391497&adf=1810335069&w=728&npa=1&guci=1.2.0.0.2.1.0&format=728x90&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&ea=0&flash=0&wgl=1&dt=1531915523733&bpp=6&bdt=182&fdt=7&idt=9&shv=r20180711&cbv=r20180604&saldr=aa&prev_fmts=300x250%2C296x250&correlator=4119922462156&rume=1&frm=23&ife=1&pv=1&ga_vid=58082408.1531915524&ga_sid=1531915524&ga_hid=1923200467&ga_fc=0&iag=3&icsg=42115746&nhd=1&dssz=33&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=22&ady=5054&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060549%2C21060853%2C21062171%2C368226401&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7C%7CpoeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=7&ifi=3&fsb=1&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:23 GMT
server: cafe
cache-control: private
content-length: 382
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUmKabSZOl6Fm7229ad8COBOaaR_blAy93Qq2aZRBlueNpv7DYl7Vb89Z3ey; expires=Mon, 12-Aug-2019 12:05:23 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame DB60 28 B
231 B 231ms
116ms Script
text/javascript 67.202.94.93
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=57v28mbus5&t=%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&c=d&y=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&a=0&r=814
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 7c182a141b6f910f9ca5acfda286bb815c6461ad9e38fb8ebe7f25c7b690912a

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
S 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ Frame DB60 76 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9987a412e4dba9e63115a41652218297576182bfda38c8f22a57273b244d9610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 53986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27241
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:05:37 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame AFA9 0
0 27ms
26ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-5t9H1XWj7aSZZsm16RzLIHG/+l4' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 8D8B 0
0 30ms
30ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post_1.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post_1.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-kr0TtUEDYOV4BN4ByDvGutE3l2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 8DF6 0
0 26ms
25ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fp20.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fp20.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-g2lK5/1+aoqZdO4RafjcXuIswNY' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 571A 0
0 30ms
29ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fxa2.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fxa2.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-kkRiS1qW7+zQZCzLO5t7Qh6uh+s' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 2055 0
0 43ms
43ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fs9-s9.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fs9-s9.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-e+qmFdOJWMgwMtCvFZRJZGTLFUU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 0095 0
0 27ms
27ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2F6.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2F6.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-xKnQZmi5wLIzERJYqsrR3i5yRoc' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 503E 0
0 29ms
28ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fblog-post_15.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fblog-post_15.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-xW8FHQpUiStkyrovBq+Y3kB3C1Y' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
170 B 236ms
115ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0&img=https%3A%2F%2Flh3.googleusercontent.com%2Fproxy%2F8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi%3Dw1200-h630-p-k-no-nu&ct=%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&r=https%3A%2F%2Fwww.google.de%2F&t=%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%3A%20%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&cu=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx/1.14.0
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H/1.1 200 v2 Show response
de.tynt.com/deb/ 4 B
269 B 207ms
102ms Script
application/javascript 208.100.17.184
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: http://de.tynt.com/deb/v2?id=w!57v28mbus5&dn=TC&cc=1&r=https%3A%2F%2Fwww.google.de%2F
Requested by: Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol: HTTP/1.1
Server: 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip184.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Cache-Control: max-age=86400
Content-Type: application/javascript
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length: 4
Expires: Thu, 19 Jul 2018 12:05:23 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame B831 0
0 41ms
41ms Document
text/html 2a00:1450:4001:817::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qx+67Zq0/eQisNrbvNHnPw/4erw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=rgW9a_4c9ULr8fkPq8TlyQKXePEPr9JQLVARd1zO1buhpXdbc9tD8ijSQp1FypVTdgymbarD6ELsWcPbsKg0cSO4aRbLLt9mww2TqTognQ5kOFrV5uJDapPYKGwpxCF_; GAPS=1:palBS_CIFVv55WjRJZ568U4F4qAGuw:kqs5sDHmSjPe7jLV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-qx+67Zq0/eQisNrbvNHnPw/4erw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
DATA 200
OK truncated
/ Frame DB60 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK tc.js Show response
cdn.tynt.com/ Frame DB60 15 KB
7 KB 46ms
46ms Script
application/javascript 104.16.87.26
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Apr 2018 18:36:52 GMT
Server: cloudflare
ETag: W/"5acd0444-3ddc"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 43c4d0f9465dbedf-FRA
Expires: Sat, 21 Jul 2018 12:05:24 GMT

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
335 B 216ms
107ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0&img=https%3A%2F%2Flh3.googleusercontent.com%2Fproxy%2F8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi%3Dw1200-h630-p-k-no-nu&ct=%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&r=https%3A%2F%2Fwww.google.de%2F&t=%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%3A%20%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx/1.14.0
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
S 200 31027104-css_bundle_v2_rtl.css
www.blogger.com/static/v1/widgets/ Frame AEAA 41 KB
9 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/31027104-css_bundle_v2_rtl.css

