urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
216.58.206.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://14ar.qy.xsl.pt/
Effective URL: https://www.google.com/
Submission: On September 11 via manual from US — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 8 countries across 15 domains to perform 21 HTTP transactions. The main IP is 216.58.206.36, located in and belongs to . The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on August 14th 2023. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.13.30.100 3243 (MEO-RESID...)
1 1 190.92.141.36 55293 (A2HOSTING)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 99.198.108.194 32475 (SINGLEHOP...)
2 3 51.68.82.147 16276 (OVH)
1 1 34.141.137.168 396982 (GOOGLE-CL...)
1 4 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.185.188 13335 (CLOUDFLAR...)
2 2 51.161.115.163 16276 (OVH)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
1 1 51.83.143.92 16276 (OVH)
1 1 104.21.52.38 13335 (CLOUDFLAR...)
1 2 44.196.247.245 14618 (AMAZON-AES)
1 1 168.119.90.96 24940 (HETZNER-AS)
1 1 142.250.185.238 ()
7 216.58.206.36 ()
3 142.250.186.35 ()
1 172.217.16.131 ()
1 142.250.185.174 ()
21 10
1    213.13.30.100 (Portugal)

ASN3243 (MEO-RESIDENCIAL, PT)
PTR: dyndns-por01.ns.sapo.pt
14ar.qy.xsl.pt
1    190.92.141.36 (United States)

ASN55293 (A2HOSTING, US)
PTR: server.ktvw.sbs
tiktok.merth.quest
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    99.198.108.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
monkey.redirectmaster.com
3    51.68.82.147 (France)

ASN16276 (OVH, FR)
www.berlindespraque.life
1    34.141.137.168 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com
admoustache.media-412.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fangthatsack.com
1    172.67.185.188 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
2    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.hightid.com
t2.blowingwnd.com
1    198.134.116.30 (United States)

ASN27257 (WEBAIR-INTERNET, US)
go.savethereef.xyz
1    51.83.143.92 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
t10.blowingwnd.com
1    104.21.52.38 (None, )

ASN13335 (CLOUDFLARENET, US)
popcash.net
2    44.196.247.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-247-245.compute-1.amazonaws.com
ps.popcash.net
1    168.119.90.96 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.96.90.119.168.clients.your-server.de
pumpedwombat.net
1    142.250.185.238 (None, )

ASN- ()
google.com
7    216.58.206.36 (None, )

ASN- ()
www.google.com
3    142.250.186.35 (None, )

ASN- ()
www.gstatic.com
1    172.217.16.131 (None, )

ASN- ()
fonts.gstatic.com
1    142.250.185.174 (None, )

ASN- ()
apis.google.com
Apex Domain
Subdomains		 Transfer
9 google.com
google.com
www.google.com
apis.google.com
120 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
75 KB
4 fangthatsack.com
fangthatsack.com
6 KB
3 popcash.net
popcash.net — Cisco Umbrella Rank: 64132
ps.popcash.net — Cisco Umbrella Rank: 233633
1 KB
3 berlindespraque.life
www.berlindespraque.life
5 KB
3 redirectmaster.com
monkey.redirectmaster.com
5 KB
2 blowingwnd.com
t2.blowingwnd.com — Cisco Umbrella Rank: 682668
t10.blowingwnd.com — Cisco Umbrella Rank: 335981
563 B
1 pumpedwombat.net
pumpedwombat.net — Cisco Umbrella Rank: 83285
124 B
1 savethereef.xyz
go.savethereef.xyz — Cisco Umbrella Rank: 280324
290 B
1 hightid.com
t3.hightid.com — Cisco Umbrella Rank: 587166
488 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 526398
1 KB
1 media-412.com
admoustache.media-412.com
269 B
1 thegadgetguru.club
polo.thegadgetguru.club
295 B
1 merth.quest
tiktok.merth.quest
320 B
1 xsl.pt
14ar.qy.xsl.pt
243 B
21 15
Domain Requested by
7 www.google.com ps.popcash.net
www.google.com
4 fangthatsack.com 1 redirects www.berlindespraque.life
fangthatsack.com
3 www.gstatic.com www.google.com
3 www.berlindespraque.life 2 redirects monkey.redirectmaster.com
3 monkey.redirectmaster.com monkey.redirectmaster.com
2 ps.popcash.net 1 redirects fangthatsack.com
1 apis.google.com www.gstatic.com
1 fonts.gstatic.com www.google.com
1 google.com 1 redirects
1 pumpedwombat.net 1 redirects
1 popcash.net 1 redirects
1 t10.blowingwnd.com 1 redirects
1 t2.blowingwnd.com 1 redirects
1 go.savethereef.xyz 1 redirects
1 t3.hightid.com 1 redirects
1 cdn.addlnk.com fangthatsack.com
1 admoustache.media-412.com 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 tiktok.merth.quest 1 redirects
1 14ar.qy.xsl.pt 1 redirects
21 20

