for-j.com Open in urlscan Pro
172.64.155.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wildwingshackers.blogspot.mx/
Effective URL:
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296974716651176025&sourceid=21977-702b5be1&tt=2&geo=us
Submission: On November 02 via api (November 2nd 2023, 9:08:45 pm UTC) from US — Scanned from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 23 domains to perform 51 HTTP transactions. The main IP is 172.64.155.33, located in and belongs to . The main domain is for-j.com.
TLS certificate: Issued by GTS CA 1P5 on September 23rd 2023. Valid for: 3 months.

This is the only time for-j.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c06::bf	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	173.233.139.164 173.233.139.164	7979 (SERVERS-COM) (SERVERS-COM)
1 4	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	173.233.137.44 173.233.137.44	7979 (SERVERS-COM) (SERVERS-COM)
1	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c08::77	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.8 185.66.201.8	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	99.198.106.197 99.198.106.197	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	172.64.155.33 172.64.155.33	() ()
51	26

2 2607:f8b0:4004:c17::84 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

wildwingshackers.blogspot.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wildwingshackers.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c06::bf (Washington, United States)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img1.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl17008340.trustedcpmrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)

pl17008340.highrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.66.200.220 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

udbaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xvaaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)

pl17008343.trustedcpmrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.effectivedisplaycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c08::77 (Ashburn, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

qoca.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu

010500.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.106.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

369.325444.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.33 (None, )

ASN- ()

for-j.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	9 KB
5	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 4189 r.skimresources.com — Cisco Umbrella Rank: 4107 t.skimresources.com — Cisco Umbrella Rank: 4258 p.skimresources.com — Cisco Umbrella Rank: 5327	20 KB
4	blogblog.com img1.blogblog.com — Cisco Umbrella Rank: 92529 resources.blogblog.com — Cisco Umbrella Rank: 18336	949 B
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 10409	66 KB
3	325444.space 369.325444.space	4 KB
3	gstatic.com fonts.gstatic.com	92 KB
3	highrevenuegate.com pl17008340.highrevenuegate.com
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	xvaaa.com 1 redirects xvaaa.com	1 KB
2	udbaa.com udbaa.com — Cisco Umbrella Rank: 245246	5 KB
2	trustedcpmrevenue.com pl17008340.trustedcpmrevenue.com pl17008343.trustedcpmrevenue.com
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	186 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	35 KB
2	blogspot.com wildwingshackers.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11116	34 KB
1	for-j.com for-j.com	14 KB
1	010500.shop 010500.shop	351 B
1	qoca.site qoca.site — Cisco Umbrella Rank: 237557	715 B
1	effectivedisplaycontent.com www.effectivedisplaycontent.com — Cisco Umbrella Rank: 681424
1	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6655	3 KB
1	blogspot.mx 1 redirects wildwingshackers.blogspot.mx	296 B
0	hetahien.com Failed ak.hetahien.com Failed
51	23

	Domain	Requested by
6	i.ytimg.com	wildwingshackers.blogspot.com
4	www.blogger.com	wildwingshackers.blogspot.com
3	369.325444.space	010500.shop 369.325444.space
3	fonts.gstatic.com	fonts.googleapis.com
3	pl17008340.highrevenuegate.com	wildwingshackers.blogspot.com
2	p.skimresources.com	wildwingshackers.blogspot.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	wildwingshackers.blogspot.com connect.facebook.net
2	xvaaa.com	1 redirects wildwingshackers.blogspot.com
2	udbaa.com	wildwingshackers.blogspot.com
2	resources.blogblog.com	wildwingshackers.blogspot.com
2	img1.blogblog.com	wildwingshackers.blogspot.com
2	pagead2.googlesyndication.com	wildwingshackers.blogspot.com pagead2.googlesyndication.com
2	maxcdn.bootstrapcdn.com	wildwingshackers.blogspot.com maxcdn.bootstrapcdn.com
1	for-j.com	369.325444.space
1	010500.shop	qoca.site
1	qoca.site	xvaaa.com
1	t.skimresources.com	wildwingshackers.blogspot.com
1	r.skimresources.com	s.skimresources.com
1	1.bp.blogspot.com	wildwingshackers.blogspot.com
1	www.effectivedisplaycontent.com	wildwingshackers.blogspot.com
1	resources.infolinks.com	wildwingshackers.blogspot.com
1	pl17008343.trustedcpmrevenue.com	wildwingshackers.blogspot.com
1	s.skimresources.com	wildwingshackers.blogspot.com
1	pl17008340.trustedcpmrevenue.com	wildwingshackers.blogspot.com
1	ajax.googleapis.com	wildwingshackers.blogspot.com
1	fonts.googleapis.com	wildwingshackers.blogspot.com
1	wildwingshackers.blogspot.com
1	wildwingshackers.blogspot.mx	1 redirects
0	ak.hetahien.com Failed	for-j.com
51	30

