adsfacebook.net Open in urlscan Pro
2001:4860:4802:34::15 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://adsfacebook.net/
Submission Tags: falconsandbox
Submission: On November 06 via api (November 6th 2022, 5:28:22 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 43 HTTP transactions. The main IP is 2001:4860:4802:34::15, located in United States and belongs to GOOGLE, US. The main domain is adsfacebook.net.

This is the only time adsfacebook.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
43	11

7 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

adsfacebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

business.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com www.gstatic.com fonts.gstatic.com	544 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
7	adsfacebook.net adsfacebook.net	59 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 172 business.google.com — Cisco Umbrella Rank: 36574 play.google.com — Cisco Umbrella Rank: 67 Failed	63 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 164	578 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	438 B
43	7

	Domain	Requested by
10	www.gstatic.com	adsfacebook.net www.gstatic.com business.google.com
7	www.google-analytics.com	adsfacebook.net www.google-analytics.com
7	adsfacebook.net	adsfacebook.net www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com adsfacebook.net
5	lh3.googleusercontent.com	adsfacebook.net
2	business.google.com	apis.google.com adsfacebook.net
2	apis.google.com	adsfacebook.net apis.google.com
2	fonts.googleapis.com	adsfacebook.net
1	play.google.com	www.gstatic.com
1	stats.g.doubleclick.net	www.google-analytics.com
43	10

This site contains links to these domains. Also see Links.

Domain
support.google.com
www.google.com

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://adsfacebook.net/
Frame ID: B65753AA326FBECE202235B7AAFA81AF
Requests: 37 HTTP requests in this frame

Frame: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
Frame ID: 79291C816ADAEF5DDC3E4DD7F877A6D5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dịch vụ quảng cáo facebook - Công Ty Truyền Thông LUCMEDIA

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

43
Requests

65 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

1267 kB
Transfer

2114 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/business/answer/7388122
Title: Báo cáo lạm dụng

Search URL Search Domain Scan URL

URL: https://www.google.com/business/how-it-works/website
Title: Google

Search URL Search Domain Scan URL

URL: https://support.google.com/business/answer/9156388
Title: Tìm hiểu thêm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
adsfacebook.net/ 151 KB
52 KB 181ms
100ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cb9df7aa63d8e4c9663c03c8930929ac88752257e8b39dd75f51ddbaeb51101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SqglXHegli3OxQDqpYkZRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: script-src 'report-sample' 'nonce-SqglXHegli3OxQDqpYkZRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: unsafe-none
Date: Sun, 06 Nov 2022 05:28:16 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Pragma: no-cache
Server: ESF
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
x-ua-compatible: IE=edge

POST
H/1.1 403
Forbidden cspreport
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 77ms
59ms Other
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70faa32197968e8d84ec6280b829a9c6e015d361e70b9c3b20247a2725d3da83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 05:28:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden cspreport
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 84ms
66ms Other
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cc773eb3821b54e803ff486732928c80de95399988ec2c8455f0a96e39c8777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 05:28:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/ 180 KB
64 KB 131ms
11ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/m=_b,_tp,_r

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd26dde9cd16c7111353b9eb3fe330e7d06600113dcac3c8ecfd606411315523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65129
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 21:10:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:48:42 GMT

GET
H/1.1 200
OK icon
fonts.googleapis.com/ 615 B
995 B 30ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc8973bb72b4f92a7e4e16369962a6a6c4ccda070f92e511e26560dcb5e63418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 05:28:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 06 Nov 2022 05:28:16 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 06 Nov 2022 05:28:16 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 31ms
18ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f328cd743c90842766849121f6417e18b83d7aaefd9852c28a5472b401f51f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 06 Nov 2022 05:28:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 06 Nov 2022 05:28:16 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 06 Nov 2022 05:28:16 GMT

GET
H2 200 AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w1080-h608-p-no-v0
lh3.googleusercontent.com/p/ 124 KB
125 KB 159ms
39ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w1080-h608-p-no-v0

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94556b1c2f8a892f221648ce813a860238fe0ab1d3366ef816c04eb9fee8f54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022-11-02.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127388
x-xss-protection: 0
expires: Mon, 07 Nov 2022 05:28:17 GMT

GET
H2 200 AF1QipOn8CQc5eiZZzLNxBWmp3MNQt2UoeC-Mk6GAYTw=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
82 KB 152ms
31ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipOn8CQc5eiZZzLNxBWmp3MNQt2UoeC-Mk6GAYTw=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022-11-02.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
expires: Mon, 07 Nov 2022 05:28:17 GMT