This site contains no links.

Subject Issuer Validity Valid
monkey.redirectmaster.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
www.berlindespraque.life
R3		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.fangthatsack.com
E1		 2023-09-08 -
2023-12-07		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2023-08-11 -
2023-11-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.google.com/
Frame ID: 623B972692911CA87A5D7BD68E832DE3
Requests: 26 HTTP requests in this frame

Frame: https://fangthatsack.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Frame ID: 5F839641310CD7D500942BABACDE9C84
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://14ar.qy.xsl.pt/ HTTP 302
    https://tiktok.merth.quest/bpfMeTF HTTP 302
    https://polo.thegadgetguru.club/?k=234caa6ce4aa11b840de4906b7d44205&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7277426568140423264&tid=57696e3332 Page URL
  3. https://monkey.redirectmaster.com/proc.php?6413fc3a44df436832efb4167329e7f684faf7e6 Page URL
  4. https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website... Page URL
  5. https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website... HTTP 302
    https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000540b7f3c737116e79607d422b55... HTTP 302
    https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503 Page URL
  6. https://t3.hightid.com/r.php?p=c%3As_8942pggbfij953c&d1=557030&d=631f396258fd6b044f727c62&pid=pub9f... HTTP 302
    https://go.savethereef.xyz/redirect?feed=557030&url=t3.hightid.com&subid=8063a697&query=&pub_clickid=64... HTTP 302
    https://t2.blowingwnd.com/i.php?p=c:n534zxkba54lmrgsv&d=64d0bc6d3d658b55ac1eb5c4&s=du.557030&d2=t3.hig... HTTP 302
    https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_du.557030&d1=121... HTTP 302
    https://popcash.net/world/go/134600/317194 HTTP 301
    http://ps.popcash.net/go/134600/317194 Page URL
  7. http://ps.popcash.net/ad/ad?p=134600&w=317194&t=5ec1a4cc988d6472&r=&vw=1600&vh=1200 HTTP 303
    https://pumpedwombat.net/smart?p=6S36gzrUCrHarZZkgCcPWQ2bbFaKnmmtLc3aRqmN4H&s=317194 HTTP 302
    https://google.com/ HTTP 301
    https://www.google.com/ Page URL

