user.mofaso.site Open in urlscan Pro
172.93.185.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.mofaso.site/
Submission: On September 09 via automatic, source certstream-suspicious (September 9th 2023, 11:33:04 pm UTC) — Scanned from DE

Summary HTTP 62 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 62 HTTP transactions. The main IP is 172.93.185.174, located in Frankfurt am Main, Germany and belongs to NEXEON, US. The main domain is user.mofaso.site.
TLS certificate: Issued by R3 on September 9th 2023. Valid for: 3 months.

This is the only time user.mofaso.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	172.93.185.174 172.93.185.174	20278 (NEXEON) (NEXEON)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
62	12

17 172.93.185.174 (Frankfurt am Main, Germany)

ASN20278 (NEXEON, US)

user.mofaso.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 885 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 360	589 KB
17	mofaso.site user.mofaso.site	120 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	216 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1977	21 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	28 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	146 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180	598 B
0	googleapis.com Failed fonts.googleapis.com Failed
62	10

	Domain	Requested by
19	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
17	user.mofaso.site	user.mofaso.site
6	pagead2.googlesyndication.com	user.mofaso.site pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.facebook.com	user.mofaso.site static.xx.fbcdn.net
2	scontent.xx.fbcdn.net	www.facebook.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	user.mofaso.site www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
0	fonts.googleapis.com Failed	user.mofaso.site
62	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.modebijou.com
www.papapeinture.fr
www.larenovation.net
www.megaadresse.com
www.institutkurde.org
www.taxiprimo.com
www.kuyumcu.paris
www.opemoraira.com
www.h3ds.fr
www.imi7.com
www.developpeursweb.com
www.locationdesalle.net
www.parislouer.com
www.mozilla.org
kurdish.spampoison.com
www.polyglot-learn-language.com
ku.openoffice.org
dmoz.org
ku-tr.facebook.com
www.kurdishworld.com
musicmoz.org
www.netvibes.com
translators.netvibes.com
bnk.institutkurde.org
www.ferheng.org
ku.wikipedia.org
ku.wiktionary.org
www.rojname.com
ku.firatnews.com
www.avestakurd.net
www.netkurd.com
www.kurdistan-post.eu

Subject Issuer	Validity	Valid
user.mofaso.site R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-19` - `2023-09-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://user.mofaso.site/
Frame ID: E61721F591C3EC01EA5B5FAFD4471E5A
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttp%253A%252F%252Fwww.facebook.com%252Fkurdishworld%26width%3D585%26height%3D258%26colorscheme%3Dlight%26show_faces%3Dtrue%26border_color%3Dwhite%26stream%3Dfalse%26header%3Dfalse%26appId%3D110415902330876
Frame ID: 6E628A61886220C2E6CD36262BACE983
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 8CF96A6D4B79DAB4AF28FAB327799EB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640296510582567&output=html&adk=1812271804&adf=3025194257&lmt=1694295180&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fuser.mofaso.site%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694302380054&bpp=2&bdt=269&idt=249&shv=r20230906&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=27578787412&frm=20&pv=2&ga_vid=18988818.1694302380&ga_sid=1694302380&ga_hid=2058572724&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759837%2C44759875%2C44759926%2C44800659&oid=2&pvsid=4137982337754885&tmod=355614241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Frame ID: F476AFA1232CBC134EC66B02E0C131BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DB982CFAB7297301E937E035AB27877
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 250DAF5277507C20FCFA6EFDE93B7586
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rojbûna Kurdish World ! - Îsal 10 salî ye !

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

62
Requests

95 %
HTTPS

91 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

1126 kB
Transfer

3464 kB
Size

7
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/kurdishworld

Search URL Search Domain Scan URL

URL: https://www.modebijou.com/
Title: Mode Bijou

Search URL Search Domain Scan URL

URL: https://www.papapeinture.fr/
Title: Entreprise de Peinture

Search URL Search Domain Scan URL

URL: https://www.larenovation.net/
Title: Entreprise de rénovation

Search URL Search Domain Scan URL

URL: https://www.megaadresse.com/
Title: Annuaire Professionnel

Search URL Search Domain Scan URL

URL: https://www.institutkurde.org/
Title: Institut kurde

Search URL Search Domain Scan URL

URL: https://www.taxiprimo.com/
Title: Taxi Parisien

Search URL Search Domain Scan URL

URL: https://www.kuyumcu.paris/
Title: Paris Kuyumcu

Search URL Search Domain Scan URL

URL: https://www.opemoraira.com/
Title: OPE

Search URL Search Domain Scan URL

URL: https://www.h3ds.fr/
Title: Nettoyeur Scène de crime

Search URL Search Domain Scan URL

URL: https://www.imi7.com/
Title: Référencement Web

Search URL Search Domain Scan URL

URL: https://www.developpeursweb.com/
Title: Agence Developpeur Web Paris

Search URL Search Domain Scan URL

URL: http://www.locationdesalle.net/
Title: Location de salle Paris

Search URL Search Domain Scan URL

URL: http://www.parislouer.com/
Title: Louer à Paris

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/ku/firefox/fx/
Title: Firefoxa Kurdî