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
trustedcpmrevenue.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
highrevenuegate.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
banners.udbaa.com R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.skimresources.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-11-07`	a year	crt.sh
xvaaa.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
effectivedisplaycontent.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
qoca.site R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
010500.shop R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
369.325444.space R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
for-j.com GTS CA 1P5	`2023-09-23` - `2023-12-22`	3 months	crt.sh

This page contains 4 frames:

Frame: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296974716651176025&var=21977-702b5be1
Frame ID: 5AB68F8EAB0166AA7348B3B8D6A3D187
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Frame ID: 0E16F7C7F64B5F1C685362C0D5358D72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6794290122359041&output=html&adk=1812271804&adf=3025194257&lmt=1698580391&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwildwingshackers.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698959317937&bpp=3&bdt=630&idt=338&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5425687683251&frm=20&pv=2&ga_vid=1151589990.1698959318&ga_sid=1698959318&ga_hid=885499492&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079232%2C44805931%2C44807048%2C44807464%2C31078301%2C31079328&oid=2&pvsid=3496547740687357&tmod=873243254&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=361
Frame ID: 08C8E484EE597461F22A8F90798CA0A1
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.1969387882502236
Frame ID: 5FB33DDB41650818B8213A1D09FDF4C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click "Allow" To Continue

Page URL History Show full URLs

https://wildwingshackers.blogspot.mx/ HTTP 302
https://wildwingshackers.blogspot.com/ Page URL
https://xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a HTTP 302
https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdC... Page URL
https://010500.shop/go.php?go=https%3A%2F%2F369.325444.space%2F%3Futm_medium%3D1c8a39bdc24f9bf01... Page URL
https://369.325444.space/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=2... Page URL
https://369.325444.space/?utm_term=7296974716651176025&tid=57696e3332 Page URL
https://369.325444.space/proc.php?4b652957eecca083524186cb9dffa982eb110643 Page URL
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296974716651176025&sourceid=21977-702b5be1... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

98 %
HTTPS

44 %
IPv6

23
Domains

30
Subdomains

26
IPs

2
Countries

636 kB
Transfer

1642 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wildwingshackers.blogspot.mx/ HTTP 302
https://wildwingshackers.blogspot.com/ Page URL
https://xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a HTTP 302
https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdCpCijNriZNrrjNdGCrCZZZCCrixCrrkCrCrGCxCiripGdAiGCCr_37367&adApiR=loaded_string_64525b16d7f37f7c31351da7a58961b11c07_2938039_1698959319.4352_86013&refferer=1444241354_aHR0cHM6Ly93aWxkd2luZ3NoYWNrZXJzLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eHZhYWEuY29t_b27f4323ffcbd676efba210360bec1a5 Page URL
https://010500.shop/go.php?go=https%3A%2F%2F369.325444.space%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D28288461%26cid%3D90affC1698959320afff276b51913667a055a77%26np%3D2&do=4ad084f30e27279c9d46821c31297390 Page URL
https://369.325444.space/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=28288461&cid=90affC1698959320afff276b51913667a055a77&np=2 Page URL
https://369.325444.space/?utm_term=7296974716651176025&tid=57696e3332 Page URL
https://369.325444.space/proc.php?4b652957eecca083524186cb9dffa982eb110643 Page URL
https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296974716651176025&sourceid=21977-702b5be1&tt=2&geo=us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://wildwingshackers.blogspot.mx/ HTTP 302
https://wildwingshackers.blogspot.com/

Request Chain 44

https://xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a HTTP 302
https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdCpCijNriZNrrjNdGCrCZZZCCrixCrrkCrCrGCxCiripGdAiGCCr_37367&adApiR=loaded_string_64525b16d7f37f7c31351da7a58961b11c07_2938039_1698959319.4352_86013&refferer=1444241354_aHR0cHM6Ly93aWxkd2luZ3NoYWNrZXJzLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eHZhYWEuY29t_b27f4323ffcbd676efba210360bec1a5