GET
H2 200 AF1QipOYkAVVONIYb791t6fvt9QeaEre9a1pQetS7SWX=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 209 KB
209 KB 163ms
43ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipOYkAVVONIYb791t6fvt9QeaEre9a1pQetS7SWX=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70df2da4b3abb575901c2f0ba7351bcd0b1cdf7277cefdfe223999dee68c624d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="310154302_1648927065523560_4108835140149292331_n.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214041
x-xss-protection: 0
expires: Mon, 07 Nov 2022 05:28:17 GMT

GET
H2 200 AF1QipMSKxuizfCRjNWc1aYVatPNBRqvru8lJJwZ-WaZ=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
81 KB 184ms
64ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipMSKxuizfCRjNWc1aYVatPNBRqvru8lJJwZ-WaZ=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="298962292_1602129083536692_5162257130403801860_n.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
expires: Mon, 07 Nov 2022 05:28:17 GMT

GET
H2 200 AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
81 KB 160ms
41ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022-11-02.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
expires: Mon, 07 Nov 2022 05:28:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
11ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 05:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 06 Nov 2022 07:24:49 GMT

GET
H2 200 api.js Show response
www.gstatic.com/feedback/ 34 KB
14 KB 142ms
27ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/api.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cfe207ca5b174ca27cd19f85568d0f6473d72daae05594c5b4e7b06f9979de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13608
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 05 Nov 2022 11:49:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 17 KB
7 KB 113ms
25ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 05:28:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6890
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "de7c76c1ab2f4ad3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Nov 2022 05:28:17 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK rax_HiWKp9EAITukFsl8Axhf.woff2
fonts.gstatic.com/s/fugazone/v15/ 11 KB
12 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/fugazone/v15/rax_HiWKp9EAITukFsl8Axhf.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 03:08:35 GMT
X-Content-Type-Options: nosniff
Age: 94782
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11032
X-XSS-Protection: 0
Last-Modified: Thu, 21 Apr 2022 17:05:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 05 Nov 2023 03:08:35 GMT

GET
H/1.1 200
OK kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
160 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 13:24:41 GMT
X-Content-Type-Options: nosniff
Age: 144216
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 162924
X-XSS-Protection: 0
Last-Modified: Thu, 25 Aug 2022 00:15:09 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 04 Nov 2023 13:24:41 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 19:05:27 GMT
X-Content-Type-Options: nosniff
Age: 469370
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16740
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 31 Oct 2023 19:05:27 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 13 KB
13 KB 29ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 01:10:56 GMT
X-Content-Type-Options: nosniff
Age: 447441
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12972
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:15:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 01 Nov 2023 01:10:56 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 7 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 02:50:12 GMT
X-Content-Type-Options: nosniff
Age: 95885
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7136
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:26:34 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 05 Nov 2023 02:50:12 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 16ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=976670874&t=pageview&_s=1&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1914742313&gjid=1457827901&cid=596812674.1667712497&tid=UA-77246179-1&_gid=1423141860.1667712497&_r=1&_slc=1&cd1=64542724682214533&z=1493881980

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://adsfacebook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 128 KB
42 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 14:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42685
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 14:39:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=976670874&t=event&_s=2&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=primary-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=596812674.1667712497&tid=UA-77246179-1&_gid=1423141860.1667712497&cd1=64542724682214533&z=1854250754

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 23:24:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
12ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=976670874&t=event&_s=3&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=action-list-1&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=596812674.1667712497&tid=UA-77246179-1&_gid=1423141860.1667712497&cd1=64542724682214533&z=400083373

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 23:24:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=976670874&t=event&_s=4&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=bottom-action-list-1&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=596812674.1667712497&tid=UA-77246179-1&_gid=1423141860.1667712497&cd1=64542724682214533&z=1477568458

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 23:24:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=976670874&t=event&_s=5&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=action-list-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=596812674.1667712497&tid=UA-77246179-1&_gid=1423141860.1667712497&cd1=64542724682214533&z=655229459

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 23:24:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=976670874&t=event&_s=6&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=bottom-action-list-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=596812674.1667712497&tid=UA-77246179-1&_gid=1423141860.1667712497&cd1=64542724682214533&z=476943024

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 23:24:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 193ms
21ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77246179-1&cid=596812674.1667712497&jid=1914742313&gjid=1457827901&_gid=1423141860.1667712497&_u=YEBAAAAAAAAAACAAI~&z=868439086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 05:28:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://adsfacebook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KU... Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,sitevi... 259 KB
91 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,Z5uLle,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,MdUzUe,BVgquf,ovKuLd,hKSk3e,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,A7fCU,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aca48fbabe59857b797b88318e099e50fa53432a41faf9c1cc9d4ed5bab8c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92837
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:48:43 GMT

