urlscan.io logo urlscan.io
SecurityTrails logo

icewahl.com Open in urlscan Pro
35.208.79.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kasebook.info/
Effective URL: https://icewahl.com/sarasleuth/kasebook/
Submission: On October 25 via api from BD — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 42 HTTP transactions. The main IP is 35.208.79.127, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is icewahl.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 9th 2022. Valid for: a year.
This is the only time icewahl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.255.119.62 (United States)

ASN22612 (NAMECHEAP-NET, US)
kasebook.info
25    35.208.79.127 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 127.79.208.35.bc.googleusercontent.com
icewahl.com
10    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
25 icewahl.com
icewahl.com
282 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
209 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
694 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 kasebook.info
kasebook.info
255 B
42 9
Domain Requested by
25 icewahl.com 1 redirects icewahl.com
7 pagead2.googlesyndication.com icewahl.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com icewahl.com
1 kasebook.info 1 redirects
42 11

This site contains links to these domains. Also see Links.

Domain
kasebook.info
Subject Issuer Validity Valid
icewahl.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-09 -
2023-05-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://icewahl.com/sarasleuth/kasebook/
Frame ID: 779A082F643110723B9B288A74292E3D
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: 23DBE70805E994C2D980B8C14CC600EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6204565184215791&output=html&adk=1812271804&adf=3025194257&lmt=1666661839&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ficewahl.com%2Fsarasleuth%2Fkasebook%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666661839508&bpp=2&bdt=629&idt=249&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=134403608271&frm=20&pv=2&ga_vid=1306585539.1666661840&ga_sid=1666661840&ga_hid=1357293095&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531705%2C31070426%2C31070467%2C44775016%2C31068919&oid=2&pvsid=1025748312517655&tmod=839905068&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: A0D5465348B068AA1A36278497CEBB15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 192B74615A48AA56974C981A1B95466D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25E5803B6D1AEC05DEDF5396CA3969D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome - kasebook

Page URL History Show full URLs

  1. http://kasebook.info/ HTTP 302
    https://icewahl.com/sarasleuth/kasebook HTTP 301
    https://icewahl.com/sarasleuth/kasebook/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

11
Subdomains

8
IPs

2
Countries

544 kB
Transfer

1143 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kasebook.info/ HTTP 302
    https://icewahl.com/sarasleuth/kasebook HTTP 301
    https://icewahl.com/sarasleuth/kasebook/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
icewahl.com/sarasleuth/kasebook/
Redirect Chain
  • http://kasebook.info/
  • https://icewahl.com/sarasleuth/kasebook
  • https://icewahl.com/sarasleuth/kasebook/
17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1d6b20d07f3ae2c0997075ed9cd90dc2e20d921ca8c013db3946bd396da8270

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 01:37:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT 0
host-header
6b7412fb82ca5edfd0917e3957f05d89
pragma
no-cache no-cache
server
nginx
vary
Accept-Encoding
x-httpd
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_INVALID_EXPIRES

