urlscan.io logo urlscan.io
SecurityTrails logo

amibehindaproxy.com Open in urlscan Pro
85.215.230.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://amibehindaproxy.com/
Submission: On October 18 via api from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 85.215.230.56, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is amibehindaproxy.com.
TLS certificate: Issued by E6 on August 10th 2024. Valid for: 3 months.
This is the only time amibehindaproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 85.215.230.56 8560 (IONOS-AS ...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 209.85.232.156 15169 (GOOGLE)
3 172.217.222.157 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.68.106 15169 (GOOGLE)
15 7
5    85.215.230.56 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail.michielonline.nl
amibehindaproxy.com
1    2607:f8b0:400d:c01::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    209.85.232.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f156.1e100.net
pagead2.googlesyndication.com
3    172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    173.194.68.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f106.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
212 KB
5 amibehindaproxy.com
amibehindaproxy.com
7 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
1 google.com
www.google.com — Cisco Umbrella Rank: 3
15 4
Domain Requested by
5 amibehindaproxy.com amibehindaproxy.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 pagead2.googlesyndication.com amibehindaproxy.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
15 5

This site contains no links.

Subject Issuer Validity Valid
amibehindaproxy.com
E6		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://amibehindaproxy.com/
Frame ID: 3479545BB8AB457584A351C171CBE470
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: E2C841E1EB8E9EC9BFBA9C862DE86F26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4395570573719669&output=html&h=90&slotname=4396232528&adk=2121935355&adf=3894707778&pi=t.ma~as.4396232528&w=728&abgtt=3&lmt=1729220040&format=728x90&url=https%3A%2F%2Famibehindaproxy.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729220039898&bpp=5&bdt=372&idt=184&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4317643545346&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087795%2C31087892%2C44795921%2C95341936%2C95344187&oid=2&pvsid=1234887929455085&tmod=58290333&uas=0&nvt=1&fc=896&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=226
Frame ID: 6010CF9A680460B48E406D5FD06B8A8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4395570573719669&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1729220040&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Famibehindaproxy.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729220039903&bpp=2&bdt=377&idt=247&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=4317643545346&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087795%2C31087892%2C44795921%2C95341936%2C95344187&oid=2&pvsid=1234887929455085&tmod=58290333&uas=0&nvt=1&fsapi=1&fc=896&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: 9DE18927C079CDEEEF9D8169CF53CD61
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: B3146AF1C059E859EE260D3601082AE4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7D65933639D015501B8807208E2E980
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Check your proxy or VPN settings | Am I Behind A Proxy.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

7
IPs

2
Countries

219 kB
Transfer

616 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amibehindaproxy.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amibehindaproxy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.215.230.56 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail.michielonline.nl
Software
nginx/1.22.1 / PHP/8.3.6
Resource Hash
7be3c8993ff51618c87ab372a9c496f8a775975b47b43bffc7921315f572e972

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Oct 2024 02:53:59 GMT
Server
nginx/1.22.1
Transfer-Encoding
chunked
X-Powered-By
PHP/8.3.6
ads.js
amibehindaproxy.com/ 		27 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amibehindaproxy.com/ads.js
Requested by
Host: amibehindaproxy.com
URL: https://amibehindaproxy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.215.230.56 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail.michielonline.nl
Software
nginx/1.22.1 /
Resource Hash
1128267b373d3677cbe43936f4211450faadc1802024229fcbb4147cba8cc93c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

ETag
"642148c9-1b"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27
Date
Fri, 18 Oct 2024 02:53:59 GMT
Content-Type
application/javascript
Last-Modified
Mon, 27 Mar 2023 07:42:01 GMT
Server
nginx/1.22.1
style.css
amibehindaproxy.com/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amibehindaproxy.com/style.css
Requested by
Host: amibehindaproxy.com
URL: https://amibehindaproxy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.215.230.56 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail.michielonline.nl
Software
nginx/1.22.1 /
Resource Hash
768daa3ea19e916efd7e9797f10373a4cb597c2b15fddda4eacaed1884863a18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