GET
H2 200 forms Show response
business.google.com/websites/ Frame 7929 36 KB
13 KB 113ms
64ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd48e1e988db9c774b12de7be355045c2597c963d17314b7d16575fc9a4bbef8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pHQ-5ZyoPGPpiAqTtjcfWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pHQ-5ZyoPGPpiAqTtjcfWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 06 Nov 2022 05:28:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-robots-tag: none
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 m=JbzNG Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 1 KB
576 B 16ms
12ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=JbzNG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ace944f91f40f8c6b0434f9769556dec51f4091d2c6f74d5626c04013a87057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 549
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:15:43 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 1 KB
722 B 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61ca26767e6a58815076bb34d183079cacd8b0973baaa76b6ac17492d545cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 695
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:15:43 GMT

POST
H3 204 cspreport
business.google.com/_/GeoMerchantPrestoSnapformsUi/ Frame 7929 0
26 B 85ms
64ms Other
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://business.google.com/_/GeoMerchantPrestoSnapformsUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v7id41SglDXpbxUvlc7YcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-v7id41SglDXpbxUvlc7YcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/ Frame 7929 164 KB
58 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/m=_b,_tp,_r

Requested by

Host: business.google.com
URL: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e187b98452a14876b71426e06827a0e109d17b7b84d9303829542f6aa823043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59214
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 21:10:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:49:06 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM... Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,sn... Frame 7929 224 KB
80 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,Z5uLle,xQtZb,JNoxi,kWgXee,MdUzUe,BVgquf,ovKuLd,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,A7fCU,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8114ed159081fd2e3932ad638baa85d8ba0931f2ef0ed1d9411cebba1c9041f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81824
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:03 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,... Frame 7929 6 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gZjhIf,gychg,hc6Ubd,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6fe89683f0e2cd465e6fee7df0943e7926a5c13ee90a8961b12632f00c865e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2872
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:03 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 6 KB
3 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392d73a1510dcdceabd344f0199875777a771f3b5c4700b226e8a816fc2d4cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:15:44 GMT

GET
H3 200 m=A4UTCb,VXdfxd,pxq3x,MFnxwd,f87Olb Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,... Frame 7929 57 KB
21 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gZjhIf,gychg,hc6Ubd,hhhU8,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,pxq3x,MFnxwd,f87Olb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8184159b1dd3ff5baa7d25e2934fdeb8fc447637b5d32b082cd2fc150e57c45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21291
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:03 GMT

POST log
play.google.com/ 0
0

POST
H2 200 log Show response
play.google.com/ Frame 7929 131 B
325 B 177ms
45ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://business.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 06 Nov 2022 05:28:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://business.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Nov 2022 05:28:17 GMT

POST
H/1.1 403
Forbidden browserinfo Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 61ms
60ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=8808959383094976573&bl=boq_geomerchantprestoserver_20221103.06_p0&hl=de&soc-app=698&soc-platform=1&soc-device=1&_reqid=19701&rt=j

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0a0d52528c3bd056a1e8764e7530d9683204b4de9e6b0b1bcf0c32e5950d963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 05:28:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden reporthttp4xxerror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 60ms
60ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/reporthttp4xxerror?url=http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D8808959383094976573%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D19701%26rt%3Dj&status=403&traceid

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

714c3f482a1d4f5fecee5447fd1fad859a253050387dd3d0b1a32e6ba092eb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 05:28:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden jserror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 66ms
65ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=tb%60http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D8808959383094976573%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D19701%26rt%3Dj%60403&line=Not%20available

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abbfa176c3c7685db9d3d7d19cc2108c697f57330d123397ae9b266a97df3a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 05:28:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden jserror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 61ms
61ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=There%20was%20an%20error%20during%20the%20transport%20or%20processing%20of%20this%20request.%20Error%20code%20%3D%20403%2C%20Path%20%3D%20%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ceye3%20owner%3D%27frameworks-web-alerts%27%2F%3E&line=Not%20available

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ba6e63fb232cc09f8259dd95558e9ceb7dd75d85c0600e6cc6b17a7054e5fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 05:28:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsfacebook.net/	1970-01-20 16:51:12	Name: _ga Value: GA1.2.596812674.1667712497
.adsfacebook.net/	1970-01-20 07:16:38	Name: _gid Value: GA1.2.1423141860.1667712497
.adsfacebook.net/	1970-01-20 07:15:12	Name: _gat Value: 1
.google.com/	1970-01-20 11:38:43	Name: NID Value: 511=U5zl4G_w1DKnQSm8_yyICb-FmenZaV0h0OaEGrPreI0uMBXuPiyXuqGJjUghFxqnwCJUmjxQqaJGr0H-Aj2q_7lBnpXvgXVRkqGp9BGkJWakPjjiV7hvJQhUcbIBLpJEFcxNfUFBF7NEQYPSc78XnnD1fJl6PjiV89MyFxOojTU
adsfacebook.net/	1970-01-20 07:58:24	Name: OTZ Value: 6756808_56_56__56_

