www.lamanfo.com Open in urlscan Pro
2404:6800:4004:823::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.lamanfo.com/
Effective URL:
https://www.lamanfo.com/
Submission: On December 21 via manual (December 21st 2022, 1:19:51 am UTC) from JP — Scanned from JP

Summary HTTP 104 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 26 domains to perform 104 HTTP transactions. The main IP is 2404:6800:4004:823::2013, located in Australia and belongs to GOOGLE, US. The main domain is www.lamanfo.com.
TLS certificate: Issued by GTS CA 1D4 on November 7th 2022. Valid for: 3 months.

This is the only time www.lamanfo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2404:6800:400... 2404:6800:4004:823::2013	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
6	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4004:824::2001	15169 (GOOGLE) (GOOGLE)
1 4	2606:4700:20:... 2606:4700:20::681a:66b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2404:6800:400... 2404:6800:4004:827::2001	15169 (GOOGLE) (GOOGLE)
1	58.26.8.16 58.26.8.16	4788 (TMNET-AS-...) (TMNET-AS-AP TM Net)
5	2606:4700:303... 2606:4700:3030::6815:4c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:310c::ac42:2d27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.233.137.36 173.233.137.36	7979 (SERVERS-COM) (SERVERS-COM)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2404:6800:400... 2404:6800:400a:813::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:812::2009	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
2	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3036::ac43:c22d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4004:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:813::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
104	30

7 2404:6800:4004:823::2013 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.lamanfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

untimburra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:66b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.26.8.16 (Kluang, Malaysia)

ASN4788 (TMNET-AS-AP TM Net, Internet Service Provider, MY)

www.mysalam.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::6815:4c6 (United States)

ASN13335 (CLOUDFLARENET, US)

hijrah.mfrapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:310c::ac42:2d27 (United States)

ASN13335 (CLOUDFLARENET, US)

covidnow.moh.gov.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)

pl16571809.effectivecpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16579309.effectivecpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:813::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2009 (Australia)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c22d (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81e::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:813::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 9741	3 MB
25	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 13143	877 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	204 KB
7	lamanfo.com 1 redirects www.lamanfo.com	108 KB
5	mfrapps.com hijrah.mfrapps.com	16 KB
4	elfsight.com 1 redirects apps.elfsight.com — Cisco Umbrella Rank: 15385 static.elfsight.com — Cisco Umbrella Rank: 15282	95 KB
3	untimburra.com untimburra.com — Cisco Umbrella Rank: 239933	32 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	87 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	5 KB
2	gstatic.com fonts.gstatic.com	61 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	effectivecpmgate.com pl16571809.effectivecpmgate.com pl16579309.effectivecpmgate.com
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2384	83 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 304	35 KB
1	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 10631	55 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 20420	485 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 21694	6 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12387	544 B
1	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 53632	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	694 B
1	bedrapiona.com bedrapiona.com — Cisco Umbrella Rank: 49071	2 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 8574	56 KB
1	moh.gov.my covidnow.moh.gov.my	8 KB
1	mysalam.com.my www.mysalam.com.my	6 KB
1	iclickcdn.com iclickcdn.com — Cisco Umbrella Rank: 147086	25 KB
104	26

	Domain	Requested by
26	1.bp.blogspot.com	www.lamanfo.com
25	blogger.googleusercontent.com	www.lamanfo.com
7	www.lamanfo.com	1 redirects www.lamanfo.com ajax.googleapis.com
6	pagead2.googlesyndication.com	www.lamanfo.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	hijrah.mfrapps.com	www.lamanfo.com hijrah.mfrapps.com ajax.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	untimburra.com	www.lamanfo.com untimburra.com
2	connect.facebook.net	www.lamanfo.com connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	www.lamanfo.com fonts.googleapis.com
2	www.google-analytics.com	www.lamanfo.com www.google-analytics.com
2	static.elfsight.com	www.lamanfo.com apps.elfsight.com
2	apps.elfsight.com	1 redirects apps.elfsight.com
2	stackpath.bootstrapcdn.com	www.lamanfo.com stackpath.bootstrapcdn.com
1	littlecdn.com
1	www.google.com	tpc.googlesyndication.com
1	fleraprt.com	tzegilo.com
1	tzegilo.com	untimburra.com
1	my.rtmark.net	iclickcdn.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bedrapiona.com	iclickcdn.com
1	www.blogger.com	www.lamanfo.com
1	ajax.googleapis.com	www.lamanfo.com
1	pl16579309.effectivecpmgate.com	www.lamanfo.com
1	pl16571809.effectivecpmgate.com	www.lamanfo.com
1	covidnow.moh.gov.my	www.lamanfo.com
1	www.mysalam.com.my	www.lamanfo.com
1	iclickcdn.com	www.lamanfo.com
1	fonts.googleapis.com	www.lamanfo.com
104	31

This site contains links to these domains. Also see Links.

Domain
elfsight.com
pelanpemulihannegara.gov.my
www.moe.gov.my
www.mysalam.com.my
jobmatching.mohe.gov.my
portalsemakan.com
jvz6.com
rudytech.abdo120.hop.clickbank.net
youtu.be
publishers.adsterra.com
feedburner.google.com
covidnow.moh.gov.my
www.templatesyard.com
gooyaabitemplates.com

Subject Issuer	Validity	Valid
www.lamanfo.com GTS CA 1D4	`2022-11-07` - `2023-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
untimburra.com R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.e-cover.com.my DigiCert SHA2 Extended Validation Server CA	`2022-01-03` - `2023-02-03`	a year	crt.sh
covidnow.moh.gov.my Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
effectivecpmgate.com R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
bedrapiona.com R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
rtmark.net R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.tzegilo.com GTS CA 1P5	`2022-12-14` - `2023-03-14`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-01-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-29` - `2022-12-28`	3 months	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.lamanfo.com/
Frame ID: 581E320045B624DE1C175F954B3C3F4D
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 3431A1854DCC33EB726D4FD0B8A20F95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1690736835804417&output=html&adk=1812271804&adf=3025194257&lmt=1671493739&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fwww.lamanfo.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671585584632&bpp=3&bdt=237&idt=202&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8400348291483&frm=20&pv=2&ga_vid=823521960.1671585585&ga_sid=1671585585&ga_hid=1897034232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777948%2C44773747%2C44780792&oid=2&pvsid=2950894794715476&tmod=725449723&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Frame ID: 87A8459D5C698A0FB08804E8EC66F7F3
Requests: 1 HTTP requests in this frame

Frame: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
Frame ID: 053FFBFC502BFACEA4442EFCD7A5AAEC
Requests: 2 HTTP requests in this frame

Frame: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
Frame ID: EF697C437BA686AB2D9386041729F621
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3ACAB8DD58884DAD7F22C3F1F821CDA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7D838A8C989D19DBCE3255DC0F2E1C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lamanfo.com

Page URL History Show full URLs

http://www.lamanfo.com/ HTTP 301
https://www.lamanfo.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

99 %
HTTPS

76 %
IPv6

26
Domains

31
Subdomains

30
IPs

5
Countries

4552 kB
Transfer

6324 kB
Size

11
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://elfsight.com/social-share-buttons-widget/?utm_source=websites&utm_medium=clients&utm_content=social-share-buttons&utm_term=www.lamanfo.com&utm_campaign=free-widget

Search URL Search Domain Scan URL

URL: https://pelanpemulihannegara.gov.my/

Search URL Search Domain Scan URL

URL: https://www.moe.gov.my/

Search URL Search Domain Scan URL

URL: https://www.mysalam.com.my/b40/info/

Search URL Search Domain Scan URL

URL: https://jobmatching.mohe.gov.my/Index

Search URL Search Domain Scan URL

URL: https://portalsemakan.com/takwim-2022/

Search URL Search Domain Scan URL

URL: https://jvz6.com/c/2192111/370583

Search URL Search Domain Scan URL

URL: http://rudytech.abdo120.hop.clickbank.net/

Search URL Search Domain Scan URL

URL: https://youtu.be/7d16CpWp-ok
Title: The Meaning Of Life

Search URL Search Domain Scan URL

URL: https://publishers.adsterra.com/referral/gtXqFsY41z

Search URL Search Domain Scan URL

URL: https://feedburner.google.com/
Title: FeedBurner

Search URL Search Domain Scan URL

URL: https://covidnow.moh.gov.my/
Title: CovidNow Malaysia

Search URL Search Domain Scan URL

URL: http://www.templatesyard.com/
Title: TemplatesYard

Search URL Search Domain Scan URL

URL: https://gooyaabitemplates.com/
Title: Free Blogger Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.lamanfo.com/ HTTP 301
https://www.lamanfo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

104 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.lamanfo.com/
Redirect Chain

http://www.lamanfo.com/
https://www.lamanfo.com/

210 KB
49 KB

229ms
186ms

Document
text/html

2404:6800:4004:823::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

199c55a17b4d34886d3177f3deb2c9ff627b8453986a321931d678bfd9d8ed56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 49761
content-type: text/html; charset=UTF-8
date: Wed, 21 Dec 2022 01:19:44 GMT
etag: W/"af3794e08705524ca16af12cbb8b266a7e13304140ecf2cab941b812831d7105"
expires: Wed, 21 Dec 2022 01:19:44 GMT
last-modified: Mon, 19 Dec 2022 23:48:59 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 172
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Dec 2022 01:19:44 GMT
Expires: Wed, 21 Dec 2022 01:19:44 GMT
Location: https://www.lamanfo.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 84ms
42ms Stylesheet
text/css 2404:6800:4004:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ec275664c47b6ed4e669c30c45faf44098ba646281b55e11235c02ccd56372f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 01:09:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 01:19:44 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 27ms
8ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625, 617, 617, 617
age: 1838047
cdn-cachedat: 2021-04-27 10:27:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a9b141b8be41aa725c15af251841a4c2
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 77ccca8e9a5b8084-NRT
cdn-requestpullsuccess: True

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 73 KB
25 KB 23ms
11ms Script
text/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: www.lamanfo.com
URL: https://www.lamanfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c53bdf8ce054fec6b12a00b59590cbf4b16db24970dbb3fdb0664ea3d635885

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79331
x-trace-id: 7a4b34e5be9d93104a99af0bd5913371
pragma: no-cache
last-modified: Fri, 16 Dec 2022 15:52:36 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwCdetAR9BOg7mgvBZh1Hn2hSI9Lx2HJQsS41VT9kr7OqM15Lo6lGyqvcFLOph%2BtQ1sjdiTanPi1ovqi17QcTTrOHzieBj2UIkWAqSTMuYtX1ZLRy0iY3tGgn5KNcACRDv5ToUe4B1bbPMA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
cf-ray: 77ccca8edf47e011-NRT
expires: Wed, 21 Dec 2022 03:17:33 GMT

GET
H2 200 4511579 Show response
untimburra.com/400/ 81 KB
31 KB 1009ms
476ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://untimburra.com/400/4511579

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

da616824ae8b40c5da930a6778a87e84838c00d6520d20d7c3e0be6b05be266e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-trace-id: 8c9f623085dd201a41877155ee7d0670
pragma: no-cache
date: Wed, 21 Dec 2022 01:19:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 94ms
53ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1690736835804417&host=ca-host-pub-1556223355139109

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02afb9d1f4cb5c230676a039e638ff05a6e0168f41dfa6a12a2ff3b79b1734bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lamanfo.com/
Origin: https://www.lamanfo.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49324
x-xss-protection: 0
server: cafe
etag: 11641981014500987249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:19:44 GMT