ETag
"642148c9-59c"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1436
Date
Fri, 18 Oct 2024 02:53:59 GMT
Content-Type
text/css
Last-Modified
Mon, 27 Mar 2023 07:42:01 GMT
Server
nginx/1.22.1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: amibehindaproxy.com
URL: https://amibehindaproxy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff4dc963a4a7a57928a9a6990021c75a621b22faf28f38eb951ab62d960e4b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

content-encoding
br
etag
3152922156822934737
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 02:53:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 02:53:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52606
x-xss-protection
0
server
cafe
bin.png
amibehindaproxy.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amibehindaproxy.com/bin.png
Requested by
Host: amibehindaproxy.com
URL: https://amibehindaproxy.com/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.215.230.56 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail.michielonline.nl
Software
nginx/1.22.1 /
Resource Hash
5b22f8d6e823f11e277a42a741ca5f4d3383d9468b86e2ce7454c8b2c1c47f5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/style.css

Response headers

ETag
"642148c8-6c8"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1736
Date
Fri, 18 Oct 2024 02:53:59 GMT
Content-Type
image/png
Last-Modified
Mon, 27 Mar 2023 07:42:00 GMT
Server
nginx/1.22.1
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/ 		422 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
b95a973ba2148a2424e15a5f22b2dfa1db1bfd8373ca3985bde9003988b9a2d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

content-encoding
br
etag
4356256121477504009
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 02:53:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 18 Oct 2024 02:53:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
143847
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/ Frame E2C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amibehindaproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
5668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 01:19:32 GMT
etag
13108003645644964576
expires
Fri, 01 Nov 2024 01:19:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6010 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4395570573719669&output=html&h=90&slotname=4396232528&adk=2121935355&adf=3894707778&pi=t.ma~as.4396232528&w=728&abgtt=3&lmt=1729220040&format=728x90&url=https%3A%2F%2Famibehindaproxy.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729220039898&bpp=5&bdt=372&idt=184&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=4317643545346&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087795%2C31087892%2C44795921%2C95341936%2C95344187&oid=2&pvsid=1234887929455085&tmod=58290333&uas=0&nvt=1&fc=896&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amibehindaproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
26276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 02:54:00 GMT
expires
Fri, 18 Oct 2024 02:54:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9DE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4395570573719669&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1729220040&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Famibehindaproxy.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729220039903&bpp=2&bdt=377&idt=247&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=4317643545346&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087795%2C31087892%2C44795921%2C95341936%2C95344187&oid=2&pvsid=1234887929455085&tmod=58290333&uas=0&nvt=1&fsapi=1&fc=896&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amibehindaproxy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 02:54:00 GMT
expires
Fri, 18 Oct 2024 02:54:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f156.1e100.net
Software
cafe /
Resource Hash
45bb87bab10ee2e80e70bd8cc25209858c474301c1caeefbb20933c494d5fea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12865
date
Fri, 18 Oct 2024 02:54:01 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
magni.gif
amibehindaproxy.com/ 		565 B
803 B 		Other
General
Check archive.org
Download Go to
Full URL
https://amibehindaproxy.com/magni.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.215.230.56 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail.michielonline.nl
Software
nginx/1.22.1 /
Resource Hash
736dc234814c1056b1d4c5d64067ee45ea47c337397d0705518d87f43e91de69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

