adsfacebook.net Open in urlscan Pro
2001:4860:4802:38::15 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://adsfacebook.net/
Submission: On November 06 via api (November 6th 2022, 3:03:59 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 43 HTTP transactions. The main IP is 2001:4860:4802:38::15, located in United States and belongs to GOOGLE, US. The main domain is adsfacebook.net.

This is the only time adsfacebook.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
43	11

7 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

adsfacebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

business.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com www.gstatic.com fonts.gstatic.com	544 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
7	adsfacebook.net adsfacebook.net	59 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 172 business.google.com — Cisco Umbrella Rank: 36574 play.google.com — Cisco Umbrella Rank: 67 Failed	63 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 164	578 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	438 B
43	7

	Domain	Requested by
10	www.gstatic.com	adsfacebook.net www.gstatic.com business.google.com
7	www.google-analytics.com	adsfacebook.net www.google-analytics.com
7	adsfacebook.net	adsfacebook.net www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com adsfacebook.net
5	lh3.googleusercontent.com	adsfacebook.net
2	business.google.com	apis.google.com adsfacebook.net
2	apis.google.com	adsfacebook.net apis.google.com
2	fonts.googleapis.com	adsfacebook.net
1	play.google.com	www.gstatic.com
1	stats.g.doubleclick.net	www.google-analytics.com
43	10

This site contains links to these domains. Also see Links.

Domain
support.google.com
www.google.com

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://adsfacebook.net/
Frame ID: A3CDD42EDB1745247A2AFACAD7F42C7B
Requests: 37 HTTP requests in this frame

Frame: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
Frame ID: 9299123E2EF92C4032EFEB78A02C9E27
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dịch vụ quảng cáo facebook - Công Ty Truyền Thông LUCMEDIA

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

43
Requests

65 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

1266 kB
Transfer

2114 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/business/answer/7388122
Title: Báo cáo lạm dụng

Search URL Search Domain Scan URL

URL: https://www.google.com/business/how-it-works/website
Title: Google

Search URL Search Domain Scan URL

URL: https://support.google.com/business/answer/9156388
Title: Tìm hiểu thêm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
adsfacebook.net/ 151 KB
52 KB 169ms
104ms Document
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8722463f2c71bd090cfa9f377cbfb18ae562adb3eb7ae140f75a00b727276c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ic9Rk5p5IymrT1uGxlzlDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: script-src 'report-sample' 'nonce-Ic9Rk5p5IymrT1uGxlzlDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: unsafe-none; report-to="GeoMerchantPrestoSiteUi"
Date: Sun, 06 Nov 2022 03:03:53 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Pragma: no-cache
Report-To: {"group":"GeoMerchantPrestoSiteUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/GeoMerchantPrestoSiteUi/external"}]}
Server: ESF
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
x-ua-compatible: IE=edge

POST
H/1.1 403
Forbidden cspreport
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 75ms
59ms Other
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

492ecbbc9d85f4b8e65d43df02548150de8a12a7bef94e90aca170e0e3263647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 03:03:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden cspreport
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 74ms
59ms Other
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19ccd42428934e175dc9efab014da94c521027c6586122968bcbe0d6fcdef5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 03:03:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/ 180 KB
64 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/m=_b,_tp,_r

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd26dde9cd16c7111353b9eb3fe330e7d06600113dcac3c8ecfd606411315523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65129
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 21:10:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:45:12 GMT

GET
H/1.1 200
OK icon
fonts.googleapis.com/ 615 B
995 B 42ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc8973bb72b4f92a7e4e16369962a6a6c4ccda070f92e511e26560dcb5e63418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 03:03:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 06 Nov 2022 03:03:53 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 06 Nov 2022 03:03:53 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 40ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f328cd743c90842766849121f6417e18b83d7aaefd9852c28a5472b401f51f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 03:03:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 06 Nov 2022 03:03:53 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 06 Nov 2022 03:03:53 GMT

GET
H2 200 AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w1080-h608-p-no-v0
lh3.googleusercontent.com/p/ 124 KB
125 KB 273ms
231ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w1080-h608-p-no-v0