Redirect headers

content-length
248
content-type
text/html; charset=iso-8859-1
date
Tue, 25 Oct 2022 01:37:18 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://icewahl.com/sarasleuth/kasebook/
server
nginx
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:
style.css
icewahl.com/sarasleuth/kasebook//themes/spacebook/ 		71 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//themes/spacebook/style.css
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
33938bb7d496bf79b71afb21fb047cceda3c92f3a4df07d390380e8bd7f49da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Fri, 21 Oct 2022 12:04:55 GMT
server
nginx
etag
W/"63528ae7-11c56"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
jquery.js
icewahl.com/sarasleuth/kasebook//themes/spacebook/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//themes/spacebook/js/jquery.js
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Sun, 11 Sep 2022 14:30:15 GMT
server
nginx
etag
W/"631df0f7-15d9c"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
jquery.timeago.js
icewahl.com/sarasleuth/kasebook//themes/spacebook/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//themes/spacebook/js/jquery.timeago.js
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa96d94e0dd09fa82f84c719d841c3dd9e3a6806e04da2c65709366af87b3938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Sun, 11 Sep 2022 14:30:15 GMT
server
nginx
etag
W/"631df0f7-1cba"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
functions.js
icewahl.com/sarasleuth/kasebook//themes/spacebook/js/ 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//themes/spacebook/js/functions.js
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fd7425e990c2e8dd93ea80547bb257354d215b2f2dd92b75d5f8d9e38986b6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Sun, 11 Sep 2022 14:30:15 GMT
server
nginx
etag
W/"631df0f7-11f83"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
poll.css
icewahl.com/sarasleuth/kasebook//plugins/poll/ 		2 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/poll/poll.css
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0dfb644a39d19bebfa04ee088afbd7ccd5084a1c9c29b00cd4717b05f53635df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-744"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
social_share.css
icewahl.com/sarasleuth/kasebook//plugins/social_share/ 		4 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/social_share/social_share.css
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d7501e1311ce428e0c9e76b33a3b8483132e256e9dad15c0f935851926f93c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-1193"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
dislike.css
icewahl.com/sarasleuth/kasebook//plugins/dislike/ 		558 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/dislike/dislike.css
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fadca979e3b5bac6dc73303ec85a8fc2167b5c5e875a8d04c8119680eaad5d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-22e"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
url_parser.css
icewahl.com/sarasleuth/kasebook//plugins/url_parser/ 		487 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/url_parser/url_parser.css
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5d5c00470240d4a75936959a6f05e45a097f62b0b12ff854b71d6eeb43fcde7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-1e7"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
poll.js
icewahl.com/sarasleuth/kasebook//plugins/poll/ 		2 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/poll/poll.js
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6aec1bcb338cf638173f375e5252eb71bf4e01e1904846c6d41c885dbdb8ae38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-779"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
social_share.js
icewahl.com/sarasleuth/kasebook//plugins/social_share/ 		3 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/social_share/social_share.js
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
97e1fe70db8dd18f8c06ffc4508b925ba00e633e3b00c2bb01239b73ba6f2025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:18 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-a53"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:18 GMT
dislike.js
icewahl.com/sarasleuth/kasebook//plugins/dislike/ 		480 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://icewahl.com/sarasleuth/kasebook//plugins/dislike/dislike.js
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
712c16e531a0aee4e33008b090db1bdb7639562eb42aa8835d8cf7189a79a859

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
br
last-modified
Wed, 06 Jul 2022 13:27:34 GMT
server
nginx
etag
W/"62c58dc6-1e0"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Wed, 25 Oct 2023 01:37:19 GMT
693700293_1129795028_276088222.png