GET
H2 200 Warren_Buffett_KU_Visit.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpEiO1_Jh_RYMK4yArUDfp7TYK7qXsJ_Bt3G7lvpzcuSM6nPc4WvDeUiBjnjDqH7vvRUWp195iMmV7_8ZUINarVMWG5snxSs00nyDOlQehimFZo6N0HDKnZTqit5u8SkSsjl3wgpaToDEGLHXJ... 19 KB
19 KB 618ms
540ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpEiO1_Jh_RYMK4yArUDfp7TYK7qXsJ_Bt3G7lvpzcuSM6nPc4WvDeUiBjnjDqH7vvRUWp195iMmV7_8ZUINarVMWG5snxSs00nyDOlQehimFZo6N0HDKnZTqit5u8SkSsjl3wgpaToDEGLHXJiORGqBXKB1flKS6gX53EgtGY4ojrRUyFa4b2BpOx/w640/Warren_Buffett_KU_Visit.jpg

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4686540df5533b4b79172e9763fb36418bb24889c1834d0e434a1093f5681ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1271"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Warren_Buffett_KU_Visit.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19244
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:45 GMT

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

48 KB
17 KB

16ms
10ms

Script
application/javascript

2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb79688ef6e8f5db5e0a0bf5a149b3808b2d4fcf9d2e9954cd3c003e28d6449

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000001acf5c4ed-0063a177ac-42f5c793-sfo2a
age: 5253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-sp-metadata: HS256.CIGThp0GEogBCiQ5ODZiZWE1NS0yOTY2LTQzYzQtYTI0NC1lMTgxNzJhMjNiNTgQ2JC38/7F+wIaBgjx9oWdBiINMTcyLjcwLjIyMi4xMiig+AMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBosCAESJGNlOGU3NDk4LTU2NjYtNGQyOS05ZDNjLTlkYTBhNGVlNjg5NhiW/AIiGAgCEhRjZHMyMzMudGsyLmh3Y2RuLm5ldA==.n/WeSXeTlBx+gqY18tbvly1SjZDImraTmWZ1l/R5kxc=
last-modified: Mon, 07 Nov 2022 14:19:42 GMT
server: cloudflare
etag: W/"625b8e6913d0ec9591ea5b662ac36be4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1671527281.dop210.tk2.t,1671527281.cds221.tk2.hn,1671527281.cds233.tk2.c
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56MJeUTSw3dcqTfz%2FfUNXI5KyqEUAXH4Zvbnw0XZkuHwATzdXeue35ILMTuvYWnNvzqI51ASWFGh4AA%2BOLNpQ%2Fk7O98e40V6tpu317JZGnY8u9OXanJkEl3NTkunmMjsH27wYXufv5xkSrOHVtckyoI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
x-rgw-object-type: Normal
cf-ray: 77ccca8f4b1580f5-NRT

Redirect headers

date: Wed, 21 Dec 2022 01:19:44 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh8y8TnFS7zB2hjDTiwlmsGarsbuEjVt1cQ7LVKPJAmbOcVFKZdPkGqwgGzT6oOvJAdmPkadmycN7Aqw6FdzXyGeiKBnCSkaQDyId2D2mG3zXeJpULNMDrQhL2nirQyOJwTrQNaq%2FyI2GOIOnQhD"}],"group":"cf-nel","max_age":604800}
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
cf-ray: 77ccca8f2af980f5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 21 Dec 2022 02:19:44 GMT

GET
H2 200 pexels-photomix-company-218717.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq7ZawlSaqY3jQYhTgNeiPZvf6sY0_6YWxlg6hIOH_1K_qatjIWA8ccLzXz8V8gIwINT5iyW1uLkSUPAOAQ_OoXBkA_9PUcb3Z7X_xvqyKnx_dO5nVSLDDRVtJRLwNNUj0CAK6dQAiESmXMk7N... 36 KB
36 KB 1252ms
1174ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq7ZawlSaqY3jQYhTgNeiPZvf6sY0_6YWxlg6hIOH_1K_qatjIWA8ccLzXz8V8gIwINT5iyW1uLkSUPAOAQ_OoXBkA_9PUcb3Z7X_xvqyKnx_dO5nVSLDDRVtJRLwNNUj0CAK6dQAiESmXMk7NWQmzjKtDQ8COQ33V58BZzT4tiQCtuskpZgBrPdDt/w640/pexels-photomix-company-218717.jpg

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67c08526bc9f0cbec92d159aaf947a4116fe84f128626d95b1700c7830aecc81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v126f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pexels-photomix-company-218717.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37073
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:45 GMT

GET
H2 200 AVvXsEhreTgUboNaWT2zQS6LFbRqXwG5RrWnogLuJFkjqa21ZBsG6nSXCQ_bHKEiBMq6cg_lGanYJcauO9y74R_jc9BmK2L5r-wTfl9bvlshs89-4iVaYHq0FQR0Y4viPuLm_ejSJ89MZnY5tE6MhigvYYX1tjYkK4bhwnDo-rc3F-VpePsxOLCtU9erdOej=w640
blogger.googleusercontent.com/img/a/ 12 KB
13 KB 593ms
515ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhreTgUboNaWT2zQS6LFbRqXwG5RrWnogLuJFkjqa21ZBsG6nSXCQ_bHKEiBMq6cg_lGanYJcauO9y74R_jc9BmK2L5r-wTfl9bvlshs89-4iVaYHq0FQR0Y4viPuLm_ejSJ89MZnY5tE6MhigvYYX1tjYkK4bhwnDo-rc3F-VpePsxOLCtU9erdOej=w640

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

532094925bc2b295f2fef9f4ca876dacbc839c72f1c765d6cfb0496c6f2d8fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1239"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Elon_Musk_Royal_Society_(crop2).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12524
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:45 GMT

GET
H2 200 AVvXsEjqF3a8D1Z-Ti4m_j_cRl1_qf_s1SbtVoNVoQJxOtHK_Mzw8r6JKaQ91dbs4OwsWSOVrkZup_aChr8Oqs4xx_p1F8Is5XOi3kaTtxfG8szMbwT-uq0NC7rHsY4Rtkl1ddFxo7CvftzZGgr0ZoSkYFufSCbFfN3NZZYCWw6p7Zdruo9OtBznwe8ImOOg=w640
blogger.googleusercontent.com/img/a/ 45 KB
45 KB 830ms
777ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjqF3a8D1Z-Ti4m_j_cRl1_qf_s1SbtVoNVoQJxOtHK_Mzw8r6JKaQ91dbs4OwsWSOVrkZup_aChr8Oqs4xx_p1F8Is5XOi3kaTtxfG8szMbwT-uq0NC7rHsY4Rtkl1ddFxo7CvftzZGgr0ZoSkYFufSCbFfN3NZZYCWw6p7Zdruo9OtBznwe8ImOOg=w640

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

614f238ae1677e66f94cb6ded0a768ed271cdc780e842e78f44660f799a09b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v11e8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="asteroid-g6804c48af_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46339
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:45 GMT

GET
H2 200 AVvXsEhNoIKETWecbmJSaM6Gz3v_H4ZYMussK-NoUu5v1_q4icPm_3Z9B8DNo3YHoDfv-hXL0pwhZVy2LsDaWgkIewN61D9YOvEg5yEL5x_ttlj-kUUmQP5J7y9ZpYdoINQW88PhgTi0qO3rmJeyTRzhRnyM9OBTfHcFkus0VSvB9jc-HSyj4OGPlHtAfgIm=w640
blogger.googleusercontent.com/img/a/ 39 KB
40 KB 887ms
834ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhNoIKETWecbmJSaM6Gz3v_H4ZYMussK-NoUu5v1_q4icPm_3Z9B8DNo3YHoDfv-hXL0pwhZVy2LsDaWgkIewN61D9YOvEg5yEL5x_ttlj-kUUmQP5J7y9ZpYdoINQW88PhgTi0qO3rmJeyTRzhRnyM9OBTfHcFkus0VSvB9jc-HSyj4OGPlHtAfgIm=w640

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b61ea3dac0268f52a3c21848816100e8a62df8bbf257d0277bafee8e175938c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v11d2"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tiktok-ga6e3cc12f_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40441
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:45 GMT

GET
H2 200 AVvXsEg74MdoKa6eqTgjrWxrIO3DPqFm-WmKtxY-6E-Qc1oct9tkDJ0GVz7eOYjsW9Z_cb7l1UlRGx-vLZN64quJC4czR_RDaXEvp6fXjEJj8j0BcW2kYJxdu6fkJX1lcrkF0V-EJ4QK0hgsAskDcTUG06OKq2tOJ5xIn0Ub1SbLO9nHQ0MLvILwzLTfIb3i=w640
blogger.googleusercontent.com/img/a/ 47 KB
47 KB 644ms
590ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEg74MdoKa6eqTgjrWxrIO3DPqFm-WmKtxY-6E-Qc1oct9tkDJ0GVz7eOYjsW9Z_cb7l1UlRGx-vLZN64quJC4czR_RDaXEvp6fXjEJj8j0BcW2kYJxdu6fkJX1lcrkF0V-EJ4QK0hgsAskDcTUG06OKq2tOJ5xIn0Ub1SbLO9nHQ0MLvILwzLTfIb3i=w640

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3b18a64d8ecac1a3291447c204cc792f758072b4ba344705b11e182eac25b0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v119d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="barefoot-g126836a53_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48186
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:45 GMT

GET
H2 200 AVvXsEi1MATZZpsaKzhMyZx1_cfZ59NhvF4sbryAswTcimy4ktmA3geLTcxbB9rwllKzotTq0uBIbJazPsRy1sgow4kqp5GTRttp938arl6JhijJKvrIcbVxQqSRVaml4kVBZS2nT3-prLqEJVu-n0QxO7fUGpYJkZvQ79xorg6xz43lWeXmZiyfhxISkUFi=w640
blogger.googleusercontent.com/img/a/ 21 KB
21 KB 1460ms
1460ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEi1MATZZpsaKzhMyZx1_cfZ59NhvF4sbryAswTcimy4ktmA3geLTcxbB9rwllKzotTq0uBIbJazPsRy1sgow4kqp5GTRttp938arl6JhijJKvrIcbVxQqSRVaml4kVBZS2nT3-prLqEJVu-n0QxO7fUGpYJkZvQ79xorg6xz43lWeXmZiyfhxISkUFi=w640

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43348bf69cb69a94fc3b29efa4b7b9149ac9d83bb66a2221e420ee1692ffa068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v115c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="moon-gf05702dd1_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21593
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H2 200 nrp-logo-stroke-text.png
1.bp.blogspot.com/-tyfG9Z7fy6g/YVSQVEP6QNI/AAAAAAAAEFM/fIBQoLi-2yA-5wOktJW_Lyr3PYTFkGP1gCLcBGAsYHQ/s1600/ 34 KB
34 KB 82ms
42ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tyfG9Z7fy6g/YVSQVEP6QNI/AAAAAAAAEFM/fIBQoLi-2yA-5wOktJW_Lyr3PYTFkGP1gCLcBGAsYHQ/s1600/nrp-logo-stroke-text.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c6dc50603fb6fe8835a9dcf8ebd1803e03f669a8166557e72b9124b03cb59e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v1054"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="nrp-logo-stroke-text.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34461
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 download.png
1.bp.blogspot.com/-MatjGcHDB_w/YVCkCtfG9hI/AAAAAAAAECs/ECcJz5cjve4EQDUUxIEj3-VoOp4KgbK1wCLcBGAsYHQ/s1600/ 7 KB
7 KB 86ms
47ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-MatjGcHDB_w/YVCkCtfG9hI/AAAAAAAAECs/ECcJz5cjve4EQDUUxIEj3-VoOp4KgbK1wCLcBGAsYHQ/s1600/download.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6e62bc9a56c1ccaa3a5f614f48cc41971e35cbb2823a21d06626e77a0aec3268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v102c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="download.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6884
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H/1.1 200
OK mysalam-logo.png
www.mysalam.com.my/b40/info/images/ 5 KB
6 KB 292ms
103ms Image
image/png 58.26.8.16
TMNET-AS-AP TM Net