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

209be008e3d4c9f9e9a8cbcd639eada2b85dfb499313454e9fb91932da6a908a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 13:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 17:28:13 GMT
server: sffe
age: 427991
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9148
x-xss-protection: 1; mode=block
expires: Sat, 13 Jul 2019 13:12:13 GMT

GET
S 200 plusone.js Show response
apis.google.com/js/ Frame AEAA 43 KB
0 27ms
27ms Script
application/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

37c5fa3e10b9c5efe235ea79656573eac168676a4983801acd4fbfa23d0883cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-N7/SN5lasiSkjoHqp7QmDb1dQpU' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "a946935d25873181035be85bf860b9eb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AEAA 73 KB
27 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a69dfac0fb0f63ed50189ebe191d7498f157560b85d19a328142b60cac7f240f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 18 Jul 2018 12:05:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9401390821887325258
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 27466
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:24 GMT

GET
S 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ Frame AEAA 475 B
0 7ms
5ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 14 Jul 2018 06:27:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 19:27:35 GMT
server: sffe
age: 365879
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 475
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 06:27:24 GMT

GET
H/1.1 200
OK google-u%C3%A7u%C5%9Flar-2.jpg
shiftdelete.net/wp-content/uploads/2018/02/ Frame AEAA 38 KB
0 52ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/02/google-u%C3%A7u%C5%9Flar-2.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

68e09373bf0e4b9c2319b0e60ec1f1b7410b6371418eba64e130af862b827d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a72d15c-98fa"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39162
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
S 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ Frame AEAA 162 B
0 7ms
6ms Image
image/gif 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 14 Jul 2018 00:43:30 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Jul 2018 03:33:27 GMT
server: sffe
age: 386513
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 162
x-xss-protection: 1; mode=block
expires: Sat, 21 Jul 2018 00:43:30 GMT

GET
H/1.1 200
OK apple-homepod-hangi-ses-kaynaklarini-destekliyor-sdn-01.jpg
ceres.shiftdelete.net/580x330/original/2018/02/ Frame AEAA 48 KB
0 96ms
95ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ceres.shiftdelete.net/580x330/original/2018/02/apple-homepod-hangi-ses-kaynaklarini-destekliyor-sdn-01.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx/1.13.4 /

Resource Hash

1079cd388b140b8616632c9f8c69a18543beceb0e1c2ba27b3a959f0a231a819

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Last-Modified: Thu, 01 Feb 2018 15:09:53 GMT
Server: nginx/1.13.4
ETag: W/"5a732dc1-2df8e"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Content-Length: 49392
Expires: Wed, 05 Jun 2019 14:59:23 GMT

GET
H/1.1 200
OK p22.png
shiftdelete.net/wp-content/uploads/2018/02/ Frame AEAA 664 KB
665 KB 52ms
52ms Image
image/png 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/02/p22.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

b462f9e1cb67e3b1675903b6e9897c7a09b9864912795cbfa5f35e87632b69cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:22 GMT
Server: nginx
ETag: "5a731745-a6108"
Strict-Transport-Security: max-age=157680000
Content-Type: image/png
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 680200
Expires: Sun, 16 Sep 2018 12:04:22 GMT

GET
H/1.1 200
OK Xperia-XA2-768x412.png
shiftdelete.net/wp-content/uploads/2018/01/ Frame AEAA 25 KB
0 51ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/01/Xperia-XA2-768x412.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

575603f5f5dd92bc61a3d80498310d1060e60112adb30e006d25585bbd657814

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:05:23 GMT
Server: nginx
ETag: W/"PSA-aj-70Wx4cQcD6"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: max-age=5183937, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25446
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
H/1.1 200
OK xperia-xa2-1-768x438.png
shiftdelete.net/wp-content/uploads/2018/01/ Frame AEAA 210 KB
211 KB 52ms
51ms Image
image/png 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/01/xperia-xa2-1-768x438.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

0025b06c44888310fe24e9bcbb094170895d0c9f5e3c901522ea8a838fdcdd61

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx
ETag: W/"PSA-aj-4XgFSRrU4G"
Strict-Transport-Security: max-age=157680000
Content-Type: image/png
Cache-Control: max-age=5183936, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 215512
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
H/1.1 200
OK galaxy-s9.jpg
shiftdelete.net/wp-content/uploads/2018/01/ Frame AEAA 36 KB
0 50ms
50ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2018/01/galaxy-s9.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