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/693700293_1129795028_276088222.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c9b1665dc825e09ab7037c0032240009c5e9b17884989b0487b799b341c7deac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/png
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
22298
x-proxy-cache
MISS
1004458509_1958301205_1852401605.png
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/1004458509_1958301205_1852401605.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c9b1665dc825e09ab7037c0032240009c5e9b17884989b0487b799b341c7deac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/png
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
22298
x-proxy-cache
MISS
1851313554_1835376556_69933391.png
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/1851313554_1835376556_69933391.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f4ff39e2ebce2c2716a50067ff29509190e8ee4bc633c6b43c468cf7824500a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/png
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
22070
x-proxy-cache
MISS
2102319262_780422906_502017274.png
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/2102319262_780422906_502017274.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
085a01e726f9ad40fb440339b943ddb9c2853bcbf76c6904b4b2d8c56cfbd56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/png
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
30073
x-proxy-cache
MISS
1093576993_2035129474_437167118.png
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/1093576993_2035129474_437167118.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
41f4c83dcb9070d509f9bff0f972d495f125ed722d85783368169aa78cf6b6cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/png
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
26355
x-proxy-cache
MISS
1212946473_22215381_1883531606.jpg
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/1212946473_22215381_1883531606.jpg
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ac748cc809f6e4003d13cda0fd6247e6e28be19b6028b0f1db2f89a6b3fc27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/jpeg
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
7115
x-proxy-cache
MISS
1301283943_1794422330_1174959402.png
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/1301283943_1794422330_1174959402.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0e4851dc5f0a371f6d136c7d8774fc23092323a8eb0b8de39efa526fd9823494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/jpeg
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
6307
x-proxy-cache
MISS
652517113_1356078467_1965931304.jpg
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/652517113_1356078467_1965931304.jpg
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5ca90aed2935a159d07732567e0147b7092deea5b1b0ce15837d85e4c361d0bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/jpeg
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
6422
x-proxy-cache
MISS
1158675410_1701937345_746513822.jpg
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/1158675410_1701937345_746513822.jpg
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
33f56d51809e2b10e54744bd5fc45c73242945610b0b48821e647d5829c35a83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/jpeg
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
5190
x-proxy-cache
MISS
870209480_1607301199_1806269349.jpg
icewahl.com/sarasleuth/kasebook//image/a/112/112/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//image/a/112/112/870209480_1607301199_1806269349.jpg
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4bcd19dff81c226fbe7a80a32c4b37589c4a491031a4bc680b2884180f7c6031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Fri, 04 Nov 2022 01:37:19 GMT, 0
pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-type
image/jpeg
x-httpd
1
cache-control
max-age=864000000, must-revalidate, no-cache, no-store, must-revalidate
accept-ranges
none
host-header
6b7412fb82ca5edfd0917e3957f05d89
content-length
6045
x-proxy-cache
MISS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6204565184215791
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e72286c5b19e03b0798435cc8fe8107a36ee64418d3126adf8ab1dd1d1f1fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://icewahl.com/
Origin
https://icewahl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
cafe
etag
7778694653965669247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:37:19 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook//themes/spacebook/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 23:42:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Oct 2022 01:37:19 GMT
logo.png
icewahl.com/sarasleuth/kasebook//themes/spacebook/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//themes/spacebook/images/logo.png
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook//themes/spacebook/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ad481201180da722891e9f0b26fcf40451c3093ab8e8ccfb4ef2feac2d46144