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
wildwingshackers.blogspot.com/
Redirect Chain

https://wildwingshackers.blogspot.mx/
https://wildwingshackers.blogspot.com/

169 KB
31 KB

329ms
322ms

Document
text/html

2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

350b9af3c883b943789ac5e2db591e9cdbbcc7e81986691e51b17594495dbc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 31146
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 21:08:37 GMT
etag: W/"ded8fb72d34982e9bed220f5bfe0b02b695444c8ee1fadaa74e02836caddc799"
expires: Thu, 02 Nov 2023 21:08:37 GMT
last-modified: Sun, 29 Oct 2023 11:53:11 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 184
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 21:08:36 GMT
expires: Thu, 02 Nov 2023 21:08:36 GMT
location: https://wildwingshackers.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 157ms
52ms Stylesheet
text/css 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 10:53:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 27 Oct 2024 06:20:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 168ms
64ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa2ffb7c65b435c047399db6f6054fd670cf9f49e8dd5128dce584cb0dcfd98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 21:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 21:08:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 21:08:37 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 97ms
39ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 878
age: 1160243
cdn-cachedat: 09/04/2022 07:29:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6a2250933d711b3739cc62040ac0911a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 81ff5a95ad9e8dd0-MIA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 159ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 07:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 07:53:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 186ms
82ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0d882180111073360bf6b97f49a76e3825a034f464b048ebaf6afc993ee342b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wildwingshackers.blogspot.com/
Origin: https://wildwingshackers.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51901
x-xss-protection: 0
server: cafe
etag: 16025403229934810442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 21:08:37 GMT

GET
H/1.1 403
Forbidden invoke.js
pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/ 0
0 1595ms
58ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 21:08:39 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/ 0
0 661ms
59ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 21:08:38 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 icon18_email.gif
img1.blogblog.com/img/ 164 B
302 B 125ms
123ms Image
image/gif 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/icon18_email.gif

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:40:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Nov 2023 12:54:02 GMT
server: sffe
age: 12492
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 09 Nov 2023 17:40:25 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
275 B 128ms
126ms Image
image/gif 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:58:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 11:50:15 GMT
server: sffe
age: 482989
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 04 Nov 2023 06:58:48 GMT

GET
H2 200 slider.php Show response
udbaa.com/ 2 KB
2 KB 478ms
161ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/slider.php?section=General&pub=846527&ga=g&side=random
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: c3da06f737aabfc1d22db8745b7a3693b4decc79c59eefe079a01607c081e3e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 21:08:37 GMT
last-modified: Thu, 02 Nov 2023 21:08:37 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 02 Nov 2023 21:08:37 GMT

GET
H/1.1 200
OK 208696X1688490.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 89ms
29ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/208696X1688490.skimlinks.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: bba939b87d9bb798a659892594869d4595ea5d71cf87e229cb0a26c6948d2777

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 21:08:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 07:06:05 GMT
Server: AmazonS3
x-amz-request-id: E1M5AEB2RW23YPSQ
ETag: "6fc5471bb969b0d7ae4d212f26761a1a"
Transfer-Encoding: chunked
X-HW: 1698959317.cds227.mi1.hn,1698959317.cds230.mi1.c
Content-Type: application/octet-stream
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
x-amz-id-2: pguyP+4kt7u6W5fcl4dvIpws25BmFwsQYYl/OO42LNS+tS6MJihorBovfzn6g46nOOhnwwRcLvk=

GET
H/1.1 403
Forbidden 58ae8f59bb8e156b1e414c15667737f5.js
pl17008343.trustedcpmrevenue.com/58/ae/8f/ 0
0 1198ms
61ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 21:08:38 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 mobile_redir.php Show response
xvaaa.com/ 101 B
355 B 1074ms
150ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xvaaa.com/mobile_redir.php?section=General&pub=846527&ga=a&desktop=1
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: f3cc1dfff59d1b830b57a2205b2051a52d2443400670fbfe95be1d1db55ec681

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 21:08:38 GMT
last-modified: Thu, 02 Nov 2023 21:08:38 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 02 Nov 2023 21:08:38 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
3 KB 118ms
50ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: accb56837a60abbc5097bafd25ffee0b35ed7fd6d6c5272ade09b64f4af2f3f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 08:14:26 GMT
server: cloudflare
age: 7932
etag: W/"102c-608eaa05ef4d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 81ff5a97dbe5da2b-MIA
expires: Thu, 02 Nov 2023 19:56:25 GMT