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

10
IPs

8
Countries

211 kB
Transfer

596 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://14ar.qy.xsl.pt/ HTTP 302
    https://tiktok.merth.quest/bpfMeTF HTTP 302
    https://polo.thegadgetguru.club/?k=234caa6ce4aa11b840de4906b7d44205&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7277426568140423264&tid=57696e3332 Page URL
  3. https://monkey.redirectmaster.com/proc.php?6413fc3a44df436832efb4167329e7f684faf7e6 Page URL
  4. https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400 Page URL
  5. https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400&eyeg=dbc100eca70e070574ba969d0a890c49&eyer=0.32459634801461146&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400&eyeg=3&eyer=0.32459634801461146&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000540b7f3c737116e79607d422b5503dee0911-202309-flb*5675978-93ea7*M7277426568140423264*sl_5675978-93ea7*5048599d5d91919c12a25e4b15ad6cc6cbd50534*4400-bd34abaz*4400 HTTP 302
    https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503 Page URL
  6. https://t3.hightid.com/r.php?p=c%3As_8942pggbfij953c&d1=557030&d=631f396258fd6b044f727c62&pid=pub9f370114c301412c84911f0bb7dcb678&s=8063a697 HTTP 302
    https://go.savethereef.xyz/redirect?feed=557030&url=t3.hightid.com&subid=8063a697&query=&pub_clickid=64fe9ceb15f0fa1fd259ffea&default_url=https%3A%2F%2Ft2.blowingwnd.com%2Fi.php%3Fp%3Dc%3An534zxkba54lmrgsv%26d%3D64d0bc6d3d658b55ac1eb5c4%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP 302
    https://t2.blowingwnd.com/i.php?p=c:n534zxkba54lmrgsv&d=64d0bc6d3d658b55ac1eb5c4&s=du.557030&d2=t3.hightid.com HTTP 302
    https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_du.557030&d1=1217p3t0dz HTTP 302
    https://popcash.net/world/go/134600/317194 HTTP 301
    http://ps.popcash.net/go/134600/317194 Page URL
  7. http://ps.popcash.net/ad/ad?p=134600&w=317194&t=5ec1a4cc988d6472&r=&vw=1600&vh=1200 HTTP 303
    https://pumpedwombat.net/smart?p=6S36gzrUCrHarZZkgCcPWQ2bbFaKnmmtLc3aRqmN4H&s=317194 HTTP 302
    https://google.com/ HTTP 301
    https://www.google.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://14ar.qy.xsl.pt/ HTTP 302
  • https://tiktok.merth.quest/bpfMeTF HTTP 302
  • https://polo.thegadgetguru.club/?k=234caa6ce4aa11b840de4906b7d44205&type=mainstream&subtype=global HTTP 302
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 4
  • https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400&eyeg=dbc100eca70e070574ba969d0a890c49&eyer=0.32459634801461146&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400&eyeg=3&eyer=0.32459634801461146&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000540b7f3c737116e79607d422b5503dee0911-202309-flb*5675978-93ea7*M7277426568140423264*sl_5675978-93ea7*5048599d5d91919c12a25e4b15ad6cc6cbd50534*4400-bd34abaz*4400 HTTP 302
  • https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
Request Chain 6
  • https://fangthatsack.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://fangthatsack.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Request Chain 7
  • https://t3.hightid.com/r.php?p=c%3As_8942pggbfij953c&d1=557030&d=631f396258fd6b044f727c62&pid=pub9f370114c301412c84911f0bb7dcb678&s=8063a697 HTTP 302
  • https://go.savethereef.xyz/redirect?feed=557030&url=t3.hightid.com&subid=8063a697&query=&pub_clickid=64fe9ceb15f0fa1fd259ffea&default_url=https%3A%2F%2Ft2.blowingwnd.com%2Fi.php%3Fp%3Dc%3An534zxkba54lmrgsv%26d%3D64d0bc6d3d658b55ac1eb5c4%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP 302
  • https://t2.blowingwnd.com/i.php?p=c:n534zxkba54lmrgsv&d=64d0bc6d3d658b55ac1eb5c4&s=du.557030&d2=t3.hightid.com HTTP 302
  • https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_du.557030&d1=1217p3t0dz HTTP 302
  • https://popcash.net/world/go/134600/317194 HTTP 301
  • http://ps.popcash.net/go/134600/317194

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
monkey.redirectmaster.com/
Redirect Chain
  • http://14ar.qy.xsl.pt/
  • https://tiktok.merth.quest/bpfMeTF
  • https://polo.thegadgetguru.club/?k=234caa6ce4aa11b840de4906b7d44205&type=mainstream&subtype=global
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
1 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 04:51:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 04:51:52 GMT
Location
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
/
monkey.redirectmaster.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/?utm_term=7277426568140423264&tid=57696e3332
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
b8e4350dd6f49abca6c8e1dec5847378ebac367ff7a672a1e8d9492c6a5aabee