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook//themes/spacebook/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
last-modified
Sun, 23 Oct 2022 23:23:30 GMT
server
nginx
etag
"6355ccf2-ebd4"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
60372
expires
Wed, 25 Oct 2023 01:37:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://icewahl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options
nosniff
age
24405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 18:50:34 GMT
captcha.php
icewahl.com/sarasleuth/kasebook//includes/ 		490 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icewahl.com/sarasleuth/kasebook//includes/captcha.php?dir=ltr
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.79.127 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.79.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d6cb8e9e79bd37345586fef2653b19b8aa089e5dd6035f5226512b17ddb5fdf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/sarasleuth/kasebook/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT, 0
pragma
no-cache, no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
server
nginx
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_INVALID_EXPIRES
content-type
image/png
x-httpd
1
cache-control
no-store, no-cache, must-revalidate, no-cache, no-store, must-revalidate
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6204565184215791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d263f0115fa690a8234a340794715c47ab2f78c934c3364f9d799451aa0ccc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
server
cafe
etag
14740146034192792558
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:37:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame 23DB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6204565184215791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://icewahl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 15:18:21 GMT
etag
9671129459699598864
expires
Mon, 07 Nov 2022 15:18:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		389 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=icewahl.com&callback=_gfp_s_&client=ca-pub-6204565184215791&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff4a27268a888f0edaedc2f01c6eda009b170ff4309842f6e17433249d645a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=icewahl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=icewahl.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ficewahl.com%2Fsarasleuth%2Fkasebook%2F&tn=DIV&cls=topbar&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: icewahl.com
URL: https://icewahl.com/sarasleuth/kasebook/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 01:37:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A0D5 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6204565184215791&output=html&adk=1812271804&adf=3025194257&lmt=1666661839&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ficewahl.com%2Fsarasleuth%2Fkasebook%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666661839508&bpp=2&bdt=629&idt=249&shv=r20221020&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=134403608271&frm=20&pv=2&ga_vid=1306585539.1666661840&ga_sid=1666661840&ga_hid=1357293095&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531705%2C31070426%2C31070467%2C44775016%2C31068919&oid=2&pvsid=1025748312517655&tmod=839905068&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://icewahl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 01:37:19 GMT
expires
Tue, 25 Oct 2022 01:37:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2af0ed9fd3d556dd160a97c0e3062ee356467e13f0f21576a0bef5c4a33e28ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11375
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6204565184215791&plah=icewahl.com&bust=31070467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Oct 2022 01:37:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 192B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://icewahl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 18:35:06 GMT
expires
Tue, 24 Oct 2023 18:35:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 25E5 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24e8dbad4f7e99fcbe59adea92e8338e6e0a83c4b6f859e6d30218336846b312
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CsFiaorItrwedAqCGZI4IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://icewahl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-CsFiaorItrwedAqCGZI4IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 01:37:20 GMT
expires
Tue, 25 Oct 2022 01:37:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
pagead2.googlesyndication.com/bg/ Frame 192B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 10:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16117
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 23 Oct 2023 10:36:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 25E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=1025748312517655&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 192B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qCgrag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 01:37:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=1025748312517655&bg=!