30b44c40101ee7ab5f88a8eba1ae9ec7e7c757fa6a13e1b13e26de8e33283c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a4b934c-91aa"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37290
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
H/1.1 200
OK gm6-2.jpg
ceres.shiftdelete.net/580x330/original/2017/12/ Frame AEAA 43 KB
0 108ms
107ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ceres.shiftdelete.net/580x330/original/2017/12/gm6-2.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx/1.13.4 /

Resource Hash

336b924701e752c0c238bad450eba49b2b524d97929ebbc40868bf369087fec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Last-Modified: Fri, 15 Dec 2017 14:38:45 GMT
Server: nginx/1.13.4
ETag: W/"5a33de75-a9978"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Content-Length: 43711
Expires: Sun, 24 Feb 2019 18:05:50 GMT

GET
H/1.1 200
OK samsung-apple-akilli-hoparlor-sdn-02-768x384.jpg
shiftdelete.net/wp-content/uploads/2017/12/ Frame AEAA 29 KB
0 51ms
51ms Image
image/jpeg 94.101.80.102
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shiftdelete.net/wp-content/uploads/2017/12/samsung-apple-akilli-hoparlor-sdn-02-768x384.jpg

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

94.101.80.102 , Turkey, ASN42926 (RADORE, TR),

Reverse DNS

server-94.101.80.102.radore.net.tr

Software

nginx /

Resource Hash

55fabf9efb4cd0bbd150a905b8692ab82fbb2cae45c3e66c5061ef41bf3dcf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Response headers

Pragma: public
Date: Wed, 18 Jul 2018 12:04:21 GMT
Server: nginx
ETag: "5a3437a8-7421"
Strict-Transport-Security: max-age=157680000
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29729
Expires: Sun, 16 Sep 2018 12:04:21 GMT

GET
S 200 NqSyhCHCTigy6TiAbTZu-EwxkDENj6GXLuO2zQCz0yMhLJ8623Fb_Zq4gRug5hJJ-t5MXd1gtzv3rpWpCKcD9bSMLxWR1zMMYLs_C6XnPw7lGZIId7E8l6sE65IT0YTljALudMU=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ Frame AEAA 3 KB
0 8ms
6ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/NqSyhCHCTigy6TiAbTZu-EwxkDENj6GXLuO2zQCz0yMhLJ8623Fb_Zq4gRug5hJJ-t5MXd1gtzv3rpWpCKcD9bSMLxWR1zMMYLs_C6XnPw7lGZIId7E8l6sE65IT0YTljALudMU=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d0a15a9c7824b25c682752eb829fdb0cceb7a9292d744251cca54284ded4affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3009
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 klGEH_kWk51ZawOsToRrdVu2Y_PACoG3iyJdlTBpa0cOstBRhpLjZb7l7zxwETzcwVkbx9ZT6BQ_UxoBg5Mi-_TK6Xc-E5HWYRAj8x12oSISuK0V=w72-h72-p-k-no-nu
lh4.googleusercontent.com/proxy/ Frame AEAA 3 KB
0 8ms
7ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/klGEH_kWk51ZawOsToRrdVu2Y_PACoG3iyJdlTBpa0cOstBRhpLjZb7l7zxwETzcwVkbx9ZT6BQ_UxoBg5Mi-_TK6Xc-E5HWYRAj8x12oSISuK0V=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

801560bf9ad4a2da17e61ea59d0f5a7c194b309eb715a5692142e7bdcad170ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3452
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 GH6XxDOztZ6r7kaDo0wLZfEGfbXApLUFw3Ei7QPsvUZAebJPv2BR3WV8DwuvmaIAVfQYSBarSHKgwCIE09iM2hrhN9bhW8VrQLUCctcYnD4mF7hRxDt1OCKSQ3w4NpQ=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame AEAA 2 KB
0 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/GH6XxDOztZ6r7kaDo0wLZfEGfbXApLUFw3Ei7QPsvUZAebJPv2BR3WV8DwuvmaIAVfQYSBarSHKgwCIE09iM2hrhN9bhW8VrQLUCctcYnD4mF7hRxDt1OCKSQ3w4NpQ=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d551590be01da9e196495e06f99a4e09f97fb70a01fd8fa40221833197108dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1787
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 o3ai1x7bJcjZ49notF_4RKn_HI6wO4jget4r1PnN_45tbt3GAHL1QjucYGeZotKc0KNPhjMxNzU012MbQi1wAUzGyOYSz0OFuzAApuNutrVZssqIusil6Ui_mc_zMW8MKgqjemOp26P3BcpCFy9q=w72-h72-p-k-no-nu
lh5.googleusercontent.com/proxy/ Frame AEAA 2 KB
0 7ms
6ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