Request headers

Referer
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 04:51:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
monkey.redirectmaster.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/proc.php?6413fc3a44df436832efb4167329e7f684faf7e6
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7277426568140423264&tid=57696e3332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/?utm_term=7277426568140423264&tid=57696e3332
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 04:51:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.berlindespraque.life/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?6413fc3a44df436832efb4167329e7f684faf7e6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 11 Sep 2023 04:51:53 GMT
Transfer-Encoding
chunked
a91581ead4
fangthatsack.com/rc/
Redirect Chain
  • https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400&eyeg=dbc100eca70e070574ba969d0a890c49&eyer=0.3245963480146...
  • https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400&eyeg=3&eyer=0.32459634801461146&eyei=0&eyew=1600&eyeh=1200...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000540b7f3c737116e79607d422b5503dee0911-202309-flb*5675978-93ea7*M7277426568140423264*sl_5675978-93ea7*5048599d5d9191...
  • https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
Requested by
Host: www.berlindespraque.life
URL: https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c551cd6c97ac648d5546068a37fd6226f8ac26d3658de91f835a3c2139d5133

Request headers

Referer
https://www.berlindespraque.life/?sl=5675978-93ea7&data1=Track1&data2=Track2&tag=M7277426568140423264&website=4400-bd34abaz&placement=4400
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
804d4c59cb4b2145-MAD
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FROLfC6x2Hc%2BdiqvM49O3npiYjAkkbSpcZ1qZseA1cJ50LXHUP3EPBZPkPPL3SZ%2FvjbSFRcvLkLaOTC5zFTum8vrEufgSBdLhnukx7ExjLVeMX0XPAL7SfYtO79iiaRgIluR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 11 Sep 2023 04:51:54 GMT
location
https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: fangthatsack.com
URL: https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 04:51:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z7C829QF45SWTWSG
age
3145
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
55j5X/kfhhwNGwgT8/gG56zsQ9ukcA2/Z+tHCDtPTBqey2KiNBygKjnwVDgTEFlIs2qy0529EwLBTRtuFRXVfw==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6JPrcrtElmP2%2B6Z67hxOoKJktLgqXp99ztEdzanW1%2BVg8XwcjQQcHMtzjGFrpi8A%2BECIGWzQtDPpGCDjjWA6VLv6bZ3n2amvPpoWfBUdJgrs99m%2Bx%2FNtO3j5HzVIZjYlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
804d4c5bda336675-MAD
main.js
fangthatsack.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/ Frame 5F83
Redirect Chain
  • https://fangthatsack.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://fangthatsack.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fangthatsack.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Protocol
H2
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 04:51:55 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rQMY1y%2FoLZR7d%2B4r2XjaJaXpJmXDDULhtEDIawBygJObnQWci8qDoL2zOzWUHTx6DapR4xlarDZPQ2xEqjbX%2B44PoHxzl0%2F%2BXLHhREKPb0pDGctYP0l9Te%2Bs3RocPijY1AW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
804d4c5ccd3d2145-MAD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 11 Sep 2023 04:51:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS%2FdeefXTNz2Xm1Gv59VM2tC2LqUwM9wtRmw5Gvpe3dj2GSL%2FZpIAg6dQb%2BBPUdQzNFEIwDM6BByGDtRQpKvCxgBELXXuaM9%2FMcnesFM%2BGOjVIXrxoXd4GBl1PMINYfSRB%2BO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
cache-control
max-age=300, public
cf-ray
804d4c5c5cff2145-MAD
alt-svc
h3=":443"; ma=86400
317194
ps.popcash.net/go/134600/
Redirect Chain
  • https://t3.hightid.com/r.php?p=c%3As_8942pggbfij953c&d1=557030&d=631f396258fd6b044f727c62&pid=pub9f370114c301412c84911f0bb7dcb678&s=8063a697
  • https://go.savethereef.xyz/redirect?feed=557030&url=t3.hightid.com&subid=8063a697&query=&pub_clickid=64fe9ceb15f0fa1fd259ffea&default_url=https%3A%2F%2Ft2.blowingwnd.com%2Fi.php%3Fp%3Dc%3An534zxkba...
  • https://t2.blowingwnd.com/i.php?p=c:n534zxkba54lmrgsv&d=64d0bc6d3d658b55ac1eb5c4&s=du.557030&d2=t3.hightid.com
  • https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_du.557030&d1=1217p3t0dz
  • https://popcash.net/world/go/134600/317194
  • http://ps.popcash.net/go/134600/317194
426 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/134600/317194
Requested by
Host: fangthatsack.com
URL: https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
Protocol
HTTP/1.1
Server
44.196.247.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-247-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://fangthatsack.com/rc/a91581ead4?affclick=64fe9cea87f899000122e2d6&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
272
Content-Type
text/html
Date
Mon, 11 Sep 2023 04:51:57 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
804d4c6a2b8c8686-MAD
content-length
162
content-type
text/html
date
Mon, 11 Sep 2023 04:51:57 GMT
location
http://ps.popcash.net/go/134600/317194
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnD%2Fw7f5jVOqUejeu7cYqETvDEBxaEhmZhgu5E9%2BL2JQPc4Rcfqo42xToPRyOO8mb2Zf2NTScdqN7%2FVphwV4uSawavFzKufOIZUdazkpZpe6h4Fon%2BQRZOM5unS3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
804d4c59cb4b2145
fangthatsack.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5F83 		0
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fangthatsack.com/cdn-cgi/challenge-platform/h/b/jsd/r/804d4c59cb4b2145
Requested by
Host: fangthatsack.com
URL: https://fangthatsack.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Sep 2023 04:51:55 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrPw5Pl1Q7U8KbfbMegYXyCqVaME%2B%2BWE9RitnyC1Usy8p6Aw87Lllas%2BRft4rtezF%2B8T4I%2Bvq2cctHPWeOHXdPewKARw4wVdqCAcr24LxguTL8vthFdGQ53jvSHdY7iMciDt"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
804d4c5e0bf30421-MAD
alt-svc
h3=":443"; ma=86400
Primary Request /
www.google.com/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=134600&w=317194&t=5ec1a4cc988d6472&r=&vw=1600&vh=1200
  • https://pumpedwombat.net/smart?p=6S36gzrUCrHarZZkgCcPWQ2bbFaKnmmtLc3aRqmN4H&s=317194
  • https://google.com/
  • https://www.google.com/