-_il-LzNAAaaxvStusY7ACkAdvg8WqZgyaUi53b74WMq88UmQNQKyhyDLyiHgod2_tfsBbwSo5mMugIAAABWUgAAAAJoAQcKAEystzCPET76jxSioSk06G8sRk9Zh-G_-uX7OLdYs_o9VCbo87My1CEFHBTKxL8N_sC-VZCeCqUes0g1nMGKjviqJ8b0PY8MDj3UuVKomQKYPfpLM42DbswrvdUc43FHXNwTW4ambb4aUNLlBRVu5Q-4uJ1mh0YcAi98hdNdvo8nPsErayswSXoGIiRL9MCEjXRqFuYaBjFWGqYr9kgQM6KZ_J1E7KsgqfjqJQZSFe2r3081rb0UYDfOZcCMm97jeuSBGOKNGEwn8ZdXoog6gigX6C4-iijZX3Ly_qS6mlp37tcQurpeEt9SBuuOI3zDDpHVfS5cxOZgJdL1uhAW8GcGak2G8rg_Mx0fA1EgjZpBZqllfCSqfzNwwMwkweOEGQTyTZyYZwlyUMFuglQ275rF_P2X0htSXH8dBc0ztBAQPGczCPc1RTGKaxtGuMg6rDLOl6tcx03dZaYnv6sRo2UXbbO96LR6oB1NYevDVd-7gu-Rkzr7vk-uGLpxkh8PZC1m4oKEbt8AX-CSslYqxBZN_iJwxm9vmPcPrPdadcVVQ9YcpiMktlS7RkB7FHynems_mkHTitSTD421aU8q-xWS3lVIo0kyBECzK1TtZA60Qbp3VxRnlF8vDDkHOvCIEq2pdN2jSvG5fzntNruzpMBVI5rDhdOPpVb5ysn5ltTPAgf-G0O9QybbwpgjsYqiUDtVf1OxAns8j4_rOoecFiQv6C_CnwTC4mlB-U2nP6rMi5h4tGULj78IkgMx5aonwfl5dIDyDZpajs0W8WFzPRN0GKtNV4zi4LoAozupPqj8TFeb5OI3zCGP1Prj6k3ScuQ20SMw6_0hE25CETZbsNASto0E4C3ChtcUSaBd6poBpwSZzQpqh--t_bWVpT2_NYBJewzWn_gEk7tJQjp8dbcGhDfHfBMXJONACMb3rawWvV5Jk-RusmUNxASl_CzH6zQQgqkgwAf-xwHXGTSiUyPipTVMIFSYHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icewahl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| baseUrl string| token_id string| search_users_url string| search_tags_url string| search_groups_url string| search_pages_url string| lng_download string| lng_close string| lng_just_now string| lng_ta_second string| lng_ta_seconds string| lng_ta_minute string| lng_ta_minutes string| lng_ta_hour string| lng_ta_hours string| lng_ta_day string| lng_ta_days string| lng_ta_week string| lng_ta_weeks string| lng_ta_month string| lng_ta_months string| lng_ta_year string| lng_ta_years string| lng_ago string| lng_dir function| $ function| jQuery function| autosize function| showButton function| loadComments function| loadFeed function| loadPage function| loadGroup function| loadPeople function| loadProfile function| loadHashtags function| loadSubs function| loadBlocked function| postComment function| share function| doShare function| deleteModal function| cameraModal function| likesModal function| sharesModal function| hideModal function| loadLikes function| loadShares function| hideSearch function| delete_the function| edit_message function| edit_comment function| report_the function| friend function| loadNotifications function| page function| group function| deleteNotification function| privacy function| manage_the function| manage_report function| doLike function| doBlock function| poke function| showNotification function| checkNewMessages function| postChatImage function| postChat function| chatInput function| checkChat function| loadChat function| addSmile function| showEmojis function| chatPluginContainer function| openChatWindow function| closeChatWindow function| minimizeChatWindow function| disableTitleAlert function| addFriendArray function| cleanOldFid function| startUpload function| stopUpload function| focus_form function| resizeGallery function| manageResults function| chatLiveSearch function| profileCard function| notificationTitle function| dropdownMenu function| messageMenu function| postPrivacy function| sidebarShow function| adminSubMenu function| checkAlert function| searchFriends function| reload function| gallery function| getNext function| startLoadingBar function| stopLoadingBar function| liveLoad function| doMention function| pollVote function| addAnswer function| share_social function| doDislike object| friends_windows object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
icewahl.com/sarasleuth/kasebook// Name: PHPSESSID
Value: 96795181abdc4fa4671f9495da001e8b
icewahl.com/sarasleuth/kasebook// Name: lang
Value: english
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.icewahl.com/ Name: __gads
Value: ID=eddcca7d089499dd-2204e68955ce0088:T=1666661839:RT=1666661839:S=ALNI_MbuBDW1b6PTEFpwtJiIVgVlwiOEIQ
.icewahl.com/ Name: __gpi
Value: UID=00000b7836968bb5:T=1666661839:RT=1666661839:S=ALNI_MYBO4z72_VstDzt4v-Xmv-qxltH9Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
icewahl.com
kasebook.info
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
162.255.119.62
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
35.208.79.127
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
085a01e726f9ad40fb440339b943ddb9c2853bcbf76c6904b4b2d8c56cfbd56b
0dfb644a39d19bebfa04ee088afbd7ccd5084a1c9c29b00cd4717b05f53635df
0e4851dc5f0a371f6d136c7d8774fc23092323a8eb0b8de39efa526fd9823494
1e72286c5b19e03b0798435cc8fe8107a36ee64418d3126adf8ab1dd1d1f1fdb
24e8dbad4f7e99fcbe59adea92e8338e6e0a83c4b6f859e6d30218336846b312
2ac748cc809f6e4003d13cda0fd6247e6e28be19b6028b0f1db2f89a6b3fc27e
2af0ed9fd3d556dd160a97c0e3062ee356467e13f0f21576a0bef5c4a33e28ab
33938bb7d496bf79b71afb21fb047cceda3c92f3a4df07d390380e8bd7f49da6
33f56d51809e2b10e54744bd5fc45c73242945610b0b48821e647d5829c35a83
41f4c83dcb9070d509f9bff0f972d495f125ed722d85783368169aa78cf6b6cd
4bcd19dff81c226fbe7a80a32c4b37589c4a491031a4bc680b2884180f7c6031
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ca90aed2935a159d07732567e0147b7092deea5b1b0ce15837d85e4c361d0bf
5d263f0115fa690a8234a340794715c47ab2f78c934c3364f9d799451aa0ccc9
5d5c00470240d4a75936959a6f05e45a097f62b0b12ff854b71d6eeb43fcde7c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ad481201180da722891e9f0b26fcf40451c3093ab8e8ccfb4ef2feac2d46144
6aec1bcb338cf638173f375e5252eb71bf4e01e1904846c6d41c885dbdb8ae38
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
712c16e531a0aee4e33008b090db1bdb7639562eb42aa8835d8cf7189a79a859
7ff4a27268a888f0edaedc2f01c6eda009b170ff4309842f6e17433249d645a9
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
97e1fe70db8dd18f8c06ffc4508b925ba00e633e3b00c2bb01239b73ba6f2025
a1d6b20d07f3ae2c0997075ed9cd90dc2e20d921ca8c013db3946bd396da8270
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa96d94e0dd09fa82f84c719d841c3dd9e3a6806e04da2c65709366af87b3938
c9b1665dc825e09ab7037c0032240009c5e9b17884989b0487b799b341c7deac
d6cb8e9e79bd37345586fef2653b19b8aa089e5dd6035f5226512b17ddb5fdf2
d7501e1311ce428e0c9e76b33a3b8483132e256e9dad15c0f935851926f93c21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
f4ff39e2ebce2c2716a50067ff29509190e8ee4bc633c6b43c468cf7824500a2
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fadca979e3b5bac6dc73303ec85a8fc2167b5c5e875a8d04c8119680eaad5d0d
fd7425e990c2e8dd93ea80547bb257354d215b2f2dd92b75d5f8d9e38986b6bc