GET
H2 200 3737540651-widgets.js Show response
www.blogger.com/static/v1/widgets/ 159 KB
58 KB 55ms
52ms Script
text/javascript 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3737540651-widgets.js

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee7526028d355549d5bc576073aa927ea34d48a7512b12c077d88a8d24089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326955
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58997
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 00:50:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 29 Oct 2024 02:19:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 162ms
54ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

667a778ba64f84e0978ac69d0cdda10461cbc2f8f8b6ede09aa70e67a7014251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 21:08:37 GMT
content-md5: s8WpPDX9AKlkeVRdTElyHw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints
x-fb-debug: OV1q1PkKqpR4UNC0xKMHeazOYG6O0GEsKMAa9KuLgTIKRKE2zowI0OZhgpio5RiL8OQJWH7MyMhA5BDDj/iy6Q==
x-fb-content-md5: 1234ec549e9914afb2f8508e7152de2d
cross-origin-opener-policy: same-origin-allow-popups
etag: "3994e35b1d600ee4398db53303974910"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 02 Nov 2023 21:27:59 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 128ms
126ms Stylesheet
text/css 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6631735251177470405&zx=f7d542dc-37a3-4fa6-a913-fe798c6ead63

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 02 Nov 2023 21:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Nov 2023 21:08:37 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/ 0
0 544ms
59ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 21:08:38 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 icon18_email.gif
img1.blogblog.com/img/ 164 B
187 B 57ms
57ms Image
image/gif 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.blogblog.com/img/icon18_email.gif

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:40:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Nov 2023 12:54:02 GMT
server: sffe
age: 12492
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 09 Nov 2023 17:40:25 GMT

GET
H3 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
185 B 57ms
56ms Image
image/gif 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:58:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 11:50:15 GMT
server: sffe
age: 482989
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 04 Nov 2023 06:58:48 GMT

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/ 0
0 1421ms
61ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://wildwingshackers.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 02 Nov 2023 21:08:39 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 bg.png
1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/ 3 KB
3 KB 155ms
51ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32df16fb278d8f2f3340202fda7810da07736103323da7ab658378c64f64af03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:56:43 GMT
x-content-type-options: nosniff
age: 11514
content-disposition: inline;filename="bg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2891
x-xss-protection: 0
server: fife
etag: "v599"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 03 Nov 2023 17:56:43 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/9e_RkrNnT88/ 1 KB
1 KB 175ms
70ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9e_RkrNnT88/default.jpg

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Thu, 02 Nov 2023 21:09:07 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/-b7ecHYrNi0/ 1 KB
1 KB 161ms
56ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/-b7ecHYrNi0/default.jpg

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Thu, 02 Nov 2023 21:09:07 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/UNBkC3HlgJI/ 1 KB
1 KB 161ms
56ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UNBkC3HlgJI/default.jpg

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Thu, 02 Nov 2023 21:09:07 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/foUgF1i0OPU/ 1 KB
1 KB 58ms
57ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/foUgF1i0OPU/default.jpg

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Thu, 02 Nov 2023 21:09:07 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/e6FYXCYjrto/ 1 KB
1 KB 66ms
65ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/e6FYXCYjrto/default.jpg

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
x-xss-protection: 0
expires: Thu, 02 Nov 2023 21:09:07 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/E442xeR6Jcg/ 3 KB
3 KB 59ms
58ms Image
image/jpeg 2607:f8b0:4004:c08::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/E442xeR6Jcg/default.jpg

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::77 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6240339a8d1e84f8cd25fbd8d3c731645a9232a64f55b6ad50eb8af7b8c587f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3130
x-xss-protection: 0
server: sffe
etag: "1487887503"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Nov 2023 23:08:37 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 83ms
49ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://wildwingshackers.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 976
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d0ac452f2f28962626680cc5d09fd8a3
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 81ff5a97bb85dae9-MIA
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 156ms
52ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wildwingshackers.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:38:33 GMT
x-content-type-options: nosniff
age: 484204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 06:38:33 GMT

GET
H2 200 UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v19/ 16 KB
16 KB 231ms
127ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolight/v19/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wildwingshackers.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:39:25 GMT
x-content-type-options: nosniff
age: 545352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16296
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:21:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 13:39:25 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 253ms
150ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wildwingshackers.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:27:16 GMT
x-content-type-options: nosniff
age: 484881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 06:27:16 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 106ms
106ms Stylesheet
text/css 2607:f8b0:4004:c06::bf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=6631735251177470405&zx=f7d542dc-37a3-4fa6-a913-fe798c6ead63