235 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/134600/317194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
563aa0b8404f3ddf00da01271388326b072114ad4b3cf7a4a8b0e5cd72d5c878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
70553
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-dSSx-AHdm8bh1WbK5-56Kg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 11 Sep 2023 04:51:58 GMT
expires
-1
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=2592000
content-length
220
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-UOLpzH960N-jOjYsTx0qSA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Mon, 11 Sep 2023 04:51:58 GMT
expires
Mon, 11 Sep 2023 04:51:58 GMT
location
https://www.google.com/
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-frame-options
SAMEORIGIN
x-xss-protection
0
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 04:51:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5969
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 11 Sep 2023 04:51:59 GMT
tia.png
www.google.com/tia/ 		258 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/tia/tia.png
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:21:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Sep 2019 01:00:00 GMT
server
sffe
age
207005
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Sep 2024 19:21:54 GMT
tia.png
www.gstatic.com/inputtools/images/ 		151 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/inputtools/images/tia.png
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 20:49:30 GMT
x-content-type-options
nosniff
age
201749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/inputtools
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="inputtools"
vary
Origin
report-to
{"group":"inputtools","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/inputtools"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 20:49:30 GMT
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 		742 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 17:17:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Sep 2024 14:21:35 GMT
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 		660 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 04:51:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Apr 2020 22:00:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/webp
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
660
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 11 Sep 2023 04:51:59 GMT
gen_204
www.google.com/ 		0
232 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?ei=7pz-ZKq8OPmP9u8P6ZONgAs&vet=10ahUKEwiq6_Kw4aGBAxX5h_0HHelJA7AQhJAHCBo..s&bl=bgLg&s=webhp&gl=pt&pc=SEARCH_HOMEPAGE&isMobile=false
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-D-CQSYilapZqyDhrpDik2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-D-CQSYilapZqyDhrpDik2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Mon, 11 Sep 2023 04:51:59 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ 		775 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		236 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		686 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		338 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
www.google.com/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=7pz-ZKq8OPmP9u8P6ZONgAs&zx=1694407919133&opi=89978449
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-TFORSXT2k7bAdEBStKbyIg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-TFORSXT2k7bAdEBStKbyIg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Mon, 11 Sep 2023 04:51:59 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rs=AA2YrTszxV_5VMFUaEh4OLex-3Cy10nllw
www.gstatic.com/og/_/js/k=og.qtm.en_US.nx2Jnk1Ygb4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 		202 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.nx2Jnk1Ygb4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTszxV_5VMFUaEh4OLex-3Cy10nllw
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c4959eb6505f8128d923811a27c7a69f503835c80ce5ca77446014887dc3d77e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 09:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74338
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 01:36:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Sep 2024 09:00:44 GMT
rs=AA2YrTtfOtKifcJmQnNkq6t0R2Yv9F4pXg
www.gstatic.com/og/_/ss/k=og.qtm.EUdp1kxzvEQ.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/ss/k=og.qtm.EUdp1kxzvEQ.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTtfOtKifcJmQnNkq6t0R2Yv9F4pXg
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a625a8cdb2cdf16573fb6e0521a67ea8a58541e29ab8a7e595f41686de53af71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 01:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
638
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 01:36:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 01:58:13 GMT
gen_204
www.google.com/ 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=7pz-ZKq8OPmP9u8P6ZONgAs&rt=wsrt.1199,aft.352,afti.352,prt.113&wh=1200&imn=10&ima=3&imad=0&imac=0&imf=0&aft=1&aftp=1200&opi=89978449
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Ift1GqYA3zpZhrK7jETJHA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Ift1GqYA3zpZhrK7jETJHA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Mon, 11 Sep 2023 04:51:59 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.nx2Jnk1Ygb4.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTszxV_5VMFUaEh4OLex-3Cy10nllw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0a2267d907959bc0dd45938b71b5a43e42c365953fee9a9700a021fd08e7f346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 18:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41112
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 15:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Sep 2024 18:47:58 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Domain/Path Name / Value
tiktok.merth.quest/ Name: PHPSESSID
Value: 9a921268dee5540756f10a7b7435cdce
admoustache.media-412.com/ Name: afclick
Value: 64fe9cea87f899000122e2d6
fangthatsack.com/ Name: AWSALB
Value: E+GP/XfzS+mZRnREl+Gnx0u7Ww7unxlWtv8vGD8YVw6dv+wGiSmfOgQJFe5ru1LgtIe4LLFH60PTKjSnvWZ/hWE1q9dA4rUBs05/QE9fXsh4XdY9u6NJEynO+hHf
.fangthatsack.com/ Name: cf_clearance
Value: lLzKY7xlHxix9R3043rZ5ygfmDJK.U7morW_fkzT0dM-1694407915-0-1-ffb89fac.c4919857.ed914854-0.2.1694407915