35d56aa7cd63d6a2dea4937991d96428ba45fd88ac7c351be15d2bfd27b946d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2258
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 IqT0xD20l20v076TgGhOHTOWeIBbSsvkPxzbgwLjwAu0XEAkUijW5GBefSTSTFgK1D9AD_wCv_OZ03L5ezVvcXY9L1TO92Etwa6dvJszBpDfWQ=w72-h72-p-k-no-nu
lh4.googleusercontent.com/proxy/ Frame AEAA 3 KB
0 9ms
7ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/IqT0xD20l20v076TgGhOHTOWeIBbSsvkPxzbgwLjwAu0XEAkUijW5GBefSTSTFgK1D9AD_wCv_OZ03L5ezVvcXY9L1TO92Etwa6dvJszBpDfWQ=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

71de3ad9a7567a5a4291c4c0b4178d321d81fb014fce6e1557c866fe30d459ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3578
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 authorization.css
www.blogger.com/dyn-css/ Frame AEAA 1 B
141 B 310ms
310ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7153862393770945733&zx=c1ecc8ff-d21a-49cc-a20c-caa0a2ea2c8a

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

If-Modified-Since: Wed, 18 Jul 2018 12:05:23 GMT
Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 18 Jul 2018 12:05:24 GMT
server: GSE
date: Wed, 18 Jul 2018 12:05:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: private, max-age=1800
expires: Wed, 18 Jul 2018 12:05:24 GMT

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ Frame AEAA 131 KB
46 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

27d0b2f79b3a90ccf74c8be137edd09fd3be6230e634ab3308213a5d9d47ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 54125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46639
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:19 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ Frame AEAA 55 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

01959738688896ce0770006b1534350b03111b8d5b70507fe457bd2945824693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 54090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 18409
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:03:54 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AEAA 47 B
627 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 12 Jul 2018 12:43:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 516097
ETag: 13036835877489095579
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 67
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Jul 2018 12:43:47 GMT

GET
S 200 tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ Frame AEAA 182 B
0 6ms
6ms Image
image/png 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 13 Jul 2018 13:17:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 19:52:57 GMT
server: sffe
age: 427675
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 182
x-xss-protection: 1; mode=block
expires: Fri, 20 Jul 2018 13:17:28 GMT

GET
S 200 eLspIcxMVhHhR4rgYFIOcW3ilQjlH7yc4sik-0dQyWzu8QGZdWjEgXANQx8RhWosAywk-3uWDCcD1M6AXUpZ7esqfnzyvIPSRvB8b5zv8HaSsxFNDkN5yOn-Bc7xZ9eIT8DMXfD3tnxHMRmlbd6Ngqdy2SWsc7kh9CFC0XjWvSw=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ Frame AEAA 2 KB
0 11ms
9ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

2ca891468f5959ff21209d3cf6e07a79c5c219de5663bf12ebf22955e21902ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2371
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 Fl27JYaiCfCEmih1mO3eYhWfgN1QqvEDwlV6KEqiqOlylJhtZmeOAHy6AXjFmVc-FNi-sBqIEtai0kftZZ1pxVfZgMOHgm-Ay2tLgPRGP7M0zRrtHUIq-SZl7tJS=w72-h72-p-k-no-nu
lh5.googleusercontent.com/proxy/ Frame AEAA 3 KB
0 10ms
9ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/Fl27JYaiCfCEmih1mO3eYhWfgN1QqvEDwlV6KEqiqOlylJhtZmeOAHy6AXjFmVc-FNi-sBqIEtai0kftZZ1pxVfZgMOHgm-Ay2tLgPRGP7M0zRrtHUIq-SZl7tJS=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

77ca57651ea5651e5da4daecf25d7df88136e13c9d42ab189d904f1cc1d4d12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2596
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 Q82Gse4RMfMagPBcbefi0z4CAGccTKHQhih-VdbdILyUjNtuzCgufil8KpNPSNQcWyhwkFo5xx8ZjpTlOR9OQ3R8SjYQ7gEOQDVJYRx8GUg3h5EYerEKi-20LqXiur0M6uTuHu4Sc66qJw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame AEAA 2 KB
0 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bfb6d0451ced4865c376d92c06e0398d0bec2f5232fc69bc257553cf6d37711a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2330
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi=w72-h72-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame AEAA 9 KB
0 9ms
8ms Image
image/png 2a00:1450:4001:81c::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bbb622b66c7641668a8736908ff82a6dee382652ccc326ef9ef08113e17c6edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8769
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
S 200 1cgEKm8glFKkx5Eg8vSwY5x2aopeB0YPYk-vtrIAGKE1NkxPhh7PufN4Pi-LfCi0Xy14bbWj6_cNekaLXaJBso2YSUZUKboaaxi6lB4a6o8RlpgvVpgt18Xwl-Q=w72-h72-p-k-no-nu
lh6.googleusercontent.com/proxy/ Frame AEAA 2 KB
0 8ms
8ms Image
image/jpeg 2a00:1450:4001:817::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/1cgEKm8glFKkx5Eg8vSwY5x2aopeB0YPYk-vtrIAGKE1NkxPhh7PufN4Pi-LfCi0Xy14bbWj6_cNekaLXaJBso2YSUZUKboaaxi6lB4a6o8RlpgvVpgt18Xwl-Q=w72-h72-p-k-no-nu