Search URL Search Domain Scan URL

URL: http://kurdish.spampoison.com/
Title: Spam Poison

Search URL Search Domain Scan URL

URL: http://www.polyglot-learn-language.com/
Title: Polyglot Language

Search URL Search Domain Scan URL

URL: http://ku.openoffice.org/
Title: Open Office

Search URL Search Domain Scan URL

URL: http://dmoz.org/World/Kurd%C3%AE/
Title: DMOZ

Search URL Search Domain Scan URL

URL: http://ku-tr.facebook.com/
Title: Facebooka Kurdî

Search URL Search Domain Scan URL

URL: http://www.kurdishworld.com/int/
Title: Kurdish World

Search URL Search Domain Scan URL

URL: http://musicmoz.org/Test/World/Kurd%EE/
Title: MusicMoz

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/
Title: Netvibes

Search URL Search Domain Scan URL

URL: http://translators.netvibes.com/
Title: Werger

Search URL Search Domain Scan URL

URL: http://www.megaadresse.com/contacts/gurden-france-drancy-106
Title: Gurden France - SociétéFrance Gurden

Search URL Search Domain Scan URL

URL: http://www.megaadresse.com/contacts/ozlem-snack-paris-10eme-5520
Title: Özlem Snack

Search URL Search Domain Scan URL

URL: http://bnk.institutkurde.org/
Title: Pirtukxaneya dijital a Kurdî

Search URL Search Domain Scan URL

URL: http://www.institutkurde.org/
Title: Enstituya kurdî ya Parîsê

Search URL Search Domain Scan URL

URL: https://www.ferheng.org/
Title: Ferheng.com

Search URL Search Domain Scan URL

URL: https://ku.wikipedia.org/
Title: Wîkîpedia kurdî

Search URL Search Domain Scan URL

URL: https://ku.wiktionary.org/
Title: Wiktionary kurdî

Search URL Search Domain Scan URL

URL: https://www.rojname.com/
Title: Rojname.com

Search URL Search Domain Scan URL

URL: https://ku.firatnews.com/
Title: Firat News

Search URL Search Domain Scan URL

URL: https://www.avestakurd.net/
Title: Avestakurd.net

Search URL Search Domain Scan URL

URL: http://www.netkurd.com/
Title: Netkurd.com

Search URL Search Domain Scan URL

URL: https://www.kurdistan-post.eu/
Title: Kurdistan Post

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.mofaso.site/ 21 KB
6 KB 124ms
94ms Document
text/html 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to

Full URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PHP/7.3.33 PleskLin
Resource Hash: 038f6a783fdca0f9d9622f9a1489c33a10b43c658643f567f68759d5261f327a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 5582
content-type: text/html; charset=UTF-8
date: Sat, 09 Sep 2023 23:32:59 GMT
server: nginx/1.24.0
vary: Accept-Encoding
x-powered-by: PHP/7.3.33 PleskLin

GET
H2 200 stylezz.css
user.mofaso.site/ 32 KB
6 KB 101ms
100ms Stylesheet
text/css 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to

Full URL: https://user.mofaso.site/stylezz.css
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: cd92f226ce31da8b3b5a332b2c30e3bbcf8f5d489d581a0098562f9ce964748b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
content-encoding: br
last-modified: Fri, 26 Sep 2014 15:24:29 GMT
server: nginx/1.24.0
etag: W/"5425852d-7f83"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=290304000, public, must-revalidate

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 50ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-290812-3

Requested by

Host: user.mofaso.site
URL: https://user.mofaso.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05402d81eb2c3c3e5efa959e7e4088445a010d1065fcd9f69ec71909d365fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68317
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Sep 2023 23:32:59 GMT

GET
H2 200 facebook_logo.png
user.mofaso.site/images/ 11 KB
11 KB 85ms
85ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/facebook_logo.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 0e06f55776d0cf134333044b8f0c432066da780970d338fa4dbda38a675c1dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Thu, 13 Dec 2012 15:33:39 GMT
server: nginx/1.24.0
etag: "50c9f553-2c94"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 11412

GET
H2 200 ballons.png
user.mofaso.site/images/ 12 KB
12 KB 89ms
88ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/ballons.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 7e5b799b082e94fc9b5c6137246c8971e488c11c242996283e17bec3c7497506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sun, 12 Feb 2012 23:57:52 GMT
server: nginx/1.24.0
etag: "4f385200-30f2"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 12530

GET
H2 200 dehsal.png
user.mofaso.site/images/background/ 22 KB
22 KB 99ms
98ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/dehsal.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: f9ff3d098f6df027122009dde31977030910e05c81ed06fdd87c5ceeb33632b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 23:22:31 GMT
server: nginx/1.24.0
etag: "4f36f837-5742"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 22338

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
50 KB 119ms
96ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: user.mofaso.site
URL: https://user.mofaso.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7f7244da32ca2fd686a92a4fcf72ed4d16c949b878134c2bb2ab64607ce472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50305
x-xss-protection: 0
server: cafe
etag: 9541280274358425791
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 23:32:59 GMT

GET
H2 200 serefsiz.jpg
user.mofaso.site/ 8 KB
8 KB 86ms
85ms Image
image/jpeg 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/serefsiz.jpg
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: c970d7c730d726681599ba5940bb33a000ef65fa0e01137df8ccb27b97801520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Tue, 04 Aug 2015 17:41:46 GMT
server: nginx/1.24.0
etag: "55c0f95a-20d2"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 8402

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 6E62 92 KB
27 KB 136ms
113ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876