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14ar.qy.xsl.pt
admoustache.media-412.com
apis.google.com
cdn.addlnk.com
fangthatsack.com
fonts.gstatic.com
go.savethereef.xyz
google.com
monkey.redirectmaster.com
polo.thegadgetguru.club
popcash.net
ps.popcash.net
pumpedwombat.net
t10.blowingwnd.com
t2.blowingwnd.com
t3.hightid.com
tiktok.merth.quest
www.berlindespraque.life
www.google.com
www.gstatic.com
104.21.52.38
142.250.185.174
142.250.185.238
142.250.186.35
168.119.90.96
172.217.16.131
172.67.185.188
188.114.97.3
190.92.141.36
198.134.116.30
213.13.30.100
216.58.206.36
34.141.137.168
44.196.247.245
51.161.115.163
51.68.82.147
51.83.143.92
64.227.23.114
99.198.108.194
0a2267d907959bc0dd45938b71b5a43e42c365953fee9a9700a021fd08e7f346
0c551cd6c97ac648d5546068a37fd6226f8ac26d3658de91f835a3c2139d5133
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c
563aa0b8404f3ddf00da01271388326b072114ad4b3cf7a4a8b0e5cd72d5c878
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
a625a8cdb2cdf16573fb6e0521a67ea8a58541e29ab8a7e595f41686de53af71
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
b8e4350dd6f49abca6c8e1dec5847378ebac367ff7a672a1e8d9492c6a5aabee
c4959eb6505f8128d923811a27c7a69f503835c80ce5ca77446014887dc3d77e
c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c