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mysalam.com.my/b40/info/images/mysalam-logo.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

58.26.8.16 Kluang, Malaysia, ASN4788 (TMNET-AS-AP TM Net, Internet Service Provider, MY),

Reverse DNS

Software

Resource Hash

726390da4b148658e743c785f591516c4e640bf0217749ce9a1c0fda321545a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cache-Rules: if_static cache_always maxage(86400) optimise_png_never
Strict-Transport-Security: max-age=15768000;includeSubDomains
Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
X-Cache-Protocol: HTTP/1.1
Age: 0
X-Cache-Status: MISS from "PRD_ACC1"
X-Cache-Info: 5 22 5419 5419
Connection: keep-alive
Content-Length: 5419
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 27 Dec 2021 15:08:30 GMT
ETag: "faffcbd7dc61fbcbf1c288d9200b860d8a035479fedd4c1e3a0b0a6901af0162"
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/png
Cache-Control: public,max-age=86400
Keep-Alive: timeout=120, max=2000

GET
H2 200 great.png
1.bp.blogspot.com/-O8SjEOb4aF4/YXI27V589-I/AAAAAAAAENs/sXK9Wk7vLN8_VwCt7b5TrVNhhVfFJ4rugCLcBGAsYHQ/s1600/ 22 KB
22 KB 88ms
49ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-O8SjEOb4aF4/YXI27V589-I/AAAAAAAAENs/sXK9Wk7vLN8_VwCt7b5TrVNhhVfFJ4rugCLcBGAsYHQ/s1600/great.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

88ff49e85100c0251895ef3d399f2df01c6c791be52420d62d427337fdd05899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v10dc"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="great.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22624
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 TAKWIM-SEKOLAH-20222023-SENARAI-CUTI-PENGGAL-PERAYAAN.jpg.webp
1.bp.blogspot.com/-_kh4EE4QuFI/YZXwKIM1N4I/AAAAAAAAETg/afkF9aa2F7I5EA-ovkRGWQy0ip3n0J-MwCLcBGAsYHQ/s1600/ 129 KB
129 KB 85ms
46ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_kh4EE4QuFI/YZXwKIM1N4I/AAAAAAAAETg/afkF9aa2F7I5EA-ovkRGWQy0ip3n0J-MwCLcBGAsYHQ/s1600/TAKWIM-SEKOLAH-20222023-SENARAI-CUTI-PENGGAL-PERAYAAN.jpg.webp

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca4b745a1a9db7f448d872055cf6c355cc64be3414c29a4166a58417fdfe1799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v1139"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TAKWIM-SEKOLAH-20222023-SENARAI-CUTI-PENGGAL-PERAYAAN.jpg.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132111
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 membervio.webp
1.bp.blogspot.com/-dHawA5XibJA/YWwvYkLs94I/AAAAAAAAEMA/ZIUzGCH4xkUl5KafUPUg5zXu-gU11H79ACLcBGAsYHQ/s1600/ 353 KB
353 KB 101ms
62ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dHawA5XibJA/YWwvYkLs94I/AAAAAAAAEMA/ZIUzGCH4xkUl5KafUPUg5zXu-gU11H79ACLcBGAsYHQ/s1600/membervio.webp

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8f05e5047943dc604029893b54d14b4f8211c35902d01d7ae7a95a9a8904f114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v10c1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="membervio.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 361524
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 banner3.png
1.bp.blogspot.com/-ieHwoF6BPQ0/YUoOHaCmHuI/AAAAAAAAD9Y/Q9wNzpbr-n0eDgGMHJu2W6IJA-_fD-DEACLcBGAsYHQ/s1600/ 1 MB
1 MB 95ms
57ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ieHwoF6BPQ0/YUoOHaCmHuI/AAAAAAAAD9Y/Q9wNzpbr-n0eDgGMHJu2W6IJA-_fD-DEACLcBGAsYHQ/s1600/banner3.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31f122d3e60d95fc9d1195bc77efb8fbbeacbe5498ad086ea13d9a49903aa596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "vfd7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner3.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070441
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 200x200_adsterra_reff.gif
1.bp.blogspot.com/-QSNh3tqp_P4/YX5_JY-hqSI/AAAAAAAAEPA/Zw0OJqyUoj8GZYiWqw_oDGBkzowTBKMMACLcBGAsYHQ/s1600/ 526 KB
526 KB 55ms
54ms Image
image/gif 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-QSNh3tqp_P4/YX5_JY-hqSI/AAAAAAAAEPA/Zw0OJqyUoj8GZYiWqw_oDGBkzowTBKMMACLcBGAsYHQ/s1600/200x200_adsterra_reff.gif

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4d923e9005cc7979b17c394a0500c5428efb859ee4d56ecbcebd26711105f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v10f1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="200x200_adsterra_reff.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538412
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 hijrah.php Show response
hijrah.mfrapps.com/ 299 B
710 B 394ms
374ms Script
text/html 2606:4700:3030::6815:4c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hijrah.mfrapps.com/hijrah.php?color=NOMBOR
Requested by: Host: www.lamanfo.com
URL: https://www.lamanfo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b561fb084db0a29c66052232056511c653ded125008ddd609b2bacd7391af1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb2CxJ0%2F2r1IP%2B%2FiQd7y5s9LNohca9UTKzoVPmRIMHB5k5SnDDkLSkBtyExzVkjsaGx4ihzPZdqUev5%2FiolYfOnSQwDaLFewJhh5r16iJ8zBRDbXjz3YPhm7YFTZrDSYRIBphASNZk7K7KNfKrD%2BQUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-ray: 77ccca8f1c5f80c9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jata.5baa949.png
covidnow.moh.gov.my/_nuxt/img/ 8 KB
8 KB 484ms
150ms Image
image/png 2606:4700:310c::ac42:2d27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covidnow.moh.gov.my/_nuxt/img/jata.5baa949.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2d27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4ca8fa401392add5f9d7717c4d9936c6254951d749db4c41533a74043dc5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "373f1da349b5afb410df6d62632ed11c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zloM8kcr0XjmJht5PBtci5QNsx%2FWQKDEw1luk8TmYm8bcBUHpDpaIWRgYILQxzLwO957VIc9BB%2B1MIQU8OT%2FSLy9%2F7DOuWFfCHEUZrNItm4UszwA4UhsXoMoRDrXiIEmeYO4vvqciviN5ephj1ubyclv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 77ccca914846e06e-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7812

GET
H/1.1 403
Forbidden invoke.js
pl16571809.effectivecpmgate.com/1ebe0bfdc6a8b55ca16064bc02ee40cd/ 0
0 612ms
179ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl16571809.effectivecpmgate.com/1ebe0bfdc6a8b55ca16064bc02ee40cd/invoke.js
Requested by: Host: www.lamanfo.com
URL: https://www.lamanfo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 01:19:45 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden e1cabafe85431e73145d6d3428dcec4c.js
pl16579309.effectivecpmgate.com/e1/ca/ba/ 0
0 736ms
172ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl16579309.effectivecpmgate.com/e1/ca/ba/e1cabafe85431e73145d6d3428dcec4c.js
Requested by: Host: www.lamanfo.com
URL: https://www.lamanfo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 01:19:45 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 tulisan%2Barab%2Bsyafakallah.jpg
1.bp.blogspot.com/-SNwOckKLWU8/Xxn5N9_gCrI/AAAAAAAADI4/Rt1bD3dw5J0DIb5uWC288dlb6GfXRQb9wCLcBGAsYHQ/w100/ 3 KB
3 KB 45ms
45ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SNwOckKLWU8/Xxn5N9_gCrI/AAAAAAAADI4/Rt1bD3dw5J0DIb5uWC288dlb6GfXRQb9wCLcBGAsYHQ/w100/tulisan%2Barab%2Bsyafakallah.jpg

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf80e30f4beea55404e354443e9a35b2439dabf8c76eb0c5dac1eadb7ef2a3a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "vc8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tulisan arab syafakallah.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2705
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 400px-Coat_of_arms_of_Malaysia.svg.png
1.bp.blogspot.com/--tRlN4J_fJI/Xeyf72MfDlI/AAAAAAAABd4/wFPZCvvxGL8P6j19pCpj663vHYBk2gBKQCLcBGAsYHQ/w100/ 14 KB
14 KB 56ms
55ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--tRlN4J_fJI/Xeyf72MfDlI/AAAAAAAABd4/wFPZCvvxGL8P6j19pCpj663vHYBk2gBKQCLcBGAsYHQ/w100/400px-Coat_of_arms_of_Malaysia.svg.png

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

45b05fd1f3e8cfc848492b818ffb1081a7be4a6e125fd542afe50363b0ace947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v5df"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="400px-Coat_of_arms_of_Malaysia.svg.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13939
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 Asteroid-apophis-nasa-asteroid-warning-earth-close-approach-2020-1079535%2B%25281%2529.jpg
1.bp.blogspot.com/-43LSyTC8y4o/XcbFUdve1uI/AAAAAAAABKc/Y9HZruLhYvYnU2gCG5HVo3SzT1QVP5AggCLcBGAsYHQ/w100/ 2 KB
2 KB 54ms
54ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-43LSyTC8y4o/XcbFUdve1uI/AAAAAAAABKc/Y9HZruLhYvYnU2gCG5HVo3SzT1QVP5AggCLcBGAsYHQ/w100/Asteroid-apophis-nasa-asteroid-warning-earth-close-approach-2020-1079535%2B%25281%2529.jpg

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad7050e6a2f40cee61cc15dc9a1926e0505c2ea188141432f8430891fe871e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v4a8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Asteroid-apophis-nasa-asteroid-warning-earth-close-approach-2020-1079535 (1).jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2414
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 26157605_397881757310983_420803655663353856_n-780x472.jpg
1.bp.blogspot.com/-SK1yt-EzXys/XeQ9OBaNUvI/AAAAAAAABaE/S1BrtHzyNtwaA3uk3UKt0icXsmS6YmKEwCLcBGAsYHQ/w100/ 4 KB
4 KB 69ms
69ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SK1yt-EzXys/XeQ9OBaNUvI/AAAAAAAABaE/S1BrtHzyNtwaA3uk3UKt0icXsmS6YmKEwCLcBGAsYHQ/w100/26157605_397881757310983_420803655663353856_n-780x472.jpg

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6ae723e61efb47aea0e22ef242b78190b8e5f933f6132750370c8c91c8b53f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v5a2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="26157605_397881757310983_420803655663353856_n-780x472.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4190
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 bendera-sabah-berkibar.jpg
1.bp.blogspot.com/--9Va7xELaVE/XxR_xQcSp8I/AAAAAAAADHk/KgihwdnACrIDSCoLiGMjWn-nX8F8M2y0ACLcBGAsYHQ/w100/ 3 KB
3 KB 44ms
43ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/--9Va7xELaVE/XxR_xQcSp8I/AAAAAAAADHk/KgihwdnACrIDSCoLiGMjWn-nX8F8M2y0ACLcBGAsYHQ/w100/bendera-sabah-berkibar.jpg

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

660f2e0c5553ed0b28ee52bf9db7a8ba7c52d6722ecb2a4219ce065402049cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
server: fife
etag: "vc7a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bendera-sabah-berkibar.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2642
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:44 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 63ms
11ms Script
text/javascript 2404:6800:400a:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 18:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:04:58 GMT

GET
H2 200 1197256859-widgets.js Show response
www.blogger.com/static/v1/widgets/ 153 KB
56 KB 134ms
3ms Script
text/javascript 2404:6800:4004:812::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1197256859-widgets.js

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2009 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fbc63b50b1a10a591d69fbe1ef1e5db6d6186970d5b9950b8150829e4bd2b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 02:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56470
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 01:51:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 16 Dec 2023 02:21:09 GMT