Requested by

Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::bf Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 02 Nov 2023 21:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Nov 2023 21:08:37 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 107ms
53ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b3854527c2991b8ce1833402a6dec645

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd4bc9677fd352c04af0ac342fc50ee493e9ef189ebb569f29cfb2906b09736e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wildwingshackers.blogspot.com/
Origin: https://wildwingshackers.blogspot.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 21:08:37 GMT
content-md5: iHj9kmI4mCdFCvYoVPe4DQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88330
reporting-endpoints
x-fb-debug: VPXfOfWy9AuOHdZbcCGHBO3NYBRXaJbQvLLcHkHpy2cp2lvCG4Npozl+jRL1sgWD2UXV9JbLQ9MMNkY6HKevBg==
x-fb-content-md5: 46acfa65a760b594e7c77eb35aea11d8
cross-origin-opener-policy: same-origin-allow-popups
etag: "c6ff9a252b08c24606f83c6a327063c2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Nov 2024 19:10:37 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/ 399 KB
135 KB 210ms
106ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b781202ae855ed91c923bfa4b7b11e0d0ef53545284dac916bee27cf9352459e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138189
x-xss-protection: 0
server: cafe
etag: 2637180800539202508
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 21:08:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame 0E16 10 KB
5 KB 314ms
51ms Document
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wildwingshackers.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 13:39:23 GMT
etag: 251720774729838433
expires: Thu, 16 Nov 2023 13:39:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08C8 603 B
245 B 165ms
164ms Document
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6794290122359041&output=html&adk=1812271804&adf=3025194257&lmt=1698580391&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwildwingshackers.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698959317937&bpp=3&bdt=630&idt=338&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5425687683251&frm=20&pv=2&ga_vid=1151589990.1698959318&ga_sid=1698959318&ga_hid=885499492&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079232%2C44805931%2C44807048%2C44807464%2C31078301%2C31079328&oid=2&pvsid=3496547740687357&tmod=873243254&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=361

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_fy2021.js?bust=31079328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wildwingshackers.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 21:08:38 GMT
expires: Thu, 02 Nov 2023 21:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden invoke.js
pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/ 0
0 56ms
56ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 21:08:39 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
383 B 109ms
44ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/208696X1688490.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

cd4a774e83fe299f29054c58d38164c5f61bc1db97a1286aec8ee15722ad9bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://wildwingshackers.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 Nov 2023 21:08:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wildwingshackers.blogspot.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 5FB3 0
123 B 199ms
43ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.1969387882502236
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:08:39 GMT
via: 1.1 google
cache-control: private, no-store
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 115ms
42ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=7.8859989723672115
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 02 Nov 2023 21:08:39 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 114ms
41ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=7.8859989723672115
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 02 Nov 2023 21:08:39 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 slider.php
udbaa.com/ 2 KB
2 KB 165ms
163ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://udbaa.com/slider.php?section=General&pub=846527&ga=g&side=random
Requested by: Host: wildwingshackers.blogspot.com
URL: https://wildwingshackers.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wildwingshackers.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 21:08:39 GMT
last-modified: Thu, 02 Nov 2023 21:08:39 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 02 Nov 2023 21:08:39 GMT

GET
H2

200

/
qoca.site/799a0834dd/e0a1f499cb/
Redirect Chain

https://xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a
https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdCpCijNriZNrrjNdGCrCZZZCCrixCrrkCrCrGCxCiripGdAiGCCr_37367&adApiR=loaded_string_64525b16d7f37f7c31351da7a...

706 B
715 B

587ms
168ms

Document
text/html

185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdCpCijNriZNrrjNdGCrCZZZCCrixCrrkCrCrGCxCiripGdAiGCCr_37367&adApiR=loaded_string_64525b16d7f37f7c31351da7a58961b11c07_2938039_1698959319.4352_86013&refferer=1444241354_aHR0cHM6Ly93aWxkd2luZ3NoYWNrZXJzLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eHZhYWEuY29t_b27f4323ffcbd676efba210360bec1a5

Requested by

Host: xvaaa.com
URL: https://xvaaa.com/mobile_redir.php?section=General&pub=846527&ga=a&desktop=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wildwingshackers.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 21:08:40 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