Requested by

Host: user.mofaso.site
URL: https://user.mofaso.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e863d47c7414bc569e447613ebe90e1a3d8857eb37e2de98ccf454270b0831

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.mofaso.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 23:33:00 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ZlRnG3bAa9dMKyW0HpOZ4sForvr7J7V4lek589H9CCHJLY/rkOuoG0nMfuLFe4qaR6egwDUhn3kj442I2WmJHw==
x-xss-protection: 0

GET
H2 200 bg2.png
user.mofaso.site/images/background/ 473 B
689 B 88ms
86ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/bg2.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 038d8584ba9c2c936f71d08fbfa9963cd8a736b5a419162eb26b03824e8e41e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 23:11:38 GMT
server: nginx/1.24.0
x-accel-version: 0.01
etag: "1d9-4b8b85e093e80"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 473

GET
H2 200 back.png
user.mofaso.site/images/ 9 KB
9 KB 93ms
91ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/back.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 17fb4d7c818eeaf75214753f71a61b3fe145f75b3ed841eddf876b4b4e904472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 22:26:05 GMT
server: nginx/1.24.0
etag: "4f36eafd-2377"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 9079

GET
H2 200 cbg1.png
user.mofaso.site/images/background/ 1 KB
1 KB 85ms
83ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/cbg1.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 31ad1a6fc96aabae565b7097af318f7f8b7a534aa7d731a7bca25819af5f5f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 22:33:55 GMT
server: nginx/1.24.0
etag: "4f36ecd3-484"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 1156

GET
H2 200 cbg2.png
user.mofaso.site/images/background/ 2 KB
2 KB 106ms
105ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/cbg2.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: b6d38a1eb522cdb57e6ad70fbc288d52940552a8ea6e5501c89fcb7e785183b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
last-modified: Sat, 11 Feb 2012 22:33:30 GMT
server: nginx/1.24.0
etag: "4f36ecba-91e"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 2334

GET
H2 200 kurdishworld300.png
user.mofaso.site/images/ 21 KB
22 KB 105ms
105ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/kurdishworld300.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 92180f53180d5b424481ba54bc45927890caaa86b87d379d592133d3b1d1a4a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
last-modified: Sat, 11 Feb 2012 22:53:57 GMT
server: nginx/1.24.0
etag: "4f36f185-5596"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 21910

GET
H2 200 inbg1.png
user.mofaso.site/images/background/ 579 B
795 B 93ms
92ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/inbg1.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 896b1ad1cb3a62d30bbadee2c3dc165d92ddd141ba4e1bc2a26634bbf4a99aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 23:00:28 GMT
server: nginx/1.24.0
x-accel-version: 0.01
etag: "243-4b8b83619db00"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 579

GET
H2 200 inbg2.png
user.mofaso.site/images/background/ 728 B
944 B 91ms
90ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/inbg2.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 976cb394e5ae06e3c71d54566b844cb4ba13403aeebb15d6f0325dbe6bbdda2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 23:17:52 GMT
server: nginx/1.24.0
x-accel-version: 0.01
etag: "2d8-4b8b874540800"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 728

GET
H2 200 backrank.png
user.mofaso.site/images/background/ 14 KB
15 KB 89ms
88ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/backrank.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: aedc545837228e95b224552901096ec381f1e1644c97f90fa16bde1d6e12d634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Tue, 17 Apr 2012 23:59:50 GMT
server: nginx/1.24.0
etag: "4f8e03f6-39cc"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 14796

GET
H2 200 wbg.png
user.mofaso.site/images/background/ 1 KB
2 KB 101ms
100ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/wbg.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: fe874340b486cf22acce191298ad2d86dba87060d5595f47222f6770b986a12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
last-modified: Sat, 11 Feb 2012 23:19:33 GMT
server: nginx/1.24.0
etag: "4f36f785-592"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 1426

GET
H2 200 inbg3.png
user.mofaso.site/images/background/ 511 B
727 B 100ms
100ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/inbg3.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: 912960e58e85e09b6da369a74c90e6b1a4c8eb58079f66f4d45e03abd044740b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 23:19:08 GMT
server: nginx/1.24.0
x-accel-version: 0.01
etag: "1ff-4b8b878dbb300"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 511

GET
H2 200 cbg3.png
user.mofaso.site/images/background/ 360 B
576 B 90ms
90ms Image
image/png 172.93.185.174
NEXEON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.mofaso.site/images/background/cbg3.png
Requested by: Host: user.mofaso.site
URL: https://user.mofaso.site/stylezz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.93.185.174 Frankfurt am Main, Germany, ASN20278 (NEXEON, US),
Reverse DNS
Software: nginx/1.24.0 / PleskLin
Resource Hash: a5837a17a65ab97fa38b4dc772dba7547ffce93da744300fb1fc4c872459bf3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/stylezz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
last-modified: Sat, 11 Feb 2012 23:12:27 GMT
server: nginx/1.24.0
x-accel-version: 0.01
etag: "168-4b8b860f4ecc0"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=290304000, public, must-revalidate
accept-ranges: bytes
content-length: 360