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

b7da9bc108bd516e5041308836a39e9011e09c0f9a62d1d0d8a3679291d45650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
x-content-type-options: nosniff
age: 62
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2528
x-xss-protection: 1; mode=block
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Jul 2018 12:04:21 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ Frame AEAA 12 KB
7 KB 17ms
16ms Script
application/x-javascript 185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/
Protocol: HTTP/1.1
Server: 185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: bc0f28387fdc58b79c22fa82216bcd6a19412dbe541fee83c1314a8d39448d30

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jul 2018 21:46:33 GMT
ETag: W/"5b4e63b9-2f33"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, private
Connection: keep-alive
Expires: Thu, 19 Jul 2018 12:05:24 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.sandiq.work/js/ Frame AEAA 6 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.sandiq.work/js/cookienotice.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sandiq.work
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.sandiq.work/2017/12/s9.html
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 17 Jul 2018 18:03:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Jul 2018 17:37:22 GMT
Server: sffe
Age: 64943
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Jul 2018 18:03:00 GMT

GET
S 200 1109080293-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame AEAA 146 KB
0 7ms
6ms Script
text/javascript 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1109080293-widgets.js

Requested by

Host: www.sandiq.work
URL: http://www.sandiq.work/

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

53bc8e0d10219c99f095bdcc2b0210f07be024705e0b15e4f874c9bfc0bba27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 14 Jul 2018 13:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 14 Jul 2018 10:14:38 GMT
server: sffe
age: 341091
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 53573
x-xss-protection: 1; mode=block
expires: Sun, 14 Jul 2019 13:20:32 GMT

GET
H2 200 navbar.g
www.blogger.com/ Frame 2191 0
0 705ms
704ms Document
text/html 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&vt=3034840651634160064&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=7153862393770945733&blogName=%D8%A8%D9%86%D9%83+%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.sandiq.work/search&blogLocale=ar&v=2&homepageUrl=http://www.sandiq.work/&vt=3034840651634160064&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2653
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ Frame AEAA 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sandiq.work

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ Frame AEAA 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sandiq.work

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Jul 2018 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 ca-pub-7149843128166834.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame AEAA 133 B
188 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7149843128166834.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 12:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Jul 2018 20:22:30 GMT
server: sffe
age: 63
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Thu, 19 Jul 2018 00:04:21 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame 7B31 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 479A 0
0 197ms
196ms Document
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=635204798&w=300&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F&ea=0&flash=0&avail_w=296&wgl=1&dt=1531915524270&bpp=9&bdt=57&fdt=9&idt=11&shv=r20180711&cbv=r20180604&saldr=aa&correlator=4119922462156&frm=23&ife=1&pv=1&ga_vid=1701013525.1531915524&ga_sid=1531915524&ga_hid=2145815170&ga_fc=0&iag=15&icsg=133770&nhd=2&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=212&ady=5033&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226401%2C26835106&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&top=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&cms=1&fu=20&bc=7&ifi=1&fsb=1&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7149843128166834&output=html&h=250&slotname=3647058982&adk=91434076&adf=635204798&w=300&lmt=1531859025&npa=1&guci=1.2.0.0.2.1.0&format=300x250&url=http%3A%2F%2Fwww.sandiq.work%2F&ea=0&flash=0&avail_w=296&wgl=1&dt=1531915524270&bpp=9&bdt=57&fdt=9&idt=11&shv=r20180711&cbv=r20180604&saldr=aa&correlator=4119922462156&frm=23&ife=1&pv=1&ga_vid=1701013525.1531915524&ga_sid=1531915524&ga_hid=2145815170&ga_fc=0&iag=15&icsg=133770&nhd=2&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=212&ady=5033&biw=1585&bih=1200&isw=555&ish=115&ifk=442697391&scr_x=0&scr_y=0&eid=21060853%2C21062171%2C368226401%2C26835106&oid=3&ref=https%3A%2F%2Fwww.google.de%2F&top=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fs9.html&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C570%2C130&vis=1&rsz=o%7Co%7CpoeEbr%7C&abl=NS&ppjl=u&pfx=0&cms=1&fu=20&bc=7&ifi=1&fsb=1&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 18 Jul 2018 12:05:24 GMT
server: cafe
cache-control: private
content-length: 382
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 18-Jul-2018 12:20:24 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Wed, 18 Jul 2018 12:05:24 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame AEAA 70 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Protocol