Redirect headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 21:08:39 GMT
expires: Thu, 02 Nov 2023 21:08:39 GMT
last-modified: Thu, 02 Nov 2023 21:08:39 GMT
location: https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdCpCijNriZNrrjNdGCrCZZZCCrixCrrkCrCrGCxCiripGdAiGCCr_37367&adApiR=loaded_string_64525b16d7f37f7c31351da7a58961b11c07_2938039_1698959319.4352_86013&refferer=1444241354_aHR0cHM6Ly93aWxkd2luZ3NoYWNrZXJzLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eHZhYWEuY29t_b27f4323ffcbd676efba210360bec1a5
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 go.php
010500.shop/ 645 B
351 B 488ms
156ms Document
text/html 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://010500.shop/go.php?go=https%3A%2F%2F369.325444.space%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D28288461%26cid%3D90affC1698959320afff276b51913667a055a77%26np%3D2&do=4ad084f30e27279c9d46821c31297390

Requested by

Host: qoca.site
URL: https://qoca.site/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XGACjdGpjdkAjCiGkkjdCpCijNriZNrrjNdGCrCZZZCCrixCrrkCrCrGCxCiripGdAiGCCr_37367&adApiR=loaded_string_64525b16d7f37f7c31351da7a58961b11c07_2938039_1698959319.4352_86013&refferer=1444241354_aHR0cHM6Ly93aWxkd2luZ3NoYWNrZXJzLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eHZhYWEuY29t_b27f4323ffcbd676efba210360bec1a5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.8.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://qoca.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 21:08:40 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 /
369.325444.space/ 1 KB
957 B 197ms
65ms Document
text/html 99.198.106.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://369.325444.space/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=28288461&cid=90affC1698959320afff276b51913667a055a77&np=2
Requested by: Host: 010500.shop
URL: https://010500.shop/go.php?go=https%3A%2F%2F369.325444.space%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D28288461%26cid%3D90affC1698959320afff276b51913667a055a77%26np%3D2&do=4ad084f30e27279c9d46821c31297390
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.198.106.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.12
Resource Hash

Request headers

Referer: https://010500.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 21:08:40 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

GET
H2 200 / Show response
369.325444.space/ 6 KB
2 KB 103ms
103ms Document
text/html 99.198.106.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://369.325444.space/?utm_term=7296974716651176025&tid=57696e3332
Requested by: Host: 369.325444.space
URL: https://369.325444.space/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=28288461&cid=90affC1698959320afff276b51913667a055a77&np=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.198.106.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.12
Resource Hash: 7ffd2764b423bdc9b2835d770a828693a423a80fc8a3cccaae5064fa31f01223

Request headers

Referer: https://369.325444.space/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=28288461&cid=90affC1698959320afff276b51913667a055a77&np=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 02 Nov 2023 21:08:40 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

GET
H2 200 proc.php
369.325444.space/ 1 KB
1 KB 67ms
66ms Document
text/html 99.198.106.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://369.325444.space/proc.php?4b652957eecca083524186cb9dffa982eb110643
Requested by: Host: 369.325444.space
URL: https://369.325444.space/?utm_term=7296974716651176025&tid=57696e3332
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.198.106.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.12
Resource Hash

Request headers

Referer: https://369.325444.space/?utm_term=7296974716651176025&tid=57696e3332
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 Nov 2023 21:08:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296974716651176025&sourceid=21977-702b5be1&tt=2&geo=us
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

GET
H2 200 Primary Request tds3_2.html
for-j.com/ 45 KB
14 KB 182ms
111ms Document
text/html 172.64.155.33

General

Check archive.org

Show headers Download Go to

Full URL: https://for-j.com/tds3_2.html?zoneid=5460780&ymid=M7296974716651176025&sourceid=21977-702b5be1&tt=2&geo=us
Requested by: Host: 369.325444.space
URL: https://369.325444.space/proc.php?4b652957eecca083524186cb9dffa982eb110643
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.33 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://369.325444.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 123992
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 81ff5ac6cf78db01-MIA
content-encoding: br
content-type: text/html
date: Thu, 02 Nov 2023 21:08:45 GMT
expires: Sun, 03 Dec 2023 21:08:45 GMT
last-modified: Fri, 27 Oct 2023 10:22:36 GMT
server: cloudflare
vary: Accept-Encoding

GET afu.php
ak.hetahien.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ak.hetahien.com
URL: https://ak.hetahien.com/afu.php?zoneid=5460780&ymid=M7296974716651176025&var=21977-702b5be1