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4ZD3787ESX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-290812-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aced11d648e1e528af0903f84c460db8c7b51ce46075a2454d0f1de8caf66278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:32:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Sep 2023 23:32:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-290812-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Sep 2023 21:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6196
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Sep 2023 23:49:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4ZD3787ESX&gtm=45je3960&_p=2058572724&cid=18988818.1694302380&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1694302379&sct=1&seg=0&dl=https%3A%2F%2Fuser.mofaso.site%2F&dt=Rojb%C3%BBna%20Kurdish%20World%20!%20-%20%C3%8Esal%2010%20sal%C3%AE%20ye%20!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZD3787ESX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 23:33:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.mofaso.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 17ms
16ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2058572724&t=pageview&_s=1&dl=https%3A%2F%2Fuser.mofaso.site%2F&ul=en-us&de=UTF-8&dt=Rojb%C3%BBna%20Kurdish%20World%20!%20-%20%C3%8Esal%2010%20sal%C3%AE%20ye%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=571597147&gjid=108311971&cid=18988818.1694302380&tid=UA-290812-3&_gid=2130777607.1694302380&_r=1&gtm=457e3960&jsscut=1&z=714990754

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.mofaso.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Sep 2023 23:33:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.mofaso.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640296510582567&plah=user.mofaso.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302eb78d27f69ae89d602ce184a4a3be0bb2485f20dc1c6c21e024850997e491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131797
x-xss-protection: 0
server: cafe
etag: 616616815755090823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Sep 2023 23:33:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 8CF9 10 KB
5 KB 47ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.mofaso.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 15:57:12 GMT
etag: 8554266389219770021
expires: Sat, 23 Sep 2023 15:57:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 SLRdboC1NRz.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame 6E62 21 KB
6 KB 36ms
10ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/SLRdboC1NRz.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa181d4bb9d60a1521e4caeca85866c48525aac4b06361ca2c0b85817c963ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UserrT2QfkGkuKWb3WoSHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5541
x-fb-debug: 8WnPFzfMK3Cn8DVErR3AQTTU0UN8sDx3UlnXLCo8NkjOgUzxNXpctWQq7tXSSzCCfCmjnN/xjpv2Uqprpu1h+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 08 Sep 2024 17:23:36 GMT

GET
H2 200 dBM1IdNUBui.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame 6E62 58 KB
12 KB 60ms
34ms Stylesheet
text/css 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/dBM1IdNUBui.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4379f7061f475f768cd62cc838bcdd3cb7043756b272444851a7f56b2392232

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4qHCnDWtv6Fhp3K98uAwAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12083
x-fb-debug: I5B6mUh69/kn7HYS72yqPMTDKBE97pyi/Fnh0L1/6FJfYTwYAikXp8tMG3GZlfuYisi7c8sXFBy7+mBnu7v9Xg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 08 Sep 2024 17:25:43 GMT

GET
H2 200 fU6GzGTKX9X.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 6E62 315 KB
84 KB 59ms
34ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/fU6GzGTKX9X.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d52d991d3dc6e1fe78b68e261a5a5fb47b3da5e8180be0dc75eb92c3f8ba50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: n9W4hWnXvVnFRcdEmoBDoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85876
x-fb-debug: pVx8sg9ZbpFX6iMO2Ad5ty0vEdfk1+f7CoSG6avN9V009Q4lbpDAi1qHeRU+s3qFEaEpcTtMGVbNpJnUKmkbcg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 03 Sep 2024 07:13:17 GMT

GET
H2 200 wWRM6M0Ji16.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 6E62 95 KB
27 KB 46ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/wWRM6M0Ji16.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda989a7ce240730a0713822b28be9c7a529bc69f15514dfd925f0e650664709

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cSvC7dgP+IAKNygEiYlecw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27717
x-fb-debug: 6ASIc0g9Gsx4NdmL0GWERJn3qQ3UlxggbBVBLmdE+BcmlOdI9I4Hw1TmzXRDySg0JfNoecba4JqnTt4awziovQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:07:13 GMT

GET
H2 200 Qto6lZB1h_E.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 6E62 5 KB
2 KB 35ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/Qto6lZB1h_E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fzNYTRpcsZeVNcWDrqrE9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: z73HTkQ/HZ2bMRQCRO+nxh6mxQnPsXHBwPpZ/VF95e2fY31cNeXQQEl1J4CyxWJStkTj4/cPj+Hezzn94QyhIw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 26 Aug 2024 04:08:23 GMT

GET
H2 200 y8iDz7XxdrL.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yB/l/de_DE/ Frame 6E62 102 KB
29 KB 36ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yB/l/de_DE/y8iDz7XxdrL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b20cf350a13665094c43dd0cb752f43f494e6457438a983894f4c056b58f3125

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +wA3Qs/+qR30Wt4Vhh/Dgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29991
x-fb-debug: oVpce+rX2HnzQwwLj1isDp2vNfR6AODD+yNn1Zvcu90iBD6nPKhDJlE3al8kLuo7BJvNeRepuDVALWqmbor1TA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:07:13 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6E62 507 B
484 B 62ms
37ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: jh0xIgcIiHBdjUCR26H/UfDPVwQreu/55QqInHemqhWfCq7xDHMlOT62GWNVcgTnYrqj90bbfoxho68sw4Dtig==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 29 Aug 2024 18:41:29 GMT

GET
H2 200 x-J4GW9p3-K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 6E62 50 KB
14 KB 61ms
36ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/x-J4GW9p3-K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f91b41b85237749c20e054caad339d8ec0cfd1e4c5b5ac129d0f2618e319200