SPDY

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a203507148f6ac9ac807eaabbcc715e08966d4c8d41374851c5813da246425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 20:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26249
x-xss-protection: 1; mode=block
server: cafe
etag: 2423183749728313736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Jul 2018 20:26:02 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame D890 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
170 B 223ms
108ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0&img=https%3A%2F%2Flh3.googleusercontent.com%2Fproxy%2F8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi%3Dw1200-h630-p-k-no-nu&ct=%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!&r=https%3A%2F%2Fwww.google.de%2F
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx/1.14.0
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ Frame AEAA 17 B
379 B 189ms
92ms Script
application/javascript 107.182.231.45
WestHost

General

Check archive.org

Show headers Download Go to

Full URL: http://t.dtscout.com/i/?l=http%3A%2F%2Fwww.sandiq.work%2F&j=http%3A%2F%2Fwww.sandiq.work%2F
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 107.182.231.45 New York, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS: 6bb6e72d.setaptr.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Z: I
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/ Frame 7489 185 KB
0 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180711/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Wed, 18 Jul 2018 12:05:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9639576542143408054
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 70298
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Jul 2018 12:05:23 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ Frame AEAA 28 B
231 B 206ms
104ms Script
text/javascript 67.202.94.94
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=57v28mbus5&t=%D8%A8%D9%86%D9%83%20%D8%A7%D9%84%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7&c=d&y=http%3A%2F%2Fwww.sandiq.work%2F&a=0&r=2203
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 7c182a141b6f910f9ca5acfda286bb815c6461ad9e38fb8ebe7f25c7b690912a

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
S 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.mCVPJIAPrEU.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew/ Frame AEAA 76 KB
27 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9987a412e4dba9e63115a41652218297576182bfda38c8f22a57273b244d9610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Jul 2018 21:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 22:41:06 GMT
server: sffe
age: 53987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27241
x-xss-protection: 1; mode=block
expires: Wed, 17 Jul 2019 21:05:37 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 6465 0
0 27ms
25ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-ggvRFuV67q/h+ZybgSIgQx80QnY' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 8AE2 0
0 28ms
27ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post_1.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fblog-post_1.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-rvad2jt5CAbPFUkC9ixZqh4R+5E' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 1800 0
0 32ms
31ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fp20.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F02%2Fp20.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-3851vl+6xouuvZJ4NmZhikYCYjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 1D8A 0
0 26ms
25ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fxa2.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fxa2.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-6xtJrHqq/fqXxcJ5FFKsfMYlfGk' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame E0DF 0
0 40ms
39ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fs9-s9.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2018%2F01%2Fs9-s9.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-qwtCaI/jlDb0PtC+eBU6XTEUGxc' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 1391 0
0 33ms
31ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2F6.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2F6.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-UokA8T/hFfrzExiOcFDB0lLJXTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 51E9 0
0 27ms
27ms Document
text/html 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fblog-post_15.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Ablog%3Aplusone&size=medium&width=300&annotation=inline&hl=ar&origin=http%3A%2F%2Fwww.sandiq.work&url=http%3A%2F%2Fwww.sandiq.work%2F2017%2F12%2Fblog-post_15.html&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 18 Jul 2018 12:05:24 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-LjilHRwvbbv97x9bfMBS8cBx3nY' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 2F8F 0
0 43ms
42ms Document
text/html 2a00:1450:4001:817::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Ln7YQY9XGUbkyqiSHYDjaGCrV8' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.sandiq.work&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.mCVPJIAPrEU.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCMH1eFSPRDf27Yh_EyLMEGjdUDbew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://www.sandiq.work/
accept-encoding: gzip, deflate
cookie: NID=134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 27453CCD9CB77EBE10F214686A7511CC
Referer: http://www.sandiq.work/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Jul 2018 12:05:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-3Ln7YQY9XGUbkyqiSHYDjaGCrV8' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
170 B 212ms
106ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0&img=https%3A%2F%2Flh3.googleusercontent.com%2Fproxy%2F8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi%3Dw1200-h630-p-k-no-nu&ct=%D8%B3%D9%88%D9%81%20%D8%BA%D8%A7%D9%84%D8%A7%D9%83%D8%B3%D9%8A%20S9%20%D9%8A%D9%83%D9%88%D9%86%20%D8%A3%D8%B3%D8%B1%D8%B9%20%D8%B4%D8%AD%D9%86%20%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81!
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx/1.14.0
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
DATA 200
OK truncated
/ Frame AEAA 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK tc.js Show response
cdn.tynt.com/ Frame AEAA 15 KB
6 KB 12ms
12ms Script
application/javascript 104.16.87.26
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b