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: http://adsfacebook.net/ Message: Refused to set the document's base URI to 'http://business.google.com/' because it violates the following Content Security Policy directive: "base-uri 'self'".
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: http://adsfacebook.net/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'http://adsfacebook.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=8808959383094976573&bl=boq_geomerchantprestoserver_20221103.06_p0&hl=de&soc-app=698&soc-platform=1&soc-device=1&_reqid=19701&rt=j Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/reporthttp4xxerror?url=http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D8808959383094976573%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D19701%26rt%3Dj&status=403&traceid Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=There%20was%20an%20error%20during%20the%20transport%20or%20processing%20of%20this%20request.%20Error%20code%20%3D%20403%2C%20Path%20%3D%20%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ceye3%20owner%3D%27frameworks-web-alerts%27%2F%3E&line=Not%20available Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=tb%60http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D8808959383094976573%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D19701%26rt%3Dj%60403&line=Not%20available Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SqglXHegli3OxQDqpYkZRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsfacebook.net
apis.google.com
business.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
play.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.gstatic.com
play.google.com
2001:4860:4802:34::15
2a00:1450:4001:801::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2001
2a00:1450:4001:829::200e
2a00:1450:400c:c0a::9c
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
1cc773eb3821b54e803ff486732928c80de95399988ec2c8455f0a96e39c8777
1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80
2ace944f91f40f8c6b0434f9769556dec51f4091d2c6f74d5626c04013a87057
2cb9df7aa63d8e4c9663c03c8930929ac88752257e8b39dd75f51ddbaeb51101
2cfe207ca5b174ca27cd19f85568d0f6473d72daae05594c5b4e7b06f9979de2
392d73a1510dcdceabd344f0199875777a771f3b5c4700b226e8a816fc2d4cef
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46
6aca48fbabe59857b797b88318e099e50fa53432a41faf9c1cc9d4ed5bab8c67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70df2da4b3abb575901c2f0ba7351bcd0b1cdf7277cefdfe223999dee68c624d
70faa32197968e8d84ec6280b829a9c6e015d361e70b9c3b20247a2725d3da83
714c3f482a1d4f5fecee5447fd1fad859a253050387dd3d0b1a32e6ba092eb34
79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
8114ed159081fd2e3932ad638baa85d8ba0931f2ef0ed1d9411cebba1c9041f8
8184159b1dd3ff5baa7d25e2934fdeb8fc447637b5d32b082cd2fc150e57c45b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba6e63fb232cc09f8259dd95558e9ceb7dd75d85c0600e6cc6b17a7054e5fd6
8e187b98452a14876b71426e06827a0e109d17b7b84d9303829542f6aa823043
94556b1c2f8a892f221648ce813a860238fe0ab1d3366ef816c04eb9fee8f54c
a0a0d52528c3bd056a1e8764e7530d9683204b4de9e6b0b1bcf0c32e5950d963
abbfa176c3c7685db9d3d7d19cc2108c697f57330d123397ae9b266a97df3a13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d
bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5
c6fe89683f0e2cd465e6fee7df0943e7926a5c13ee90a8961b12632f00c865e0
cc8973bb72b4f92a7e4e16369962a6a6c4ccda070f92e511e26560dcb5e63418
cd26dde9cd16c7111353b9eb3fe330e7d06600113dcac3c8ecfd606411315523
d61ca26767e6a58815076bb34d183079cacd8b0973baaa76b6ac17492d545cf5
dd48e1e988db9c774b12de7be355045c2597c963d17314b7d16575fc9a4bbef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f328cd743c90842766849121f6417e18b83d7aaefd9852c28a5472b401f51f9d

adsfacebook.net Open in urlscan Pro 2001:4860:4802:34::15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

65 %HTTPS

100 %IPv6

7 Domains

10 Subdomains

11 IPs

3 Countries

1267 kBTransfer

2114 kBSize

5 Cookies

3 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adsfacebook.net Open in urlscan Pro
2001:4860:4802:34::15 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

65 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

1267 kB
Transfer

2114 kB
Size

5
Cookies

43 HTTP transactions
1 data transactions