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qoca.site/799a0834dd/e0a1f499cb	1970-01-20 15:56:23	Name: total_impressions Value: 1
.doubleclick.net/	1970-01-20 15:56:00	Name: test_cookie Value: CheckForPermission
.xvaaa.com/	1970-01-20 15:56:24	Name: used_ad2938039 Value: 1
.xvaaa.com/	1970-01-20 15:56:24	Name: total_impressions Value: 1
.xvaaa.com/	1970-01-20 16:39:11	Name: cpa_673873 Value: popup_867486958_4
qoca.site/	1970-01-20 15:56:23	Name: used_ad2938039 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://wildwingshackers.blogspot.com/(Line 3319) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://wildwingshackers.blogspot.com/(Line 3319) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://i.ytimg.com/vi/-b7ecHYrNi0/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ytimg.com/vi/UNBkC3HlgJI/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ytimg.com/vi/foUgF1i0OPU/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ytimg.com/vi/e6FYXCYjrto/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ytimg.com/vi/9e_RkrNnT88/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl17008340.highrevenuegate.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

010500.shop
1.bp.blogspot.com
369.325444.space
ajax.googleapis.com
ak.hetahien.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
for-j.com
googleads.g.doubleclick.net
i.ytimg.com
img1.blogblog.com
maxcdn.bootstrapcdn.com
p.skimresources.com
pagead2.googlesyndication.com
pl17008340.highrevenuegate.com
pl17008340.trustedcpmrevenue.com
pl17008343.trustedcpmrevenue.com
qoca.site
r.skimresources.com
resources.blogblog.com
resources.infolinks.com
s.skimresources.com
t.skimresources.com
udbaa.com
wildwingshackers.blogspot.com
wildwingshackers.blogspot.mx
www.blogger.com
www.effectivedisplaycontent.com
xvaaa.com
ak.hetahien.com
151.139.128.10
172.64.155.33
172.66.42.247
173.233.137.44
173.233.139.164
185.66.200.220
185.66.201.43
185.66.201.8
192.243.59.20
192.243.61.225
2606:4700::6812:acf
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c06::bf
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::77
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1d::5f
2a03:2880:f003:100:face:b00c:0:3
35.190.59.101
35.190.91.160
35.201.67.47
99.198.106.197
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
32df16fb278d8f2f3340202fda7810da07736103323da7ab658378c64f64af03
350b9af3c883b943789ac5e2db591e9cdbbcc7e81986691e51b17594495dbc4b
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
667a778ba64f84e0978ac69d0cdda10461cbc2f8f8b6ede09aa70e67a7014251
685ee7526028d355549d5bc576073aa927ea34d48a7512b12c077d88a8d24089
7ffd2764b423bdc9b2835d770a828693a423a80fc8a3cccaae5064fa31f01223
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
accb56837a60abbc5097bafd25ffee0b35ed7fd6d6c5272ade09b64f4af2f3f2
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b781202ae855ed91c923bfa4b7b11e0d0ef53545284dac916bee27cf9352459e
bba939b87d9bb798a659892594869d4595ea5d71cf87e229cb0a26c6948d2777
c3da06f737aabfc1d22db8745b7a3693b4decc79c59eefe079a01607c081e3e7
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cd4a774e83fe299f29054c58d38164c5f61bc1db97a1286aec8ee15722ad9bad
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4bc9677fd352c04af0ac342fc50ee493e9ef189ebb569f29cfb2906b09736e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f0d882180111073360bf6b97f49a76e3825a034f464b048ebaf6afc993ee342b
f3cc1dfff59d1b830b57a2205b2051a52d2443400670fbfe95be1d1db55ec681
f6240339a8d1e84f8cd25fbd8d3c731645a9232a64f55b6ad50eb8af7b8c587f
fa2ffb7c65b435c047399db6f6054fd670cf9f49e8dd5128dce584cb0dcfd98f
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

for-j.com Open in urlscan Pro 172.64.155.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

44 %IPv6

23 Domains

30 Subdomains

26 IPs

2 Countries

636 kBTransfer

1642 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

for-j.com Open in urlscan Pro
172.64.155.33 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

44 %
IPv6

23
Domains

30
Subdomains

26
IPs

2
Countries

636 kB
Transfer

1642 kB
Size

6
Cookies

51 HTTP transactions
0 data transactions