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JZH9N8wokVrg9JyKrlxXVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14066
x-fb-debug: Hue8Ph707v1JY/NP7Rg6gqqtlulJ2ycRDfocbfI1TcpMN19oMZtcPgSsz59S2r5ag2LwPiJ86fmAVoSb7yhnsA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:07:13 GMT

GET
H2 200 k_3JxT-AW1I.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLNf4/yb/l/de_DE/ Frame 6E62 235 KB
66 KB 60ms
35ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/yb/l/de_DE/k_3JxT-AW1I.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24448822c122529061500b4a771115890113e27debdae6ca40b665637d5d79a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fzLBwiDZ5sxOgJHmg5G0xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 67153
x-fb-debug: dfIiGN2iT/1LmeuwJS21TgQLslAoiUQZnrWO68krTM0JqqrwuVbP03cazJAftX8xeVd6pkpEsaXpI1CwbnXI1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:07:13 GMT

GET
H2 200 WMsZOCMa-Lc.js Show response
static.xx.fbcdn.net/rsrc.php/v3izqU4/yT/l/de_DE/ Frame 6E62 341 KB
81 KB 61ms
36ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3izqU4/yT/l/de_DE/WMsZOCMa-Lc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8bff909464bd053c057897761fe48d845e2fa199a1f95e1e0254bd02b32f9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Z0BIlqvpe+DyKtlhvQ+JpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82555
x-fb-debug: a3jwVgyouyO1UETyUNoDkHngFFkgnnJeRRJd/lLMN51u8BWMIliyPUs7fR3URz1QNditZ0IwBjFn+OdFp4CT8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 01:45:27 GMT

GET
H2 200 dgLW46OWpUz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUWb4/ym/l/de_DE/ Frame 6E62 394 KB
93 KB 45ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/ym/l/de_DE/dgLW46OWpUz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09e20f08dedf17490ba920cd5e70927757b370f97ddb25058b1255158d382003

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +09XQy4UBdn/SxUwEVA6GA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95268
x-fb-debug: mkW1Ov7AaG5argz7ob4FjhUsshV1tRXU/g6tE1KOEVJ4kj8pJG+qZHI7neg4SlZV7Dwp4nvfcY9sYtINe1THpg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 05 Sep 2024 06:54:07 GMT

GET
H2 200 ub8Vm923ZBi.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 6E62 13 KB
5 KB 59ms
35ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/ub8Vm923ZBi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14ed70f8c180e6902cf9972890673647889a0631e60589e28f696138f7332228

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5Q9BkoecEqBGrRu1L2u2cw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4552
x-fb-debug: xYJt3vwjNXjE/OaxSWUL1HWWK9mL9yX13duY5nUXxQUn8/zm6qc3AIFQod+kk8+t6Wr/vlY2wS+CCzzvDks9XA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:07:23 GMT

GET
H2 200 _TD-JJIWHWN.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yf/l/de_DE/ Frame 6E62 42 KB
13 KB 59ms
35ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yf/l/de_DE/_TD-JJIWHWN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9971ad3f7a25388a4e2bdce423f944e069cac8bc63df26946f78eec5a00cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wFEdl0/Mg3vQ6eKm0RDeqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13069
x-fb-debug: UZ94VitcU4aE1yRvkX1tBvIZJxNbv3IGPnTJxZUSzY0igtrq40F0wmBpKS7pMI3HrFYp3gDA+Jlq86qkiRE41g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 19:12:08 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 6E62 55 KB
15 KB 60ms
36ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
x-fb-debug: 0aPwWy1yEmxBvVOcnKYltT3G9j8BkUALgofcOgJZVVmqyeS8kh3qojX/V8HMetfnwdE5VzErreVrMEOw8kj8/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 04 Sep 2024 17:54:28 GMT

GET
H2 200 308603092_532324292228256_1475050186752777412_n.png
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 6E62 46 KB
47 KB 133ms
116ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/308603092_532324292228256_1475050186752777412_n.png?stp=dst-png_p261x260&_nc_cat=106&ccb=1-7&_nc_sid=649c01&_nc_ohc=Mbu2432Gs90AX-ifEIk&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfBii6zfe3oAp3E5awp5LO8zLitXMm4AkK6rN5g6dH2iPA&oe=65016AB9
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 980eddd8bd55fce514a0504e3c2f0cc53ef9cf8e516813a0dea6246cb812643e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 24 Sep 2022 02:46:43 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=2594485664
thrift_fmhk: GBDsY2yqBLaAJs89WnYun5KQFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: Ck4Lm7MLytzjP1Cdw9EzBD9eCbc-XKUOgj3Bc5fkhQJdOayPPb9Xj5ylvKDakk-DtEJ2uzrAiTzw55j1Pxz_fdZjDoCimNZYYmXG6N-igcg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1163932883
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 47457

GET
H2 200 305578697_532324288894923_2573277610185521154_n.png
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 6E62 4 KB
4 KB 137ms
123ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/305578697_532324288894923_2573277610185521154_n.png?stp=cp0_dst-png_p50x50&_nc_cat=109&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=ITe7Hgv3EXQAX8D8-xO&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfCbDd3e133nrwFk6IQ_Ru6YhmhTP3VDt2R6nT5lJjj8xw&oe=6502C0CE
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b41bfc263a27bc28cd4ea244a2b3407c0e63c6ed0eeb6487c9c2dc6428c1a5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 24 Sep 2022 02:46:43 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=1437476970
thrift_fmhk: GBC5qOzDXX7oQowfqAvvGv8NFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: IOTszmh4pkN6dqAwoGRb-CVQwvhxRB2U0UjXXXvM1SkRYj9Ve17gQxMZH3HmD4ECBDgzQjuh4xyMnXsSL8DIa9HCfB27poopKfokbvw-lYw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3971816470
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3921