GET
H2 200 / Show response
bedrapiona.com/5/4503655/ 3 KB
2 KB 729ms
241ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/4503655/?oo=1&js_build=iclick-v1.464.1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f44097db821dfe8a16cb3972f89b09df6523beb3c0eb97573acb50be968525dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-trace-id: d615a268d064f43d3e18cdc355fd211e
pragma: no-cache, no-cache
date: Wed, 21 Dec 2022 01:19:45 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.lamanfo.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
2ms Script
text/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 23:38:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6055
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 21 Dec 2022 01:38:49 GMT

GET
H2 200 /
www.lamanfo.com/ 10 KB
10 KB 487ms
487ms Image
text/html 2404:6800:4004:823::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lamanfo.com/

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 23:48:59 GMT
server: GSE
etag: W/"af3794e08705524ca16af12cbb8b266a7e13304140ecf2cab941b812831d7105"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 49761
x-xss-protection: 1; mode=block
expires: Wed, 21 Dec 2022 01:19:44 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 46ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lamanfo.com/
Origin: https://www.lamanfo.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 03:09:00 GMT
x-content-type-options: nosniff
age: 511844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 03:09:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 43ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lamanfo.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 20:15:48 GMT
x-content-type-options: nosniff
age: 191036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 20:15:48 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 144ms
140ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.lamanfo.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 912
cdn-cachedat: 12/11/2022 18:06:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b342767de1053310f2f35e6a161d473e
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: BR
cdn-status: 200
cf-ray: 77ccca8f19dbaf9a-NRT
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b16eab4d863cb5781c1f598aff59387457a732f3c158f0de6aa0005f9e836f2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 103ms
65ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1690736835804417&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

083530d202ee1c4989efae0e4fbd8d29d4e6663418d9adebef638b7bcbfb1938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119962
x-xss-protection: 0
server: cafe
etag: 1179038358574683476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:19:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 3431 10 KB
5 KB 48ms
2ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1690736835804417&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lamanfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 00:26:04 GMT
etag: 10353107486223812946
expires: Wed, 04 Jan 2023 00:26:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
35ms XHR
text/plain 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1897034232&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lamanfo.com%2F&ul=en-us&de=UTF-8&dt=Lamanfo.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1375422257&gjid=1902691746&cid=823521960.1671585585&tid=UA-175169793-1&_gid=1016885451.1671585585&_r=1&_slc=1&z=855129291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lamanfo.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 01:19:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lamanfo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
694 B 79ms
37ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.lamanfo.com&callback=_gfp_s_&client=ca-pub-1690736835804417&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

544d04eeba2eae531bc9739b40f17234b229d9e7bd0e46d6d6f0cafd916c36cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 83ms
43ms Script
application/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=www.lamanfo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
41ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lamanfo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87A8 603 B
68 B 98ms
59ms Document
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1690736835804417&output=html&adk=1812271804&adf=3025194257&lmt=1671493739&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fwww.lamanfo.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671585584632&bpp=3&bdt=237&idt=202&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8400348291483&frm=20&pv=2&ga_vid=823521960.1671585585&ga_sid=1671585585&ga_hid=1897034232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777948%2C44773747%2C44780792&oid=2&pvsid=2950894794715476&tmod=725449723&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lamanfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:19:44 GMT
expires: Wed, 21 Dec 2022 01:19:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hijrah-embed.php Show response
hijrah.mfrapps.com/ Frame 053F 1 KB
889 B 377ms
372ms Document
text/html 2606:4700:3030::6815:4c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
Requested by: Host: hijrah.mfrapps.com
URL: https://hijrah.mfrapps.com/hijrah.php?color=NOMBOR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f6c7a6934ef81dccfa0b45d6af2035068d11b575ef42e20cf1551f7abf3efb

Request headers

Referer: https://www.lamanfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77ccca917b12af54-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Dec 2022 01:19:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5qzcci5VHSbKxTPNDVVzv%2BNQ8iXIaZMhDXNL1GDzyrQqubue%2BdOZbINlIKKI62w6lZpEjbV%2FHeZSIY3gRxU5mgdr%2FTyLpSzFdeg%2F6HTbokiXPsoFIbiQ%2FT7PkvSgIR0izXokPK7e5l0o%2BPcgYkeN8Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 738ms
255ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=fc315658d12c4ac0b017a6e595c47d76

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e03f855f75cfe180f8670a79b378c06fb4d116c72adb137f3f820fddaf06bd3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.lamanfo.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 summary Show response
www.lamanfo.com/feeds/posts/ 4 KB
2 KB 331ms
330ms Script
text/javascript 2404:6800:4004:823::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lamanfo.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

b0690938af538b64e7e2ed699e952a6662052f08003ac154dab5852a2cf5a837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 23:48:59 GMT
server: blogger-renderd
etag: W/"b26fa6858d10a6a37a39d758c2c78a4e917ef2b86b9105ea0a555b641e617398"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 1460
x-xss-protection: 0
expires: Wed, 21 Dec 2022 01:19:46 GMT

GET
H3 200 1.png
hijrah.mfrapps.com/tools/bg/ Frame 053F 6 KB
7 KB 9ms
9ms Image
image/png 2606:4700:3030::6815:4c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hijrah.mfrapps.com/tools/bg/1.png
Requested by: Host: hijrah.mfrapps.com
URL: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b0ebe674722d92f0736aef1a705ba28d59628b8ce6d9ad701bf5a836eb7916

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6402
last-modified: Mon, 10 Oct 2016 17:12:34 GMT
server: cloudflare
etag: "1902-57fbcc02-2208b89d94a7e09d;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBn4EsyZ%2FsXuVAhtzwHErSeaCqgt%2BSBSdKlt5G4OZuyDksaEhGxXo9Q%2FB%2BSruuKwjqVKZuwyHLQWk%2FpWcUyTah0gVWL%2Bg29uyyCLlrDwMuzUKIPARHvARRjoy6Rv1nfVpFRXOM9UFyah%2F9MLrCmE%2BBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 77ccca93fd62af54-NRT
expires: Wed, 28 Dec 2022 00:00:19 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 13 KB
6 KB 29ms
16ms Script
application/javascript 2606:4700:3036::ac43:c22d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: untimburra.com
URL: https://untimburra.com/400/4511579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c22d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 986
etag: W/"637e373e-32a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24y3k2hBVjAY67vHExVKJQSTZdHi2rz40Ztz71n4l7MfRcr9r4ifIzuS7Bzuihc1jwzAdFBVywZtQkkH1tbkpd4gisKRjGfXXqiCyEqfWEmggDGyB9tFz%2F1c3TYdVwme7tjeQCCpaVJVgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77ccca95ac3d8145-NRT
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
485 B 725ms
242ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer: https://www.lamanfo.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 21 Dec 2022 01:19:57 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.lamanfo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 17ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.lamanfo.com
URL: https://www.lamanfo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08447a80d407deaf92461b52c435317a0ec77f86a51ebefa67c001c8f2a8c296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 01:19:45 GMT
content-md5: FHym7tmsj0rjMwKJJdPYkA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: D47E/arDW117OVFnoDrF78aIAwQj/e4zU46DDcdy6+qnJ+yj44OUPk2OLir9etQouCUTFAyEUnIE1ExVAteQpA==
x-fb-trip-id: 382461245
x-fb-content-md5: 5bee1942be228295c444ea15ae1a6d58
cross-origin-opener-policy: same-origin-allow-popups
etag: "8cfae8ea84f6a25066602d87feb8d7b4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Dec 2022 01:19:58 GMT

GET
H3 200 hijrah-embed.php Show response
hijrah.mfrapps.com/ Frame EF69 1 KB
844 B 190ms
190ms Document
text/html 2606:4700:3030::6815:4c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f6c7a6934ef81dccfa0b45d6af2035068d11b575ef42e20cf1551f7abf3efb

Request headers

Referer: https://www.lamanfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77ccca963f38af54-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 21 Dec 2022 01:19:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwS9MSOqfzpnfKiVbBmxGse0KRSJtfnNUdYlGZ5JWe7iZZlT3KsKeFUhfZGZXViz6ZgpXJEvXzePicfLUnqKqZ6xTME6LoZgPai7GzuY0cUylCH6yzwMUgoTdUbsYz4k%2Fzo2BwgNlEtyaDo0MU2Zex0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET
H2 200 Alam%20sekitar Show response
www.lamanfo.com/feeds/posts/default/-/ 114 KB
15 KB 453ms
453ms XHR
text/javascript 2404:6800:4004:823::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lamanfo.com/feeds/posts/default/-/Alam%20sekitar?alt=json-in-script&max-results=3&callback=jQuery112409394423398399727_1671585585250&_=1671585585251

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

9e2c4c39c8e36dae414723b428d9f6b6c046970a369b2489ce52acea3c15a16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lamanfo.com/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 23:48:59 GMT
server: blogger-renderd
etag: W/"ca213089f9faf3c2d29eb3b6d9ff3c8e4b8586889acbca513b32f819d26a6518"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 15658
x-xss-protection: 0
expires: Wed, 21 Dec 2022 01:19:46 GMT

GET
H2 200 VIRAL Show response
www.lamanfo.com/feeds/posts/default/-/ 206 KB
23 KB 419ms
419ms XHR
text/javascript 2404:6800:4004:823::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lamanfo.com/feeds/posts/default/-/VIRAL?alt=json-in-script&max-results=5&callback=jQuery112409394423398399727_1671585585252&_=1671585585253

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

bab08afec35f43346ae0372ee67ddc1b0bf3dc8fa6ac6a51a601c506a55f24c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lamanfo.com/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 23:48:59 GMT
server: blogger-renderd
etag: W/"590d11a2f0cb023a2c204e19c4cd873187a9419fcbd08dffc7e0a65e49849dc9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 23659
x-xss-protection: 0
expires: Wed, 21 Dec 2022 01:19:46 GMT

GET
H2 200 Berita Show response
www.lamanfo.com/feeds/posts/default/-/ 42 KB
9 KB 795ms
795ms XHR
text/javascript 2404:6800:4004:823::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lamanfo.com/feeds/posts/default/-/Berita?alt=json-in-script&max-results=5&callback=jQuery112409394423398399727_1671585585254&_=1671585585255

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2013 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

c2f1da03cebfd2b3e4b212be09bd675925e2b86f0dc4a8456b789269a93be67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.lamanfo.com/
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Dec 2022 23:48:59 GMT
server: blogger-renderd
etag: W/"fb288318dff7ab577915b9e485af5d1a1779d50c97fd55fc9eb07db43a31c567"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 9095
x-xss-protection: 0
expires: Wed, 21 Dec 2022 01:19:47 GMT

GET
H3 200 / Show response
apps.elfsight.com/p/boot/ 1 KB
1 KB 246ms
238ms XHR
application/json 2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?page=https%3A%2F%2Fwww.lamanfo.com%2F&w=bcef760c-f9b4-4e43-9012-ac981aadb53b

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfbc00429c7363f5ff47562e99e5bc5e9df111a4f1d7b32de04ed4dbc1b1881

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.lamanfo.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tNYjLh9LmrZVmf4S8Ikeyzb8I2NvDOPGiPAzLQkfiRW5EG46VQk3zMxvNWcP9qsTiv8WtFAN1vRsBgLW0drygmmG73fr8zwRjj%2Brnym%2B6JQ1xqk2wJkKUo7Vlb95IqRfgykRR9kyU9Poi%2BK6unc"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
access-control-allow-credentials: true
cf-apo-via: origin,host
access-control-max-age: 86400
cf-ray: 77ccca965bc0ded7-NRT
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 9ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=96365f7731366deb99edd6719eab0478