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94556b1c2f8a892f221648ce813a860238fe0ab1d3366ef816c04eb9fee8f54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2022-11-02.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127388
x-xss-protection: 0
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipOn8CQc5eiZZzLNxBWmp3MNQt2UoeC-Mk6GAYTw=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
81 KB 271ms
229ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipOn8CQc5eiZZzLNxBWmp3MNQt2UoeC-Mk6GAYTw=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2022-11-02.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
server: fife
etag: "v7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipOYkAVVONIYb791t6fvt9QeaEre9a1pQetS7SWX=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 209 KB
209 KB 240ms
198ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipOYkAVVONIYb791t6fvt9QeaEre9a1pQetS7SWX=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70df2da4b3abb575901c2f0ba7351bcd0b1cdf7277cefdfe223999dee68c624d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="310154302_1648927065523560_4108835140149292331_n.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214041
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipMSKxuizfCRjNWc1aYVatPNBRqvru8lJJwZ-WaZ=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
81 KB 265ms
224ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipMSKxuizfCRjNWc1aYVatPNBRqvru8lJJwZ-WaZ=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="298962292_1602129083536692_5162257130403801860_n.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
82 KB 208ms
167ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="2022-11-02.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 06 Nov 2022 03:15:54 GMT

GET
H2 200 api.js Show response
www.gstatic.com/feedback/ 34 KB
14 KB 77ms
43ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/api.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cfe207ca5b174ca27cd19f85568d0f6473d72daae05594c5b4e7b06f9979de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 03:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13608
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 05 Nov 2022 11:49:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 17 KB
7 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 03:03:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6890
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "de7c76c1ab2f4ad3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Nov 2022 03:03:54 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK rax_HiWKp9EAITukFsl8Axhf.woff2
fonts.gstatic.com/s/fugazone/v15/ 11 KB
12 KB 30ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/fugazone/v15/rax_HiWKp9EAITukFsl8Axhf.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:02:50 GMT
X-Content-Type-Options: nosniff
Age: 360064
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11032
X-XSS-Protection: 0
Last-Modified: Thu, 21 Apr 2022 17:05:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 01 Nov 2023 23:02:50 GMT

GET
H/1.1 200
OK kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
160 KB 32ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 21:27:24 GMT
X-Content-Type-Options: nosniff
Age: 452190
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 162924
X-XSS-Protection: 0
Last-Modified: Thu, 25 Aug 2022 00:15:09 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 31 Oct 2023 21:27:24 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 31ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 21:36:48 GMT
X-Content-Type-Options: nosniff
Age: 192426
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16740
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 03 Nov 2023 21:36:48 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 13 KB
13 KB 31ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 22:02:26 GMT
X-Content-Type-Options: nosniff
Age: 190888
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12972
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:15:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 03 Nov 2023 22:02:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 23ms
22ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=547091047&t=pageview&_s=1&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=977246152&gjid=268631317&cid=1706604721.1667703834&tid=UA-77246179-1&_gid=1988211732.1667703834&_r=1&_slc=1&cd1=64542724682214533&z=2067579904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://adsfacebook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77246179-1&cid=1706604721.1667703834&jid=977246152&gjid=268631317&_gid=1988211732.1667703834&_u=YEBAAAAAAAAAACAAI~&z=1160947934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 03:03:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://adsfacebook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 128 KB
42 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42685
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:38:03 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=547091047&t=event&_s=2&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=primary-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=1706604721.1667703834&tid=UA-77246179-1&_gid=1988211732.1667703834&cd1=64542724682214533&z=900397852

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 19:52:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25872
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
17ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=547091047&t=event&_s=3&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=action-list-1&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=1706604721.1667703834&tid=UA-77246179-1&_gid=1988211732.1667703834&cd1=64542724682214533&z=356264290

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 19:52:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25872
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=547091047&t=event&_s=4&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=bottom-action-list-1&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=1706604721.1667703834&tid=UA-77246179-1&_gid=1988211732.1667703834&cd1=64542724682214533&z=1880292239

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 19:52:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25872
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=547091047&t=event&_s=5&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=action-list-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=1706604721.1667703834&tid=UA-77246179-1&_gid=1988211732.1667703834&cd1=64542724682214533&z=1931938367

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 19:52:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25872
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=547091047&t=event&_s=6&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=bottom-action-list-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=1706604721.1667703834&tid=UA-77246179-1&_gid=1988211732.1667703834&cd1=64542724682214533&z=1380350664

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 19:52:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25872
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 7 KB
8 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 07:43:56 GMT
X-Content-Type-Options: nosniff
Age: 501598
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7136
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:26:34 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 31 Oct 2023 07:43:56 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KU... Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,sitevi... 259 KB
91 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,Z5uLle,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,MdUzUe,BVgquf,ovKuLd,hKSk3e,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,A7fCU,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aca48fbabe59857b797b88318e099e50fa53432a41faf9c1cc9d4ed5bab8c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92837
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:45:13 GMT