ETag
"642148c8-235"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
565
Date
Fri, 18 Oct 2024 02:54:01 GMT
Content-Type
image/gif
Last-Modified
Mon, 27 Mar 2023 07:42:00 GMT
Server
nginx/1.22.1
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://amibehindaproxy.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 02:54:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 02:54:01 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame B314 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amibehindaproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 02:27:26 GMT
expires
Fri, 18 Oct 2024 03:17:26 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A7D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f106.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sndSLoEDlfKrTXnDJw7qRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amibehindaproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sndSLoEDlfKrTXnDJw7qRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 02:54:01 GMT
expires
Fri, 18 Oct 2024 02:54:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=1234887929455085&bg=!7O-l76DNAAaUWUsktFk7ADQBe5WfOD1XhGUrHiA7-F_1TjY1-q2yCB-NtjSag5Rxx9H-BsNaYP9Toqk0io-tCZqxt-X6AgAAAFpSAAAABGgBB34ANstQVOVTvDdih2UUV4578SeYReFjQAj-YxcokpbPfxNNrQ3pSX6fdUXsEq8iQ5fNW8u4vWzYFgoAkoPTE2AI8bpgV4410TRa1U6oDaAmr7slxSvjGYoT-Pe1JGgOzC2CvogETdO4EEkVGPwcVOMyz5CMnr4538Bylzw3YUMiCnG6pQQT5G3C2D4fj3PX5L5Bzx6-a5v8M6lv3Gh74-uESeb7FzyyYjAGt1Zm-wYKUpYH04S6Yl770E_GVZrovrFhydy8BFvRJs-r_loJmQKOfn1-TPFe7DCxL5a-qU8Izw0qgZ2JYQS2JdHzEyu9vGVrpG-xqMXPjAERuX6PvBa3RCsA36vDeyM5b-gqIFxLI44glFYAUWN00k-E-RzuQHqIPsbvaHOI7TTf19RLVCe8mqeds2kYdOo6WKXaozj1FB7b0N8s_xWuMUpThlxDkFvz0mpPVTSPr1laGQo1F1tVJ9XgOjX95iF5i0Eea1P3_nBNqB5YLhUs01csd1R9GyyNK0ZHOR2IFWM0qzOOKwzhpiHCp08APSkNLr7LKhaQSANPblY4xSj9imea0bsdboq-pSS9AlryOqP-Tuq8C16wNr50tut_oZ2ZweK6LaNPn0zt4VtGIFYRGEcda_ZvMmNx0ut4bsljlyX7umwGzuqQcZ3yglbQph1p5tSseoKmxNHIHlqD2VZ1zIOgBNaugqyikDER1269LOa5jnbVoOOU7XKBROl1oK0Kztr0bDsg4zBCiRTYtJ85hwspEt2SocN1K131iF35qQIpeHJABNVvvpRrpSHwyqUoZrYCACzDAOaosvFpf5LNerHX78V-6AjrxDrrGAqE_Np8no0o6-RlCPpWirb7wpa0MjmB_tHDoNP_DqLqXCoM9s4Ll3iuVngjxiS9Lyf0DQ8NRxIBD327mrWirAdsWJbt0wzDnx-ofzj3ul6RTuGoYO_OuYOC5pt0Y2cJjbUoshoJMXjtbQry6RBwxio18sG3JZp276G7_xFS2cGql8dUMbVeI3hsUkywFW07x7Jm9oAqs-TqlOiehhSGXild7e3QFWwBVdVAawadP1RQVwYzWZqR5JFYbCE6UFIoRjzPTTpByMQUtGMAcD6HanWjiAilO1Jux7r-27Q5SLWde9uzUoIV4Iaj

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| isAdsDisplayed function| RawData object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkKwnIMROsQspEW3cJAleqtRool0ZLwBhTeGUCbYeLbbfS0m0ThI9JuFjW_jlQ
.amibehindaproxy.com/ Name: __gads
Value: ID=4c59c648aee9ece4:T=1729220040:RT=1729220040:S=ALNI_MbUlg9JMTpIlTPnlcczLm-Xwx6uEg
.amibehindaproxy.com/ Name: __gpi
Value: UID=00000f2b5bd0f810:T=1729220040:RT=1729220040:S=ALNI_MbgGhdiYF5T8NIZyVPP7IXd91S6nw
.amibehindaproxy.com/ Name: __eoi
Value: ID=ac36bce07ecd0bcb:T=1729220040:RT=1729220040:S=AA-AfjYHAoYU-RqXZHJaMnzhDD6h
.mediago.io/ Name: __mguid_
Value: 4acc6291309f64d62zzcrk00m2e4yqvk
gtrace.mediago.io/ Name: cst_70
Value: ts=1729220040