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

198dee825f728722cc2e6d974bfa04e51ec7a5616d2f3663058e9cd805362e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.lamanfo.com/
Origin: https://www.lamanfo.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 01:19:45 GMT
content-md5: gK0oiPl8DVJGYL3rmyzyMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87017
x-fb-rlafr: 0
x-fb-debug: eIQEryIwS9y7s30g+TzaIcqGX7TJPccOcs7MCFDxgxqap4UjD5NaUzUBtFWI3JhvJL7SCJlVoUFcFq2eIgEfew==
x-fb-content-md5: 95b130e098dcb7178b738180ce818399
cross-origin-opener-policy: same-origin-allow-popups
etag: "0f7af54bd0b6df9f1c466de591031404"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 21 Dec 2023 00:10:01 GMT

GET
H3 200 1.png
hijrah.mfrapps.com/tools/bg/ Frame EF69 6 KB
7 KB 9ms
9ms Image
image/png 2606:4700:3030::6815:4c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hijrah.mfrapps.com/tools/bg/1.png
Requested by: Host: hijrah.mfrapps.com
URL: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b0ebe674722d92f0736aef1a705ba28d59628b8ce6d9ad701bf5a836eb7916

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://hijrah.mfrapps.com/hijrah-embed.php?color=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6402
last-modified: Mon, 10 Oct 2016 17:12:34 GMT
server: cloudflare
etag: "1902-57fbcc02-2208b89d94a7e09d;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOcZ976arSqbTJ4mCtc9Ym158wtHqxo%2B52aaLgNmKkKmO6v46rVoV5YswBexUscoylR61v1qSlcsfa%2FgtEmvJGxrSzMDVpilhV9fFu5O2UJvD93Yr%2Fq4JkNs2xFefhofJcsycSBuiU7Cj8QKeopTj0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 77ccca97782aaf54-NRT
expires: Wed, 28 Dec 2022 00:00:19 GMT

GET
H3 200 socialShareButtons.js Show response
static.elfsight.com/apps/social-share-buttons/release/d60d0ff2ab113b087ec651ce7bf6e6331216b569/app/ 420 KB
76 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:66b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/social-share-buttons/release/d60d0ff2ab113b087ec651ce7bf6e6331216b569/app/socialShareButtons.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf824475fdd7d0251d4889db9230cbd56c8c06e965fb7654491000bf7d3c82d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:45 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000001acf78fbd-0063a17820-42f5c793-sfo2a
age: 58048
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-sp-metadata: HS256.CIGVhp0GEogBCiRhYjhhZTdmYy1kN2UwLTQ0OWEtODc1MS00OTQzYmQyM2NkOGIQ2JC38/7F+wIaBgjx+IWdBiINMTcyLjY4LjExOS45OSjC9QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBosCAESJGQyZWZhMDZhLWUzMDUtNDA3Ni04MzVlLTQ0NjNjNjU1OGFjMhiwoRoiGAgCEhRjZHMyMTEudGsyLmh3Y2RuLm5ldA==.p57we7AcCpXU1jJIwhQ659FsuP7QQcBnmnC5dYH36j0=
last-modified: Thu, 17 Nov 2022 13:20:08 GMT
server: cloudflare
etag: W/"22a24ee2ff93f4268dd660d67cc07a2b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1671527537.dop042.tk2.t,1671527537.cds218.tk2.hn,1671527537.cds211.tk2.c
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi%2FpkRohTiYcn8g0S9LlRVH2Es2MT3LwRPpW%2F0sLes1QsSpgsvtYJRZi1EFM%2F9mFod6YtglhdWn3Aiv7rdx7fvpMVUy0r8MfHcI8DZSFyPu1KSI64tWXyFO7MEfil946r4OGV4N65FlcH6DC%2F8OIdFE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
x-rgw-object-type: Normal
cf-ray: 77ccca97dcadded7-NRT

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57df0348d6c00360aa9e0a119035e735592f3454a9bb1dd5a5f8f0f97b21905e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4511579 Show response
untimburra.com/500/ 813 B
1 KB 362ms
361ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://untimburra.com/500/4511579?excludes=&oaid=fc315658d12c4ac0b017a6e595c47d76&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fwww.lamanfo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: untimburra.com
URL: https://untimburra.com/400/4511579

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1d2fb8befd43d8f65d10e736e6d4a2ac8a8a2cfadaac10ad3312f8c64ef43d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lamanfo.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 4c9716b572b8334eceb792fcdc45fe91
pragma: no-cache
date: Wed, 21 Dec 2022 01:19:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://www.lamanfo.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
content-length: 813
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 4511579
untimburra.com/500/ Frame 0
0 720ms
240ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.lamanfo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.lamanfo.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Wed, 21 Dec 2022 01:19:46 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 92ms
53ms XHR
application/json 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a774521348019539e77b3d6be2aa85b3a6dee50fa4f2874e60289008e8fa209d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11166
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Warren_Buffett_KU_Visit.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpEiO1_Jh_RYMK4yArUDfp7TYK7qXsJ_Bt3G7lvpzcuSM6nPc4WvDeUiBjnjDqH7vvRUWp195iMmV7_8ZUINarVMWG5snxSs00nyDOlQehimFZo6N0HDKnZTqit5u8SkSsjl3wgpaToDEGLHXJ... 19 KB
19 KB 843ms
803ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4686540df5533b4b79172e9763fb36418bb24889c1834d0e434a1093f5681ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1271"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Warren_Buffett_KU_Visit.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19244
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEhreTgUboNaWT2zQS6LFbRqXwG5RrWnogLuJFkjqa21ZBsG6nSXCQ_bHKEiBMq6cg_lGanYJcauO9y74R_jc9BmK2L5r-wTfl9bvlshs89-4iVaYHq0FQR0Y4viPuLm_ejSJ89MZnY5tE6MhigvYYX1tjYkK4bhwnDo-rc3F-VpePsxOLCtU9erdOej=w487...
blogger.googleusercontent.com/img/a/ 12 KB
12 KB 976ms
937ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

532094925bc2b295f2fef9f4ca876dacbc839c72f1c765d6cfb0496c6f2d8fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1239"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Elon_Musk_Royal_Society_(crop2).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12524
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 AVvXsEhNoIKETWecbmJSaM6Gz3v_H4ZYMussK-NoUu5v1_q4icPm_3Z9B8DNo3YHoDfv-hXL0pwhZVy2LsDaWgkIewN61D9YOvEg5yEL5x_ttlj-kUUmQP5J7y9ZpYdoINQW88PhgTi0qO3rmJeyTRzhRnyM9OBTfHcFkus0VSvB9jc-HSyj4OGPlHtAfgIm=w640...
blogger.googleusercontent.com/img/a/ 46 KB
46 KB 867ms
827ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e6cc18465d6c64d9680cdf3529a87c4e713407b715756d17d2874eeba5471eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v11d2"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tiktok-ga6e3cc12f_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46856
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEg74MdoKa6eqTgjrWxrIO3DPqFm-WmKtxY-6E-Qc1oct9tkDJ0GVz7eOYjsW9Z_cb7l1UlRGx-vLZN64quJC4czR_RDaXEvp6fXjEJj8j0BcW2kYJxdu6fkJX1lcrkF0V-EJ4QK0hgsAskDcTUG06OKq2tOJ5xIn0Ub1SbLO9nHQ0MLvILwzLTfIb3i=w640...
blogger.googleusercontent.com/img/a/ 56 KB
56 KB 891ms
852ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3f5a403686602e811f3ee9bf3dda6cb03c53088f4df55b9da23842f31e0b7f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v119d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="barefoot-g126836a53_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57227
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEjum3KZiNPJMSuQK2BE81wO-QZPjM6EhmwxcpsJhcsQ66mItVgcpttd4bfKS71E9fyT0-H-FMxDrahzSvtqUCIltH_lh90PYVinmUvrFMQCWubHcfnN94rd3fhboaUTbSdr8SN8EEAuXBXOZPP7mTF0172gzFVgkuHdiUmN9iC0AOhbmJhHLtwESrw-=w640...
blogger.googleusercontent.com/img/a/ 57 KB
57 KB 872ms
832ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjum3KZiNPJMSuQK2BE81wO-QZPjM6EhmwxcpsJhcsQ66mItVgcpttd4bfKS71E9fyT0-H-FMxDrahzSvtqUCIltH_lh90PYVinmUvrFMQCWubHcfnN94rd3fhboaUTbSdr8SN8EEAuXBXOZPP7mTF0172gzFVgkuHdiUmN9iC0AOhbmJhHLtwESrw-=w640-h380

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2cbe94d8fa21766cfad5d493ab53ee2fe3d854454762f96eb308449011da8c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v10fe"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Squid-Game-season-2-warning-1515124.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58264
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 Warren_Buffett_KU_Visit.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpEiO1_Jh_RYMK4yArUDfp7TYK7qXsJ_Bt3G7lvpzcuSM6nPc4WvDeUiBjnjDqH7vvRUWp195iMmV7_8ZUINarVMWG5snxSs00nyDOlQehimFZo6N0HDKnZTqit5u8SkSsjl3wgpaToDEGLHXJ... 3 KB
3 KB 873ms
834ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ed48d4c4bc50ae35c953f052c49e2ae610d1dec4408af828620b882d731b29c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1271"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Warren_Buffett_KU_Visit.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2846
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEhreTgUboNaWT2zQS6LFbRqXwG5RrWnogLuJFkjqa21ZBsG6nSXCQ_bHKEiBMq6cg_lGanYJcauO9y74R_jc9BmK2L5r-wTfl9bvlshs89-4iVaYHq0FQR0Y4viPuLm_ejSJ89MZnY5tE6MhigvYYX1tjYkK4bhwnDo-rc3F-VpePsxOLCtU9erdOej=s72-...
blogger.googleusercontent.com/img/a/ 3 KB
3 KB 914ms
875ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca0e33ae71313d6ab70a57014a00a1656a1ccde255af0e9cf801d107dee9547d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1239"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Elon_Musk_Royal_Society_(crop2).jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2578
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEhNoIKETWecbmJSaM6Gz3v_H4ZYMussK-NoUu5v1_q4icPm_3Z9B8DNo3YHoDfv-hXL0pwhZVy2LsDaWgkIewN61D9YOvEg5yEL5x_ttlj-kUUmQP5J7y9ZpYdoINQW88PhgTi0qO3rmJeyTRzhRnyM9OBTfHcFkus0VSvB9jc-HSyj4OGPlHtAfgIm=s72-...
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 944ms
905ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

74f1ea4f0fb9ccca169fcfe57dc706dc76e5b4c4c5dd64f40082814df8ef1677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v11d2"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tiktok-ga6e3cc12f_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2322
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 AVvXsEg74MdoKa6eqTgjrWxrIO3DPqFm-WmKtxY-6E-Qc1oct9tkDJ0GVz7eOYjsW9Z_cb7l1UlRGx-vLZN64quJC4czR_RDaXEvp6fXjEJj8j0BcW2kYJxdu6fkJX1lcrkF0V-EJ4QK0hgsAskDcTUG06OKq2tOJ5xIn0Ub1SbLO9nHQ0MLvILwzLTfIb3i=s72-...
blogger.googleusercontent.com/img/a/ 3 KB
3 KB 996ms
957ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5e9de90aecc32802acf0815ca44b9c7ccf56b5dee048390a4f5a71d207b995d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v119d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="barefoot-g126836a53_1920.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2769
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 AVvXsEjum3KZiNPJMSuQK2BE81wO-QZPjM6EhmwxcpsJhcsQ66mItVgcpttd4bfKS71E9fyT0-H-FMxDrahzSvtqUCIltH_lh90PYVinmUvrFMQCWubHcfnN94rd3fhboaUTbSdr8SN8EEAuXBXOZPP7mTF0172gzFVgkuHdiUmN9iC0AOhbmJhHLtwESrw-=s72-...
blogger.googleusercontent.com/img/a/ 4 KB
4 KB 563ms
524ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4a57210d0f7db45f49010f20910c418aa3097bdb9170a9fca9b3c7bda6d6fa6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v10fe"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Squid-Game-season-2-warning-1515124.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4114
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEjamBoltjrA4iMj-xon5sVSxk6p1QDwGWS3NXFXT0tYqfzkiSheiHBuKy851dWwclbHCCek0sMfxsFPG_lrZKuhI_g_ZpGD4Cz293dBhgdLG_CUjOtlvvHJpeFgt7DKDLvnu5CGbUmJ4lr8JCUsMkIE0Xv7Uh_lwpIJLW_JkUSaxUhkSkMK8koQsK94=w640...
blogger.googleusercontent.com/img/a/ 178 KB
178 KB 1449ms
1430ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjamBoltjrA4iMj-xon5sVSxk6p1QDwGWS3NXFXT0tYqfzkiSheiHBuKy851dWwclbHCCek0sMfxsFPG_lrZKuhI_g_ZpGD4Cz293dBhgdLG_CUjOtlvvHJpeFgt7DKDLvnu5CGbUmJ4lr8JCUsMkIE0Xv7Uh_lwpIJLW_JkUSaxUhkSkMK8koQsK94=w640-h360