GET
H3 200 m=JbzNG Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 1 KB
576 B 34ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=JbzNG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ace944f91f40f8c6b0434f9769556dec51f4091d2c6f74d5626c04013a87057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 549
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:32:02 GMT

GET
H2 200 forms Show response
business.google.com/websites/ Frame 9299 36 KB
13 KB 136ms
82ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f187e2de43cac0ae810868c22f2cd333ab354fd15280a11f0008d4911fb44559

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k3dnjKRZIuPODKxWNV-49A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-k3dnjKRZIuPODKxWNV-49A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 06 Nov 2022 03:03:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-robots-tag: none
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 1 KB
722 B 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61ca26767e6a58815076bb34d183079cacd8b0973baaa76b6ac17492d545cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 695
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:32:02 GMT

POST
H3 204 cspreport
business.google.com/_/GeoMerchantPrestoSnapformsUi/ Frame 9299 0
26 B 103ms
71ms Other
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://business.google.com/_/GeoMerchantPrestoSnapformsUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport, script-src 'report-sample' 'nonce-dd1Jbf8Je53ThNERLuKD5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport, script-src 'report-sample' 'nonce-dd1Jbf8Je53ThNERLuKD5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/ Frame 9299 164 KB
58 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/m=_b,_tp,_r

Requested by

Host: business.google.com
URL: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e187b98452a14876b71426e06827a0e109d17b7b84d9303829542f6aa823043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59214
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 21:10:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:08 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM... Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,sn... Frame 9299 224 KB
80 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,Z5uLle,xQtZb,JNoxi,kWgXee,MdUzUe,BVgquf,ovKuLd,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,A7fCU,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8114ed159081fd2e3932ad638baa85d8ba0931f2ef0ed1d9411cebba1c9041f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81824
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:30:59 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,... Frame 9299 6 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gZjhIf,gychg,hc6Ubd,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6fe89683f0e2cd465e6fee7df0943e7926a5c13ee90a8961b12632f00c865e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2872
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:30:59 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 6 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392d73a1510dcdceabd344f0199875777a771f3b5c4700b226e8a816fc2d4cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:32:03 GMT

GET
H3 200 m=A4UTCb,VXdfxd,pxq3x,MFnxwd,f87Olb Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,... Frame 9299 57 KB
21 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gZjhIf,gychg,hc6Ubd,hhhU8,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,pxq3x,MFnxwd,f87Olb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8184159b1dd3ff5baa7d25e2934fdeb8fc447637b5d32b082cd2fc150e57c45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21291
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:30:59 GMT

POST log
play.google.com/ 0
0

POST
H2 200 log Show response
play.google.com/ Frame 9299 131 B
325 B 62ms
26ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://business.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 06 Nov 2022 03:03:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://business.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Nov 2022 03:03:54 GMT

POST
H/1.1 403
Forbidden browserinfo Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 61ms
61ms XHR
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=-777757443809456503&bl=boq_geomerchantprestoserver_20221103.06_p0&hl=de&soc-app=698&soc-platform=1&soc-device=1&_reqid=11038&rt=j

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d66158ed36308ef4a7250959edf23c915bf742af78eadf83e99b98b86bbb4e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 03:03:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden reporthttp4xxerror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 62ms
61ms XHR
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/reporthttp4xxerror?url=http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-777757443809456503%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D11038%26rt%3Dj&status=403&traceid

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccf73f38e73b0b22cfead0c9e57283e4b2e7f3c6d34adcbb9e4d8d18ac48962c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 03:03:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden jserror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 74ms
74ms XHR
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=tb%60http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-777757443809456503%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D11038%26rt%3Dj%60403&line=Not%20available

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c21a147c0a5784a393d2dbbda2f91507b4bd9c3fe180d3e59de60174100c241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 03:03:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden jserror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 69ms
69ms XHR
text/html 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=There%20was%20an%20error%20during%20the%20transport%20or%20processing%20of%20this%20request.%20Error%20code%20%3D%20403%2C%20Path%20%3D%20%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ceye3%20owner%3D%27frameworks-web-alerts%27%2F%3E&line=Not%20available

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5d0adeeddff4554c693ea33d3fbe07ba1c446c6bc4568cc70d25c96229fdfd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 03:03:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsfacebook.net/	1970-01-20 16:51:03	Name: _ga Value: GA1.2.1706604721.1667703834
.adsfacebook.net/	1970-01-20 07:16:30	Name: _gid Value: GA1.2.1988211732.1667703834
.adsfacebook.net/	1970-01-20 07:15:03	Name: _gat Value: 1
.google.com/	1970-01-20 11:38:35	Name: NID Value: 511=kZc0_ZNeMzsSxFXS6gq2PBhe8SZeF0M_rwDIE8SIk30mjoqiVHhSDVCqfqM_6fTDK1XZsZ8_eKq6FtHaofbcUD2UbB7rQLjHsUwZndrl6NmeIx1FHavlaUX5ZnhLLttrSEJoJbdWWYuEPwO0F9SmG3H_W4wxihUoPB-MzTBZQ7s
adsfacebook.net/	1970-01-20 07:58:15	Name: OTZ Value: 6756664_56_56__56_