Request headers

Referer: http://www.sandiq.work/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Apr 2018 18:36:52 GMT
Server: cloudflare
ETag: W/"5acd0444-3ddc"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 43c4d0fcf7e1bedf-FRA
Expires: Sat, 21 Jul 2018 12:05:24 GMT

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
170 B 229ms
114ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0&img=https%3A%2F%2Flh3.googleusercontent.com%2Fproxy%2F8g0tT-h0-EWQbO2PGaSa9WdS7CyO89_F7OEfaVXwJapilGsic8wBDd2KlBxuR43G3Fce3GSOg9aKWfQpAX481b3Qtb1RSC2WXwAm_sKLFofuo9SakyTO5SNz6vgBwFOFivktT_7_F7amwYk0fP4hGRAi%3Dw1200-h630-p-k-no-nu
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:24 GMT
Server: nginx/1.14.0
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H/1.1 204
No Content p
ic.tynt.com/b/ 0
170 B 211ms
105ms Image
text/plain 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.tynt.com/b/p?id=w!57v28mbus5&lm=0&ts=1531915523524&dn=TC&iso=0
Requested by: Host: www.sandiq.work
URL: http://www.sandiq.work/2017/12/s9.html
Protocol: HTTP/1.1
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 18 Jul 2018 12:05:25 GMT
Server: nginx/1.14.0
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
S 200 368954415-lightbox_bundle_rtl.css
www.blogger.com/static/v1/v-css/ 35 KB
6 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle_rtl.css

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1109080293-widgets.js

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 09 Jul 2018 22:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Jul 2018 21:24:07 GMT
server: sffe
age: 739740
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 6541
x-xss-protection: 1; mode=block
expires: Tue, 09 Jul 2019 22:36:25 GMT

GET
S 200 781204147-lbx__ar.js Show response
www.blogger.com/static/v1/jsbin/ 403 KB
130 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/781204147-lbx__ar.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/1109080293-widgets.js

Protocol

SPDY

Server

2a00:1450:4001:817::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

277d7b5e5b862f867e29124d652c2e0e7049b509a277c1d2b10324122fe253a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.sandiq.work/2017/12/s9.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 10:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 09:23:08 GMT
server: sffe
age: 525123
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 132477
x-xss-protection: 1; mode=block
expires: Fri, 12 Jul 2019 10:13:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ff.kis.v2.scr.kaspersky-labs.com
URL: http://ff.kis.v2.scr.kaspersky-labs.com/09907A55-7EDE-6B46-9511-95FBF55FF127/main.js