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31d3c1fb7e8db9d6fa224e60ccf6420c25d6b8d443da5d6f1b8815254b40fd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v10bd"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="radiant-nuclear_resize_md.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 182124
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 computer-g672a180ec_1920.jpg
1.bp.blogspot.com/-xRYtRCGYiLE/YVp8JaFYx3I/AAAAAAAAEGo/S9nhIV6E2_8gmat6JARhIBHi8z2HBDSDwCLcBGAsYHQ/w640-h426/ 106 KB
106 KB 377ms
340ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xRYtRCGYiLE/YVp8JaFYx3I/AAAAAAAAEGo/S9nhIV6E2_8gmat6JARhIBHi8z2HBDSDwCLcBGAsYHQ/w640-h426/computer-g672a180ec_1920.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0e7f0b8eebb2bcd52b4ed400ad6349e6737c22feb9262fb0d03673a84fd124be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v106b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="computer-g672a180ec_1920.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108457
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 1207661.jpg
1.bp.blogspot.com/-tWAtXuQqx1o/YVBqf6IUmOI/AAAAAAAAECM/-XkS9GOlqcgUuczjGf0W2y_0nNS6i8MUwCLcBGAsYHQ/w640-h400/ 26 KB
26 KB 619ms
582ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tWAtXuQqx1o/YVBqf6IUmOI/AAAAAAAAECM/-XkS9GOlqcgUuczjGf0W2y_0nNS6i8MUwCLcBGAsYHQ/w640-h400/1207661.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

958cbfd72fc762e959da211cb595d95ae6dbe1b77f9b40c0fc295e294864bd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1024"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1207661.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26512
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEjamBoltjrA4iMj-xon5sVSxk6p1QDwGWS3NXFXT0tYqfzkiSheiHBuKy851dWwclbHCCek0sMfxsFPG_lrZKuhI_g_ZpGD4Cz293dBhgdLG_CUjOtlvvHJpeFgt7DKDLvnu5CGbUmJ4lr8JCUsMkIE0Xv7Uh_lwpIJLW_JkUSaxUhkSkMK8koQsK94=s72-...
blogger.googleusercontent.com/img/a/ 8 KB
8 KB 1194ms
1176ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d6a1009c35949433ba540c22d2d4e41db56a57ad77778a1d1ff5409896336f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v10bd"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="radiant-nuclear_resize_md.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7950
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 computer-g672a180ec_1920.jpg
1.bp.blogspot.com/-xRYtRCGYiLE/YVp8JaFYx3I/AAAAAAAAEGo/S9nhIV6E2_8gmat6JARhIBHi8z2HBDSDwCLcBGAsYHQ/s72-w640-h426-c/ 4 KB
4 KB 478ms
441ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xRYtRCGYiLE/YVp8JaFYx3I/AAAAAAAAEGo/S9nhIV6E2_8gmat6JARhIBHi8z2HBDSDwCLcBGAsYHQ/s72-w640-h426-c/computer-g672a180ec_1920.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c43e184061b0b5f8d75ad4a355fc0ea790115b1df2dfbce02efb9500cf996b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v106b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="computer-g672a180ec_1920.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4512
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 1207661.jpg
1.bp.blogspot.com/-tWAtXuQqx1o/YVBqf6IUmOI/AAAAAAAAECM/-XkS9GOlqcgUuczjGf0W2y_0nNS6i8MUwCLcBGAsYHQ/s72-w640-h400-c/ 4 KB
4 KB 533ms
497ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tWAtXuQqx1o/YVBqf6IUmOI/AAAAAAAAECM/-XkS9GOlqcgUuczjGf0W2y_0nNS6i8MUwCLcBGAsYHQ/s72-w640-h400-c/1207661.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b89f8cd259a480a344d410f98604fa19cc743d3a90304e87168427247cccc92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1024"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1207661.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3719
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 169ms
125ms Script
text/javascript 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 01:19:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3ACA 13 KB
5 KB 53ms
3ms Document
text/html 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lamanfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:01:49 GMT
expires: Thu, 21 Dec 2023 01:01:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E7D8 783 B
1 KB 123ms
41ms Document
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3579a48937cdc01a96b0fc9fcc6db2a53b0d980474ae468be3de6463263c463f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ATt9zWgg4rgmcGky-Ss91w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lamanfo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ATt9zWgg4rgmcGky-Ss91w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:19:46 GMT
expires: Wed, 21 Dec 2022 01:19:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AVvXsEgCmsHVUx6VkQMF3T7HXvPZDNCqWcHRG1FrbQdmc0yv9OpOuN7-0-rV6qm10yLdqqoE5h3NIEqrseeDyb35Xg8tTw4mfF51qe3SAq4IqhB98z91gBAxPinUweACdXAI3etcbSpvGJ7yCBGrm5s8uc7QOahVpOkc5Tvg7W3OjUiWDec40PeZJyjjPsyK=w640...
blogger.googleusercontent.com/img/a/ 12 KB
12 KB 556ms
556ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgCmsHVUx6VkQMF3T7HXvPZDNCqWcHRG1FrbQdmc0yv9OpOuN7-0-rV6qm10yLdqqoE5h3NIEqrseeDyb35Xg8tTw4mfF51qe3SAq4IqhB98z91gBAxPinUweACdXAI3etcbSpvGJ7yCBGrm5s8uc7QOahVpOkc5Tvg7W3OjUiWDec40PeZJyjjPsyK=w640-h640

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cb93447765d18c22149683ce677d6543071679fb8ad3edac37c1ea8446ca368a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v111a"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MySejahtera_logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEgD1RpSgjTl7czxPr8_EL91YohsqFUCyr-FKbSRZ9Rqn9dvCyM9lUawiRiT_4H8y1E3mAVw69l9bnvuwHkBFPAEDHJEhQ7WrneUZW-18Tc14jMb7hoKsYlEHmDVbyc7QeF903Ljhd1aVyobpPhIoLlVv9zD2Qn3whygkcv9SDP4uL83KaCVYKdSImLy=w640...
blogger.googleusercontent.com/img/a/ 80 KB
80 KB 491ms
488ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgD1RpSgjTl7czxPr8_EL91YohsqFUCyr-FKbSRZ9Rqn9dvCyM9lUawiRiT_4H8y1E3mAVw69l9bnvuwHkBFPAEDHJEhQ7WrneUZW-18Tc14jMb7hoKsYlEHmDVbyc7QeF903Ljhd1aVyobpPhIoLlVv9zD2Qn3whygkcv9SDP4uL83KaCVYKdSImLy=w640-h504

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e6100c6cfb718cddbd75ea8a11057676913cc11c93103fba8591aed28649a64b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v108e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dark_tourism_darktourism2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81714
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEiYVzZTLSfjqEYMmArT4e1Mmkm67SOHKOYndg5lYW8bkq2akiMCrQDMAknZdbSKYPA0NcwtWOrbLnDCT_WH7v8tnGSLrMI9uGM3BZWM6jh57dfWIr1aaCOV-cjSTk-KEwm7WT8ht6oULzehCQzH5B0NxuXiqY1BEyapZQBBI--glPaaJSwpUaYZzPeA=w640...
blogger.googleusercontent.com/img/a/ 80 KB
80 KB 564ms
562ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiYVzZTLSfjqEYMmArT4e1Mmkm67SOHKOYndg5lYW8bkq2akiMCrQDMAknZdbSKYPA0NcwtWOrbLnDCT_WH7v8tnGSLrMI9uGM3BZWM6jh57dfWIr1aaCOV-cjSTk-KEwm7WT8ht6oULzehCQzH5B0NxuXiqY1BEyapZQBBI--glPaaJSwpUaYZzPeA=w640-h380

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

55aa9d64e890ce0a30955d9771a64d592597b274a1f8f191295be91a8be444a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v108f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dark_tourism_dark_tourism1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81722
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEg-VMqmPN6QYhgyVzYPyMUwfmlcPTc8PY4IwKtX2f86LfzwguNAmoFoLwp4Of8IMjHyWLsSdM5qTrmz6ybSY7weOaDkhGGy2EmWq1dOgKNudYoB5K2gnjlGVTfLnHz75AjmKVVajEuqoePnRJWTB4hrAAjKVktpwntPDLCmC-eOVqXGjj6gENVRjfZp=w514...
blogger.googleusercontent.com/img/a/ 87 KB
87 KB 582ms
579ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEg-VMqmPN6QYhgyVzYPyMUwfmlcPTc8PY4IwKtX2f86LfzwguNAmoFoLwp4Of8IMjHyWLsSdM5qTrmz6ybSY7weOaDkhGGy2EmWq1dOgKNudYoB5K2gnjlGVTfLnHz75AjmKVVajEuqoePnRJWTB4hrAAjKVktpwntPDLCmC-eOVqXGjj6gENVRjfZp=w514-h640