GET
H3 200 odN6yT5qyq_.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 6E62 1 KB
1 KB 17ms
7ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/odN6yT5qyq_.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/SLRdboC1NRz.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/SLRdboC1NRz.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
x-content-type-options: nosniff
content-md5: jWtlBZOXpZs9LMNqqzeJoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1341
x-fb-debug: Ddf8ubZN9t7jhimAjbgvuZWZWC1qH0D9VlrJ6uc5idXUQ+TJ9DILBgKBHfQGzH0CWEaxiMUAk893ralALDymXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1,i
expires: Sun, 08 Sep 2024 16:58:48 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 6E62 899 B
851 B 46ms
45ms XHR
application/x-javascript 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=402408563254518&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yB/l/de_DE/y8iDz7XxdrL.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aadadbe86ac88fd5115ba60704032c2a20dfd8cb965b3f5a9b0ed167c354a218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: uZFNQIPu7f1bIiIxzoGWYv
Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876
X-ASBD-ID: 129477
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Sep 2023 23:33:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: xuX37qrq/uS8JZmegxe4rn9theB7mB4ghy/kNmdEZf6epurhTUB3uyDJ2Uo5p4zphkL5kX06Cv13XNibmFZIJQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 6E62 12 KB
12 KB 7ms
7ms Image
image/png 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/dBM1IdNUBui.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/dBM1IdNUBui.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-debug: FPr+4QGud61waZPs16ywl3HC990oqBrStcU4NVDHyWz7K2wUsjRBIoIl7i8eaEjbSiGOCygtHkrPRc//QsDuBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Sep 2024 04:14:08 GMT

GET
H2 200 Zj4GuFghQl4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 6E62 12 KB
4 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/fU6GzGTKX9X.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dBSAisRg2e2k/EbKxbTt7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3450
x-fb-debug: 9bv2Z2urWqKxCVmqHigF6c1GFm2Lxn/oa0eEi96JqKjTlQ1uTxR1WKqoymVwAbEu7ag3JF9twWcmb/PKgFW4zw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 07 Sep 2024 12:26:21 GMT

GET
H2 200 InF7QPIKAxe.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 6E62 338 KB
73 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/InF7QPIKAxe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/fU6GzGTKX9X.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2e5878ccb3c79ee989e7ff4667123dc7435b54579f14093a597f7d4a8d06d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TBJ4FwfN4knXLfxQCDACLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74733
x-fb-debug: Y8N4EpZblpA8VldQF2FOD3aX5PowKnRmk5bM4xax49m13ne6vO/BVDms01LcppCSDrbn8fMUgqijzQOxzmqPoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 29 Aug 2024 19:47:22 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 6E62 198 B
337 B 7ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/fU6GzGTKX9X.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-debug: B+GaVIJZe4xc5Qq6g98+tiMDpSJPpINVKhit63fEvuxpmA5fQVzqG1aezpK0LQs44YBt9BaUCjNRtI+v6qVPvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 31 Aug 2024 18:05:12 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 6E62 0
0 218ms
218ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttp%253A%252F%252Fwww.facebook.com%252Fkurdishworld%26width%3D585%26height%3D258%26colorscheme%3Dlight%26show_faces%3Dtrue%26border_color%3Dwhite%26stream%3Dfalse%26header%3Dfalse%26appId%3D110415902330876

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/fU6GzGTKX9X.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Sep 2023 23:33:00 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: NSxcoQCBDBfZqyeitHwnlIYIIbcl66Cb6FjkQDivl5bQZ4H0j0uRaBeTPdHjPmU7aRXVbcMxPQkyvd0Y5wR3jw==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
598 B 54ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=user.mofaso.site&callback=_gfp_s_&client=ca-pub-1640296510582567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640296510582567&plah=user.mofaso.site

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8944cf9bd1e1ff7f2a3016d8d6f8a37f5250ef6ad2493f0e7ba85641df8abed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F476 603 B
218 B 60ms
60ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640296510582567&output=html&adk=1812271804&adf=3025194257&lmt=1694295180&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fuser.mofaso.site%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694302380054&bpp=2&bdt=269&idt=249&shv=r20230906&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=27578787412&frm=20&pv=2&ga_vid=18988818.1694302380&ga_sid=1694302380&ga_hid=2058572724&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759837%2C44759875%2C44759926%2C44800659&oid=2&pvsid=4137982337754885&tmod=355614241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.mofaso.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 23:33:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST bz
www.facebook.com/ajax/ Frame 6E62 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 75ms
59ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61a2fe56571ca2b18e04d643dac858d9187153d468d439fdbf0367d08349b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11718
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Sep 2023 23:33:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DB9 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user.mofaso.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 17:49:26 GMT
expires: Sun, 08 Sep 2024 17:49:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 250D 829 B
1 KB 41ms
17ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8b273bb52a8f4cc6c04b3d9d362f54713f9cc75efe3b85b9c1b0f0cd6585700