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-18 21:55:26	Name: NID Value: 134=SOyiOLVNREc2NFsf1Ybj3yW3uxV87I-Jjz5iRgq8VcOCGJW7FwD_FtlpTItwdDHFJYPWLn3kePYTm36ROP1SW3iJBXCejwxE8ynV83TVwrAFyMuzBfzbuwOxwPOLI8Tx
.doubleclick.net/	1970-01-18 17:31:56	Name: test_cookie Value: CheckForPermission
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=h8Wg07QDwrDIh0KEMY8mKz2ln2btMRwr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
cdn.tynt.com
ceres.shiftdelete.net
de.tynt.com
ff.kis.v2.scr.kaspersky-labs.com
googleads.g.doubleclick.net
ic.tynt.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
mediatrend.mediamarkt.com.tr
pagead2.googlesyndication.com
resources.blogblog.com
shiftdelete.net
t.dtscout.com
waust.at
whos.amung.us
www.blogger.com
www.citizengo.org
www.google.de
www.sandiq.work
www.youtube.com
ff.kis.v2.scr.kaspersky-labs.com
104.16.87.26
107.182.231.45
107.182.233.217
172.217.16.162
185.225.208.133
208.100.17.184
208.100.17.186
2a00:1450:4001:815::200e
2a00:1450:4001:817::2001
2a00:1450:4001:817::2009
2a00:1450:4001:817::200d
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2013
35.227.201.5
67.202.94.86
67.202.94.93
67.202.94.94
69.4.231.30
94.101.80.102
94.101.80.84
0025b06c44888310fe24e9bcbb094170895d0c9f5e3c901522ea8a838fdcdd61
01959738688896ce0770006b1534350b03111b8d5b70507fe457bd2945824693
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1079cd388b140b8616632c9f8c69a18543beceb0e1c2ba27b3a959f0a231a819
209be008e3d4c9f9e9a8cbcd639eada2b85dfb499313454e9fb91932da6a908a
277d7b5e5b862f867e29124d652c2e0e7049b509a277c1d2b10324122fe253a4
27d0b2f79b3a90ccf74c8be137edd09fd3be6230e634ab3308213a5d9d47ef44
2b934dff3616a96369a49d6a840ccddfa1c8e73f338a53358c7dad749dcf24a4
2ca891468f5959ff21209d3cf6e07a79c5c219de5663bf12ebf22955e21902ad
30b44c40101ee7ab5f88a8eba1ae9ec7e7c757fa6a13e1b13e26de8e33283c7f
336b924701e752c0c238bad450eba49b2b524d97929ebbc40868bf369087fec0
35d56aa7cd63d6a2dea4937991d96428ba45fd88ac7c351be15d2bfd27b946d8
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4
37c5fa3e10b9c5efe235ea79656573eac168676a4983801acd4fbfa23d0883cd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
53bc8e0d10219c99f095bdcc2b0210f07be024705e0b15e4f874c9bfc0bba27a
55fabf9efb4cd0bbd150a905b8692ab82fbb2cae45c3e66c5061ef41bf3dcf2b
575603f5f5dd92bc61a3d80498310d1060e60112adb30e006d25585bbd657814
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
6023c9916d971b35e88917ef6cc092b7cd4b3c9494e332b608654017a507d720
68e09373bf0e4b9c2319b0e60ec1f1b7410b6371418eba64e130af862b827d65
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
71de3ad9a7567a5a4291c4c0b4178d321d81fb014fce6e1557c866fe30d459ac
77ca57651ea5651e5da4daecf25d7df88136e13c9d42ab189d904f1cc1d4d12f
7c182a141b6f910f9ca5acfda286bb815c6461ad9e38fb8ebe7f25c7b690912a
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
801560bf9ad4a2da17e61ea59d0f5a7c194b309eb715a5692142e7bdcad170ca
83a0238c50db0241e69d5bcd27fc5d636cb045c7f10f245a69c448b5f7d980ab
8795ad21ddda607342357bf9e4b6b0319b3c7336e2d5c60bbe043229b5cfe761
955852d4821b545ab1c041224c374e95144c9654caec8397751242c2baf81648
9987a412e4dba9e63115a41652218297576182bfda38c8f22a57273b244d9610
a4a203507148f6ac9ac807eaabbcc715e08966d4c8d41374851c5813da246425
a69dfac0fb0f63ed50189ebe191d7498f157560b85d19a328142b60cac7f240f
b462f9e1cb67e3b1675903b6e9897c7a09b9864912795cbfa5f35e87632b69cc
b60a462099b715aa3a5442a07142b969b9bb9c5ecee1bbdabea2e23f2d499458
b7da9bc108bd516e5041308836a39e9011e09c0f9a62d1d0d8a3679291d45650
bbb622b66c7641668a8736908ff82a6dee382652ccc326ef9ef08113e17c6edb
bc0f28387fdc58b79c22fa82216bcd6a19412dbe541fee83c1314a8d39448d30
bfb6d0451ced4865c376d92c06e0398d0bec2f5232fc69bc257553cf6d37711a
c4c1b7760c095804a679a51b4c7f7d6138d6db722c4210976b1e9381f0e07ce0
c60ffe007f74adee813576702eca89f908f325dfb2eda371d2784c6c028bfe7e
c8601a6a6b31eb37b9563890b307742381a4d21370ae8d839db19eb67486d428
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d0a15a9c7824b25c682752eb829fdb0cceb7a9292d744251cca54284ded4affa
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d551590be01da9e196495e06f99a4e09f97fb70a01fd8fa40221833197108dfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b
f941dd981ed51f44025a8baee892a58bfed7e4bf906005df90b4d29a9f00e997

www.sandiq.work Open in urlscan Pro 2a00:1450:4001:81c::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

20 %HTTPS

42 %IPv6

17 Domains

26 Subdomains

25 IPs

4 Countries

3395 kBTransfer

7444 kBSize

3 Cookies

22 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sandiq.work Open in urlscan Pro
2a00:1450:4001:81c::2013 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

20 %
HTTPS

42 %
IPv6

17
Domains

26
Subdomains

25
IPs

4
Countries

3395 kB
Transfer

7444 kB
Size

3
Cookies

171 HTTP transactions
3 data transactions