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: http://adsfacebook.net/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security	error	URL: http://adsfacebook.net/ Message: Refused to set the document's base URI to 'http://business.google.com/' because it violates the following Content Security Policy directive: "base-uri 'self'".
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: http://adsfacebook.net/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'http://adsfacebook.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=-777757443809456503&bl=boq_geomerchantprestoserver_20221103.06_p0&hl=de&soc-app=698&soc-platform=1&soc-device=1&_reqid=11038&rt=j Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/reporthttp4xxerror?url=http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-777757443809456503%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D11038%26rt%3Dj&status=403&traceid Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=There%20was%20an%20error%20during%20the%20transport%20or%20processing%20of%20this%20request.%20Error%20code%20%3D%20403%2C%20Path%20%3D%20%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ceye3%20owner%3D%27frameworks-web-alerts%27%2F%3E&line=Not%20available Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=tb%60http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-777757443809456503%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D11038%26rt%3Dj%60403&line=Not%20available Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ic9Rk5p5IymrT1uGxlzlDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsfacebook.net
apis.google.com
business.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
play.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.gstatic.com
play.google.com
2001:4860:4802:38::15
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c1b::9c
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
19ccd42428934e175dc9efab014da94c521027c6586122968bcbe0d6fcdef5fe
1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80
2ace944f91f40f8c6b0434f9769556dec51f4091d2c6f74d5626c04013a87057
2c21a147c0a5784a393d2dbbda2f91507b4bd9c3fe180d3e59de60174100c241
2cfe207ca5b174ca27cd19f85568d0f6473d72daae05594c5b4e7b06f9979de2
392d73a1510dcdceabd344f0199875777a771f3b5c4700b226e8a816fc2d4cef
492ecbbc9d85f4b8e65d43df02548150de8a12a7bef94e90aca170e0e3263647
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46
6aca48fbabe59857b797b88318e099e50fa53432a41faf9c1cc9d4ed5bab8c67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70df2da4b3abb575901c2f0ba7351bcd0b1cdf7277cefdfe223999dee68c624d
79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
8114ed159081fd2e3932ad638baa85d8ba0931f2ef0ed1d9411cebba1c9041f8
8184159b1dd3ff5baa7d25e2934fdeb8fc447637b5d32b082cd2fc150e57c45b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e187b98452a14876b71426e06827a0e109d17b7b84d9303829542f6aa823043
94556b1c2f8a892f221648ce813a860238fe0ab1d3366ef816c04eb9fee8f54c
a8722463f2c71bd090cfa9f377cbfb18ae562adb3eb7ae140f75a00b727276c8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d
bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5
c6fe89683f0e2cd465e6fee7df0943e7926a5c13ee90a8961b12632f00c865e0
cc8973bb72b4f92a7e4e16369962a6a6c4ccda070f92e511e26560dcb5e63418
ccf73f38e73b0b22cfead0c9e57283e4b2e7f3c6d34adcbb9e4d8d18ac48962c
cd26dde9cd16c7111353b9eb3fe330e7d06600113dcac3c8ecfd606411315523
d5d0adeeddff4554c693ea33d3fbe07ba1c446c6bc4568cc70d25c96229fdfd5
d61ca26767e6a58815076bb34d183079cacd8b0973baaa76b6ac17492d545cf5
d66158ed36308ef4a7250959edf23c915bf742af78eadf83e99b98b86bbb4e8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f187e2de43cac0ae810868c22f2cd333ab354fd15280a11f0008d4911fb44559
f328cd743c90842766849121f6417e18b83d7aaefd9852c28a5472b401f51f9d

adsfacebook.net Open in urlscan Pro 2001:4860:4802:38::15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

65 %HTTPS

100 %IPv6

7 Domains

10 Subdomains

11 IPs

3 Countries

1266 kBTransfer

2114 kBSize

5 Cookies

3 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adsfacebook.net Open in urlscan Pro
2001:4860:4802:38::15 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

65 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

1266 kB
Transfer

2114 kB
Size

5
Cookies

43 HTTP transactions
1 data transactions