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bce088d0b5c6487208886736968f2fc0265fad9059d3c28aa69ca49aeb5a5032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1091"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="salt-trails.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89075
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 annuar_musa_wisma_rtm_1509_%25281%2529.jpeg
1.bp.blogspot.com/-UK40Ofyc4U4/YVkcGS9bScI/AAAAAAAAEF0/5tKXhWKjA-UQGCxr2JbsrbY7e4UhB-A6gCLcBGAsYHQ/w640-h426/ 81 KB
81 KB 50ms
47ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UK40Ofyc4U4/YVkcGS9bScI/AAAAAAAAEF0/5tKXhWKjA-UQGCxr2JbsrbY7e4UhB-A6gCLcBGAsYHQ/w640-h426/annuar_musa_wisma_rtm_1509_%25281%2529.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e544ccfd8cca8ac5979f1de601278c35e3c6e996ee7b36735620f955aae1166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v105e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="annuar_musa_wisma_rtm_1509_(1).jpeg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82832
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 JPN-sabah-640x339.jpg
1.bp.blogspot.com/-OLPGbDWr0Wg/YVR1HMeRniI/AAAAAAAAED4/9s2LtcDxqkEMfRz6vENDos2GTPtdu9qvQCLcBGAsYHQ/w640-h340/ 44 KB
45 KB 275ms
272ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-OLPGbDWr0Wg/YVR1HMeRniI/AAAAAAAAED4/9s2LtcDxqkEMfRz6vENDos2GTPtdu9qvQCLcBGAsYHQ/w640-h340/JPN-sabah-640x339.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a336602bef463e427183710bb55959b804fdd1d685122d6697cc872d37363cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1040"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="JPN-sabah-640x339.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45564
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 202109281149029820.jpg
1.bp.blogspot.com/-_2YMcLoARuw/YVR1VoZ07SI/AAAAAAAAED8/DOztjavCcxg0pJX13JUob23NY8_o0DH6gCLcBGAsYHQ/w640-h504/ 50 KB
50 KB 46ms
43ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_2YMcLoARuw/YVR1VoZ07SI/AAAAAAAAED8/DOztjavCcxg0pJX13JUob23NY8_o0DH6gCLcBGAsYHQ/w640-h504/202109281149029820.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d8728f3ac19f4c37ec8435d22157a1a6ff0433acc18753cfe5c48913e402971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1041"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="202109281149029820.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51466
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 Screenshot_20210929-134513-e1632895267365-525x1024.jpg
1.bp.blogspot.com/-WQ2s49Vs8-I/YVR2Lq4pojI/AAAAAAAAEEI/7bqor6Vqn9sSOsveB0e46iOtoiWhVo0PQCLcBGAsYHQ/w328-h640/ 61 KB
61 KB 47ms
45ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WQ2s49Vs8-I/YVR2Lq4pojI/AAAAAAAAEEI/7bqor6Vqn9sSOsveB0e46iOtoiWhVo0PQCLcBGAsYHQ/w328-h640/Screenshot_20210929-134513-e1632895267365-525x1024.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37566af9b08ec951fe5fae143158af810ab6d63391ad8fd57bad301da19d7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1043"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Screenshot_20210929-134513-e1632895267365-525x1024.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62714
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 Screenshot_20210929-135409-e1632895596203-516x1024.webp
1.bp.blogspot.com/-RQAhIY4URME/YVR2c9qOVcI/AAAAAAAAEEQ/0-uBrOHJ3rEU080S-JVB8wIXr-h3moMuQCLcBGAsYHQ/w322-h640/ 34 KB
34 KB 46ms
44ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-RQAhIY4URME/YVR2c9qOVcI/AAAAAAAAEEQ/0-uBrOHJ3rEU080S-JVB8wIXr-h3moMuQCLcBGAsYHQ/w322-h640/Screenshot_20210929-135409-e1632895596203-516x1024.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04cc373526e61a7988a8cb32c0e328fc2ce6a5e910831a2864f0e549fdaafc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1045"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Screenshot_20210929-135409-e1632895596203-516x1024.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34573
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 Screenshot-310.webp
1.bp.blogspot.com/-STLjTUJPz7k/YVR3Abh6gnI/AAAAAAAAEEY/6ibbuzIPQLAgcRBlt_BGV6CFb9p77NUJwCLcBGAsYHQ/w640-h196/ 25 KB
25 KB 100ms
98ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-STLjTUJPz7k/YVR3Abh6gnI/AAAAAAAAEEY/6ibbuzIPQLAgcRBlt_BGV6CFb9p77NUJwCLcBGAsYHQ/w640-h196/Screenshot-310.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcb5d917106d39e01475b61c49a97c458e7647d78cf3d7e4f813973a519463bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1047"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Screenshot-310.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25364
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 242477624_531323717965808_3234519410478253608_n.jpg
1.bp.blogspot.com/-s-WkOYJIWAQ/YU2kgOpNM1I/AAAAAAAAEBE/QQEafehXWs8nYrrFs-eJIeIGlN2F_XZuQCLcBGAsYHQ/w640-h640/ 173 KB
173 KB 52ms
50ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-s-WkOYJIWAQ/YU2kgOpNM1I/AAAAAAAAEBE/QQEafehXWs8nYrrFs-eJIeIGlN2F_XZuQCLcBGAsYHQ/w640-h640/242477624_531323717965808_3234519410478253608_n.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4932672636ea5e509b780bea2c5da30576066e373ce7a5418b53866285120333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1012"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="242477624_531323717965808_3234519410478253608_n.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 176892
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 AVvXsEgCmsHVUx6VkQMF3T7HXvPZDNCqWcHRG1FrbQdmc0yv9OpOuN7-0-rV6qm10yLdqqoE5h3NIEqrseeDyb35Xg8tTw4mfF51qe3SAq4IqhB98z91gBAxPinUweACdXAI3etcbSpvGJ7yCBGrm5s8uc7QOahVpOkc5Tvg7W3OjUiWDec40PeZJyjjPsyK=s72-...
blogger.googleusercontent.com/img/a/ 5 KB
5 KB 753ms
751ms Image
image/png 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f26240e070bbd12ef3bad7c7f4d22d4b52e344e1878bb6e8dfd10a68b5be9a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v111a"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MySejahtera_logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4678
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:47 GMT

GET
H3 200 AVvXsEgD1RpSgjTl7czxPr8_EL91YohsqFUCyr-FKbSRZ9Rqn9dvCyM9lUawiRiT_4H8y1E3mAVw69l9bnvuwHkBFPAEDHJEhQ7WrneUZW-18Tc14jMb7hoKsYlEHmDVbyc7QeF903Ljhd1aVyobpPhIoLlVv9zD2Qn3whygkcv9SDP4uL83KaCVYKdSImLy=s72-...
blogger.googleusercontent.com/img/a/ 3 KB
3 KB 538ms
536ms Image
image/jpeg 2404:6800:4004:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0cf1961389e7862062cefcccfb586e40ea5d38bd55dd34837b3852f8b54fe20b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v108e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dark_tourism_darktourism2.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2938
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 annuar_musa_wisma_rtm_1509_%25281%2529.jpeg
1.bp.blogspot.com/-UK40Ofyc4U4/YVkcGS9bScI/AAAAAAAAEF0/5tKXhWKjA-UQGCxr2JbsrbY7e4UhB-A6gCLcBGAsYHQ/s72-w640-h426-c/ 4 KB
4 KB 293ms
291ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UK40Ofyc4U4/YVkcGS9bScI/AAAAAAAAEF0/5tKXhWKjA-UQGCxr2JbsrbY7e4UhB-A6gCLcBGAsYHQ/s72-w640-h426-c/annuar_musa_wisma_rtm_1509_%25281%2529.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

713a8748bae459d39441bd8e6ca68fdf7dc2558ca2da992ea941c630d28407c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v105e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="annuar_musa_wisma_rtm_1509_(1).jpeg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4069
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 JPN-sabah-640x339.jpg
1.bp.blogspot.com/-OLPGbDWr0Wg/YVR1HMeRniI/AAAAAAAAED4/9s2LtcDxqkEMfRz6vENDos2GTPtdu9qvQCLcBGAsYHQ/s72-w640-h340-c/ 5 KB
5 KB 48ms
46ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-OLPGbDWr0Wg/YVR1HMeRniI/AAAAAAAAED4/9s2LtcDxqkEMfRz6vENDos2GTPtdu9qvQCLcBGAsYHQ/s72-w640-h340-c/JPN-sabah-640x339.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da7ec638d9a86fa54bf6870125b77bcc3ca8a954567123bb461146a7870bec40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1040"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="JPN-sabah-640x339.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5105
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 242477624_531323717965808_3234519410478253608_n.jpg
1.bp.blogspot.com/-s-WkOYJIWAQ/YU2kgOpNM1I/AAAAAAAAEBE/QQEafehXWs8nYrrFs-eJIeIGlN2F_XZuQCLcBGAsYHQ/s72-w640-h640-c/ 5 KB
5 KB 51ms
49ms Image
image/jpeg 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-s-WkOYJIWAQ/YU2kgOpNM1I/AAAAAAAAEBE/QQEafehXWs8nYrrFs-eJIeIGlN2F_XZuQCLcBGAsYHQ/s72-w640-h640-c/242477624_531323717965808_3234519410478253608_n.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

658ca28760d74234209c6f9b29a2c10495150a54b795f7921f831b50a65a3da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1012"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="242477624_531323717965808_3234519410478253608_n.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4941
x-xss-protection: 0
expires: Thu, 22 Dec 2022 01:19:46 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ACA 36 KB
16 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 23:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 23:43:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E7D8 0
0 41ms
40ms Image
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2950894794715476&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3ACA 0
10 B 3ms
2ms Image
text/plain 2404:6800:4004:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4E69DQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81e::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2950894794715476&bg=!Z2SlZCDNAAYgquz3AKo7ACkAdvg8WnQi_N75WWPlgWwILYvk06GGqqD5TxoMJgNBoqAg-Opsstf0hwIAAABMUgAAAANoAQcKADjwR_gEJwRbNBtoiC4dL_qjfIaP2e7Z2ni33RU9lsjAVzdePRNCtEAQRPYrhgztges2o2uwmp6veZkC0NEdq5P56UVxzIZCfkrGXr5dxe2yX_tjeG71lY29xi2BRV0lF-2kNLW_BqDZm2k-QlZWae7a3M79NLLmkjanvOAo6kLdumK6w6uBx3e3uobiBfM3UmNa3rhBCADpmuVLPGtxeOE9BYqbQ26Pfh7PDY-aypyNkomDrhgtFCZTEQgppLlVz-qBu3gXNr4ZAnZ0vMLPHqRwCBwiju3mScR7bv0pjtWG1W7GgZwpqZF7S6H6cnMGrDbvEWuA65hxlEusOaMpb2ck66qsxyGjLHOhVMVbIa6qjwurWqwNk4u3PW_kL_-nBagvlfLZqJJmw2CaIqNBiX3WSOTTSO2QnKDtOdmjMSRN_ZBtNica3KKndNYjZR38v_zXvHS4tmMNuJSu1EPHZdXtoDtowMVmglAJkp33eD8LWILdJ2lAMW1BMwo6_n9mx4ERjcdm3xSYXq-TvTZQvQsksn0_IaZHxhOTDBwrlHqTi9H7eIWKW2bBRYkJzkH5eSY9NKe5MteDII5HiA_WU-VOkFz7ShTr_7DNzwuR7FhNppIgn59qRmeCdVjgQyYCqc7mGfeBdDk_Dj2rLrwFsqS1OMpgeI1dlUQMYXBzkOB8BsAgPK7S4xsyvfzvMUA8y-_OuCOmwimFv4vs6Ymgp38__fEgP1pd352lb0tlh5p94-8e00dvm1PnVkvWRVkQ1hcO93Cma8xk-5uPZ7-msen7orcXVsQwsrLuriu9YAwZcLB432-g9TkyU3yAeBD408I5lJW5T7WwQ1VNAkl-Py9beSPrSTBvckwzr0ZhLyO2tzRpFXeD3pw92794YXvrDks5x25VpDOfx7lk5j9y5tcsXrpop56mhHYrynjcfGjpRLM9ylNiSEuODsTlf9c2futKxs8ozD9ICmINywrvTurqOzTvXPHSEXsB_YPVB2H7Ys6B8AwteqksJ6fgzdENSlhOdYdEA-lWKP3uHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 09023711255.png
littlecdn.com/contents/s/6f/ff/49/d618b9c167ead557de6448ea44/ 55 KB
55 KB 30ms
12ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/6f/ff/49/d618b9c167ead557de6448ea44/09023711255.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adfd94d82626b3d2c0d9c2cd89a13f75cdcd4e563c8ed431a4c73b430b365e5e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.lamanfo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:19:47 GMT
cf-cache-status: HIT
age: 6460
content-length: 55954
last-modified: Fri, 10 Apr 2020 15:56:06 GMT
server: cloudflare
etag: "5e909716-da92"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 77ccca9fdf6c2689-NRT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lamanfo.com/	1970-01-20 17:55:45	Name: _ga Value: GA1.2.823521960.1671585585
.lamanfo.com/	1970-01-20 08:21:11	Name: _gid Value: GA1.2.1016885451.1671585585
.lamanfo.com/	1970-01-20 08:19:45	Name: _gat_blogger Value: 1
.lamanfo.com/	1970-01-20 17:41:21	Name: __gads Value: ID=688228c8d79d1a20-22291bccf7d8005d:T=1671585584:RT=1671585584:S=ALNI_MbwauuldbKo89oOMRNFosbNtIhBGw
.lamanfo.com/	1970-01-20 17:41:21	Name: __gpi Value: UID=00000b94f1754280:T=1671585584:RT=1671585584:S=ALNI_Mb4cXV2h1JWnI6ODwt53aCqRHBajg
.doubleclick.net/	1970-01-20 08:19:46	Name: test_cookie Value: CheckForPermission
bedrapiona.com/	1970-01-20 17:05:21	Name: OAID Value: fc315658d12c4ac0b017a6e595c47d76
bedrapiona.com/	1970-01-20 17:05:21	Name: oaidts Value: 1671585585
.apps.elfsight.com/	1970-01-20 08:19:45	Name: _p_hfp_client_id Value: 3831154173
my.rtmark.net/	1970-01-20 17:05:21	Name: ID Value: fc315658d12c4ac0b017a6e595c47d76
untimburra.com/	1970-01-20 17:05:21	Name: OAID Value: fc315658d12c4ac0b017a6e595c47d76