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w2jE7L8kfDmzVDk1UFU_fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://user.mofaso.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-w2jE7L8kfDmzVDk1UFU_fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Sep 2023 23:33:00 GMT
expires: Sat, 09 Sep 2023 23:33:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DB9 37 KB
14 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 17:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Sep 2024 17:02:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 250D 0
0 47ms
46ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=4137982337754885&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3DB9 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vIS9tA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:33:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 3254ms
3253ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=4137982337754885&bg=!paalpunNAAa6D61Rmg87ADQBe5WfOLzKbP8cVctLe-XMYWMnnzfEAzhATr6ttBrErvGy3UsP1dK8LlJKPKZgoQzT5kpnAgAAAHdSAAAAFGgBBwoATZI_1xTqaJ2ivb8Z0rI-UKmhD5_9T0cjZqP3WFofm-Nt9sgohvU_MHDnUoekuKOE8gx8pnmcw0WKvFmDn1ZFA5ZJVAsePnMNOBWZFvu_mQLBBBdr1yZwdu-OA-yoJSqrpJftZ6seVu-RNJsOYLXP09tnD9whn4tovfr2qggYR6iXM4MfhpfYn0JYF-H5mhdVvkKFVgxnCaj7KdBKCJwWxJMmfsmeHf8Lu31nvr-ZXelMZAvrpN9Nb8mpEW8EE8Vy6plmkLGuRng8Unc6s1b4lFGWFspUwmDX3BHPANJGTbezo8rD4mPh8WSX7fPtIgfS_z4zt462u5fYIDXjBRWy_Qjm6PLhtHiludyi-Rw-iYFSQmRcynxqgcmapySR1SGi8rf-2QMEWl2etm7CcMjLD4FT-gqefTYUeFV4XA_xkT5D48rXvPBadd68M8cYa4oIIIQtlWgGxDELauFnaSYtkgZNELAmBuvQ_uDH68ChRwKJCQXtYELGh7yTyJyhZEyWPmM0ZXwCG7aylgWzq7sK2hsSW4CtDBZYJIqK3LCUGTSRv3SDIjnfmGBL9Ql0sTqc7uzBxOB1oK3jU0eK7RvAk6HdZ14ITZKOQ5-EzUcANsYS7b405Z1rYlt60idQ_x0CAwREylZqGyHJnsxniK3-B-McFnFfJ9xstzkELuP07hYOz9edvzNOdtSA-eOpwF-zly07rrxUbl4e8jihJZ2jnI9psIhuWBlWlJgZOIj3Vf36NKwbbZqH0lVwAJe8x2wXa2EA1II3MhCGNnsla4HgA5B8Zm9IrYDzpIBcsLosciQZBeYgzoDNcFgYdrJXVRXBBJzGTvri6WDyY363zV3zX_qZZqeQN8Wok4WNZZqOl4Ps_Jr10UD1BOQBz8Dw_CSJIY0ToO_jqaAYS8UyXzvtpy7MwyLFmN9kznUYEbm7tJm5YUqidoQdpj60Z3eoeZD7i7-KoK5z-4NE2NrEDL50a1bgeT8053X0VH6xhGqaxXQ8xBCGWFXaToi1TMrK1kbYHjxyO8Wod3el43IIuhtTp6O2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.mofaso.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Arvo:400,700

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__hs=19609.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7276973307768488224&__req=2&__rev=1008547057&__s=%3A%3Axmxj5c&__sp=1&__user=0&dpr=1&jazoest=21979&lsd=uZFNQIPu7f1bIiIxzoGWYv

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__hs=19609.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7276973307768488224&__req=3&__rev=1008547057&__s=%3A%3Axmxj5c&__sp=1&__user=0&dpr=1&jazoest=21979&lsd=uZFNQIPu7f1bIiIxzoGWYv

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mofaso.site/	1970-01-21 00:14:22	Name: _ga_4ZD3787ESX Value: GS1.1.1694302379.1.0.1694302379.0.0.0
.mofaso.site/	1970-01-21 00:14:22	Name: _ga Value: GA1.2.18988818.1694302380
.mofaso.site/	1970-01-20 14:39:48	Name: _gid Value: GA1.2.2130777607.1694302380
.mofaso.site/	1970-01-20 14:38:22	Name: _gat_gtag_UA_290812_3 Value: 1
.mofaso.site/	1970-01-20 23:59:58	Name: __gads Value: ID=8c37f55ee623c382-22c338526dde00a9:T=1694302380:RT=1694302380:S=ALNI_MasIGsutm_3B8Ozc3Mov5Af1DsPUw
.mofaso.site/	1970-01-20 23:59:58	Name: __gpi Value: UID=00000c718771b537:T=1694302380:RT=1694302380:S=ALNI_MacnPO3eZUakgd7ekntezPmJsNeDA
.doubleclick.net/	1970-01-20 14:38:23	Name: test_cookie Value: CheckForPermission