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pl16571809.effectivecpmgate.com/1ebe0bfdc6a8b55ca16064bc02ee40cd/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl16579309.effectivecpmgate.com/e1/ca/ba/e1cabafe85431e73145d6d3428dcec4c.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
apps.elfsight.com
bedrapiona.com
blogger.googleusercontent.com
connect.facebook.net
covidnow.moh.gov.my
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hijrah.mfrapps.com
iclickcdn.com
littlecdn.com
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
pl16571809.effectivecpmgate.com
pl16579309.effectivecpmgate.com
stackpath.bootstrapcdn.com
static.elfsight.com
tpc.googlesyndication.com
tzegilo.com
untimburra.com
www.blogger.com
www.google-analytics.com
www.google.com
www.lamanfo.com
www.mysalam.com.my
139.45.195.254
139.45.195.8
139.45.197.234
139.45.197.239
173.233.137.36
192.243.61.227
2404:6800:4004:812::2009
2404:6800:4004:813::2004
2404:6800:4004:81e::2001
2404:6800:4004:820::200a
2404:6800:4004:821::2002
2404:6800:4004:822::2002
2404:6800:4004:823::2002
2404:6800:4004:823::2013
2404:6800:4004:824::2001
2404:6800:4004:824::2003
2404:6800:4004:825::2002
2404:6800:4004:826::200e
2404:6800:4004:827::2001
2404:6800:400a:813::200a
2606:4700:10::6816:1874
2606:4700:20::681a:66b
2606:4700:20::ac43:4b09
2606:4700:3030::6815:4c6
2606:4700:3036::ac43:c22d
2606:4700:310c::ac42:2d27
2606:4700::6812:bcf
2a03:2880:f00f:8:face:b00c:0:1
58.26.8.16
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02afb9d1f4cb5c230676a039e638ff05a6e0168f41dfa6a12a2ff3b79b1734bb
04cc373526e61a7988a8cb32c0e328fc2ce6a5e910831a2864f0e549fdaafc1a
083530d202ee1c4989efae0e4fbd8d29d4e6663418d9adebef638b7bcbfb1938
08447a80d407deaf92461b52c435317a0ec77f86a51ebefa67c001c8f2a8c296
09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696
0a4ca8fa401392add5f9d7717c4d9936c6254951d749db4c41533a74043dc5b4
0cf1961389e7862062cefcccfb586e40ea5d38bd55dd34837b3852f8b54fe20b
0d8728f3ac19f4c37ec8435d22157a1a6ff0433acc18753cfe5c48913e402971
0e7f0b8eebb2bcd52b4ed400ad6349e6737c22feb9262fb0d03673a84fd124be
11f6c7a6934ef81dccfa0b45d6af2035068d11b575ef42e20cf1551f7abf3efb
198dee825f728722cc2e6d974bfa04e51ec7a5616d2f3663058e9cd805362e5d
199c55a17b4d34886d3177f3deb2c9ff627b8453986a321931d678bfd9d8ed56
1d2fb8befd43d8f65d10e736e6d4a2ac8a8a2cfadaac10ad3312f8c64ef43d7f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c53bdf8ce054fec6b12a00b59590cbf4b16db24970dbb3fdb0664ea3d635885
2cbe94d8fa21766cfad5d493ab53ee2fe3d854454762f96eb308449011da8c2a
2fb79688ef6e8f5db5e0a0bf5a149b3808b2d4fcf9d2e9954cd3c003e28d6449
31d3c1fb7e8db9d6fa224e60ccf6420c25d6b8d443da5d6f1b8815254b40fd45
31f122d3e60d95fc9d1195bc77efb8fbbeacbe5498ad086ea13d9a49903aa596
3579a48937cdc01a96b0fc9fcc6db2a53b0d980474ae468be3de6463263c463f
37566af9b08ec951fe5fae143158af810ab6d63391ad8fd57bad301da19d7df4
3b18a64d8ecac1a3291447c204cc792f758072b4ba344705b11e182eac25b0c2
3f5a403686602e811f3ee9bf3dda6cb03c53088f4df55b9da23842f31e0b7f0e
43348bf69cb69a94fc3b29efa4b7b9149ac9d83bb66a2221e420ee1692ffa068
45b05fd1f3e8cfc848492b818ffb1081a7be4a6e125fd542afe50363b0ace947
4932672636ea5e509b780bea2c5da30576066e373ce7a5418b53866285120333
4a57210d0f7db45f49010f20910c418aa3097bdb9170a9fca9b3c7bda6d6fa6e
4e544ccfd8cca8ac5979f1de601278c35e3c6e996ee7b36735620f955aae1166
532094925bc2b295f2fef9f4ca876dacbc839c72f1c765d6cfb0496c6f2d8fc9
544d04eeba2eae531bc9739b40f17234b229d9e7bd0e46d6d6f0cafd916c36cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aa9d64e890ce0a30955d9771a64d592597b274a1f8f191295be91a8be444a5
57df0348d6c00360aa9e0a119035e735592f3454a9bb1dd5a5f8f0f97b21905e
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5e9de90aecc32802acf0815ca44b9c7ccf56b5dee048390a4f5a71d207b995d3
614f238ae1677e66f94cb6ded0a768ed271cdc780e842e78f44660f799a09b9f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658ca28760d74234209c6f9b29a2c10495150a54b795f7921f831b50a65a3da6
660f2e0c5553ed0b28ee52bf9db7a8ba7c52d6722ecb2a4219ce065402049cf3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67c08526bc9f0cbec92d159aaf947a4116fe84f128626d95b1700c7830aecc81
6a336602bef463e427183710bb55959b804fdd1d685122d6697cc872d37363cc
6ae723e61efb47aea0e22ef242b78190b8e5f933f6132750370c8c91c8b53f46
6e62bc9a56c1ccaa3a5f614f48cc41971e35cbb2823a21d06626e77a0aec3268
6fbc63b50b1a10a591d69fbe1ef1e5db6d6186970d5b9950b8150829e4bd2b77
713a8748bae459d39441bd8e6ca68fdf7dc2558ca2da992ea941c630d28407c4
726390da4b148658e743c785f591516c4e640bf0217749ce9a1c0fda321545a4
74f1ea4f0fb9ccca169fcfe57dc706dc76e5b4c4c5dd64f40082814df8ef1677
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b16eab4d863cb5781c1f598aff59387457a732f3c158f0de6aa0005f9e836f2
7ec275664c47b6ed4e669c30c45faf44098ba646281b55e11235c02ccd56372f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88ff49e85100c0251895ef3d399f2df01c6c791be52420d62d427337fdd05899
8f05e5047943dc604029893b54d14b4f8211c35902d01d7ae7a95a9a8904f114
958cbfd72fc762e959da211cb595d95ae6dbe1b77f9b40c0fc295e294864bd7d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e2c4c39c8e36dae414723b428d9f6b6c046970a369b2489ce52acea3c15a16c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b561fb084db0a29c66052232056511c653ded125008ddd609b2bacd7391af1
a774521348019539e77b3d6be2aa85b3a6dee50fa4f2874e60289008e8fa209d
ad7050e6a2f40cee61cc15dc9a1926e0505c2ea188141432f8430891fe871e8b
adfd94d82626b3d2c0d9c2cd89a13f75cdcd4e563c8ed431a4c73b430b365e5e
b0690938af538b64e7e2ed699e952a6662052f08003ac154dab5852a2cf5a837
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3b0ebe674722d92f0736aef1a705ba28d59628b8ce6d9ad701bf5a836eb7916
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b61ea3dac0268f52a3c21848816100e8a62df8bbf257d0277bafee8e175938c8
b89f8cd259a480a344d410f98604fa19cc743d3a90304e87168427247cccc92d
bab08afec35f43346ae0372ee67ddc1b0bf3dc8fa6ac6a51a601c506a55f24c1
bcb5d917106d39e01475b61c49a97c458e7647d78cf3d7e4f813973a519463bd
bce088d0b5c6487208886736968f2fc0265fad9059d3c28aa69ca49aeb5a5032
c2f1da03cebfd2b3e4b212be09bd675925e2b86f0dc4a8456b789269a93be67a
c43e184061b0b5f8d75ad4a355fc0ea790115b1df2dfbce02efb9500cf996b8f
c6dc50603fb6fe8835a9dcf8ebd1803e03f669a8166557e72b9124b03cb59e97
ca0e33ae71313d6ab70a57014a00a1656a1ccde255af0e9cf801d107dee9547d
ca4b745a1a9db7f448d872055cf6c355cc64be3414c29a4166a58417fdfe1799
cb93447765d18c22149683ce677d6543071679fb8ad3edac37c1ea8446ca368a
cf80e30f4beea55404e354443e9a35b2439dabf8c76eb0c5dac1eadb7ef2a3a8
cf824475fdd7d0251d4889db9230cbd56c8c06e965fb7654491000bf7d3c82d8
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d4686540df5533b4b79172e9763fb36418bb24889c1834d0e434a1093f5681ac
d4d923e9005cc7979b17c394a0500c5428efb859ee4d56ecbcebd26711105f6e
d6a1009c35949433ba540c22d2d4e41db56a57ad77778a1d1ff5409896336f4a
da616824ae8b40c5da930a6778a87e84838c00d6520d20d7c3e0be6b05be266e
da7ec638d9a86fa54bf6870125b77bcc3ca8a954567123bb461146a7870bec40
e03f855f75cfe180f8670a79b378c06fb4d116c72adb137f3f820fddaf06bd3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6100c6cfb718cddbd75ea8a11057676913cc11c93103fba8591aed28649a64b
e6cc18465d6c64d9680cdf3529a87c4e713407b715756d17d2874eeba5471eaa
ecfbc00429c7363f5ff47562e99e5bc5e9df111a4f1d7b32de04ed4dbc1b1881
ed48d4c4bc50ae35c953f052c49e2ae610d1dec4408af828620b882d731b29c3
efae63871ebdeb69e7d64c6782924f72584f962d540b8c55237cba93c026af16
f26240e070bbd12ef3bad7c7f4d22d4b52e344e1878bb6e8dfd10a68b5be9a66
f44097db821dfe8a16cb3972f89b09df6523beb3c0eb97573acb50be968525dc

www.lamanfo.com Open in urlscan Pro 2404:6800:4004:823::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

99 %HTTPS

76 %IPv6

26 Domains

31 Subdomains

30 IPs

5 Countries

4552 kBTransfer

6324 kBSize

11 Cookies

14 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lamanfo.com Open in urlscan Pro
2404:6800:4004:823::2013 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

99 %
HTTPS

76 %
IPv6

26
Domains

31
Subdomains

30
IPs

5
Countries

4552 kB
Transfer

6324 kB
Size

11
Cookies

104 HTTP transactions
3 data transactions