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://user.mofaso.site/ Message: Mixed Content: The page at 'https://user.mofaso.site/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Arvo:400,700'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://user.mofaso.site/(Line 188) Message: Mixed Content: The page at 'https://user.mofaso.site/' was loaded over HTTPS, but requested an insecure frame 'http://www.youtube.com/embed/4edOeqIcWpM'. This request has been blocked; the content must be served over HTTPS.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640296510582567&output=html&adk=1812271804&adf=3025194257&lmt=1694295180&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fuser.mofaso.site%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694302380054&bpp=2&bdt=269&idt=249&shv=r20230906&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=27578787412&frm=20&pv=2&ga_vid=18988818.1694302380&ga_sid=1694302380&ga_hid=2058572724&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759837%2C44759875%2C44759926%2C44800659&oid=2&pvsid=4137982337754885&tmod=355614241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265 Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
scontent.xx.fbcdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
user.mofaso.site
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
fonts.googleapis.com
www.facebook.com
172.93.185.174
2001:4860:4802:32::36
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
038d8584ba9c2c936f71d08fbfa9963cd8a736b5a419162eb26b03824e8e41e7
038f6a783fdca0f9d9622f9a1489c33a10b43c658643f567f68759d5261f327a
05402d81eb2c3c3e5efa959e7e4088445a010d1065fcd9f69ec71909d365fef4
05e863d47c7414bc569e447613ebe90e1a3d8857eb37e2de98ccf454270b0831
09e20f08dedf17490ba920cd5e70927757b370f97ddb25058b1255158d382003
0e06f55776d0cf134333044b8f0c432066da780970d338fa4dbda38a675c1dc8
14ed70f8c180e6902cf9972890673647889a0631e60589e28f696138f7332228
17fb4d7c818eeaf75214753f71a61b3fe145f75b3ed841eddf876b4b4e904472
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
24448822c122529061500b4a771115890113e27debdae6ca40b665637d5d79a5
302eb78d27f69ae89d602ce184a4a3be0bb2485f20dc1c6c21e024850997e491
31ad1a6fc96aabae565b7097af318f7f8b7a534aa7d731a7bca25819af5f5f83
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
4a9971ad3f7a25388a4e2bdce423f944e069cac8bc63df26946f78eec5a00cd3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e5b799b082e94fc9b5c6137246c8971e488c11c242996283e17bec3c7497506
8944cf9bd1e1ff7f2a3016d8d6f8a37f5250ef6ad2493f0e7ba85641df8abed7
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
896b1ad1cb3a62d30bbadee2c3dc165d92ddd141ba4e1bc2a26634bbf4a99aee
912960e58e85e09b6da369a74c90e6b1a4c8eb58079f66f4d45e03abd044740b
92180f53180d5b424481ba54bc45927890caaa86b87d379d592133d3b1d1a4a9
976cb394e5ae06e3c71d54566b844cb4ba13403aeebb15d6f0325dbe6bbdda2d
980eddd8bd55fce514a0504e3c2f0cc53ef9cf8e516813a0dea6246cb812643e
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f91b41b85237749c20e054caad339d8ec0cfd1e4c5b5ac129d0f2618e319200
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a5837a17a65ab97fa38b4dc772dba7547ffce93da744300fb1fc4c872459bf3e
a8bff909464bd053c057897761fe48d845e2fa199a1f95e1e0254bd02b32f9b4
aadadbe86ac88fd5115ba60704032c2a20dfd8cb965b3f5a9b0ed167c354a218
aced11d648e1e528af0903f84c460db8c7b51ce46075a2454d0f1de8caf66278
ae7f7244da32ca2fd686a92a4fcf72ed4d16c949b878134c2bb2ab64607ce472
aedc545837228e95b224552901096ec381f1e1644c97f90fa16bde1d6e12d634
b20cf350a13665094c43dd0cb752f43f494e6457438a983894f4c056b58f3125
b41bfc263a27bc28cd4ea244a2b3407c0e63c6ed0eeb6487c9c2dc6428c1a5a2
b4379f7061f475f768cd62cc838bcdd3cb7043756b272444851a7f56b2392232
b6d38a1eb522cdb57e6ad70fbc288d52940552a8ea6e5501c89fcb7e785183b3
bda989a7ce240730a0713822b28be9c7a529bc69f15514dfd925f0e650664709
c2e5878ccb3c79ee989e7ff4667123dc7435b54579f14093a597f7d4a8d06d83
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8b273bb52a8f4cc6c04b3d9d362f54713f9cc75efe3b85b9c1b0f0cd6585700
c970d7c730d726681599ba5940bb33a000ef65fa0e01137df8ccb27b97801520
cd92f226ce31da8b3b5a332b2c30e3bbcf8f5d489d581a0098562f9ce964748b
d52d991d3dc6e1fe78b68e261a5a5fb47b3da5e8180be0dc75eb92c3f8ba50e1
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f61a2fe56571ca2b18e04d643dac858d9187153d468d439fdbf0367d08349b45
f9ff3d098f6df027122009dde31977030910e05c81ed06fdd87c5ceeb33632b2
fa181d4bb9d60a1521e4caeca85866c48525aac4b06361ca2c0b85817c963ebc
fe874340b486cf22acce191298ad2d86dba87060d5595f47222f6770b986a12d

user.mofaso.site Open in urlscan Pro 172.93.185.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

91 %IPv6

10 Domains

13 Subdomains

12 IPs

2 Countries

1126 kBTransfer

3464 kBSize

7 Cookies

36 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user.mofaso.site Open in urlscan Pro
172.93.185.174 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

91 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

1126 kB
Transfer

3464 kB
Size

7
Cookies

62 HTTP transactions
0 data transactions