urlscan.io logo urlscan.io
SecurityTrails logo

detective-fee-investigation-427359651.today Open in urlscan Pro
2606:4700:3037::6815:4cf3  Public Scan

Go To Rescan Add Verdict Report
URL: https://detective-fee-investigation-427359651.today/
Submission: On July 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3037::6815:4cf3, located in United States and belongs to CLOUDFLARENET, US. The main domain is detective-fee-investigation-427359651.today.
TLS certificate: Issued by WE1 on July 8th 2024. Valid for: 3 months.
This is the only time detective-fee-investigation-427359651.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700:3037::6815:4cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
detective-fee-investigation-427359651.today
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2104:c000:2:17ff:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
ob.togreencolumn.com
1    2606:4700:3108::ac42:28bf (United States)

ASN13335 (CLOUDFLARENET, US)
www.relevantlinks.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
5    2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.togreencolumn.com
2    13.225.78.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-126.fra2.r.cloudfront.net
81bx0feo6k.execute-api.us-west-2.amazonaws.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    95.100.146.26 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-26.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
1    23.43.85.204 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-204.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
8 detective-fee-investigation-427359651.today
detective-fee-investigation-427359651.today
39 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
psb.taboola.com — Cisco Umbrella Rank: 9372
trc.taboola.com — Cisco Umbrella Rank: 1123
trc-events.taboola.com — Cisco Umbrella Rank: 3272
24 KB
6 togreencolumn.com
ob.togreencolumn.com — Cisco Umbrella Rank: 70865
obs.togreencolumn.com — Cisco Umbrella Rank: 65340
40 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
142 KB
3 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 6209
721 B
2 amazonaws.com
81bx0feo6k.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 72570
672 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5754
www.googleadservices.com — Cisco Umbrella Rank: 176
306 B
2 google.com
www.google.com — Cisco Umbrella Rank: 10
76 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 10256
964 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
24 B
1 relevantlinks.net
www.relevantlinks.net — Cisco Umbrella Rank: 317987
36 KB
39 12
Domain Requested by
8 detective-fee-investigation-427359651.today detective-fee-investigation-427359651.today
5 analytics.tiktok.com detective-fee-investigation-427359651.today
analytics.tiktok.com
5 obs.togreencolumn.com ob.togreencolumn.com
detective-fee-investigation-427359651.today
analytics.tiktok.com
4 trc-events.taboola.com analytics.tiktok.com
3 syndicatedsearch.goog www.google.com
2 81bx0feo6k.execute-api.us-west-2.amazonaws.com detective-fee-investigation-427359651.today
2 www.google.com 1 redirects detective-fee-investigation-427359651.today
1 analytics.pangle-ads.com analytics.tiktok.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 cdn.taboola.com detective-fee-investigation-427359651.today
1 www.google.de detective-fee-investigation-427359651.today
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 partner.googleadservices.com www.google.com
1 www.relevantlinks.net detective-fee-investigation-427359651.today
1 ob.togreencolumn.com detective-fee-investigation-427359651.today
39 17

This site contains no links.

Subject Issuer Validity Valid
detective-fee-investigation-427359651.today
WE1		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.togreencolumn.com
Amazon RSA 2048 M02		 2024-06-17 -
2025-07-16		 a year crt.sh
relevantlinks.net
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
*.googleadservices.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
syndicatedsearch.goog
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.execute-api.us-west-2.amazonaws.com
Amazon RSA 2048 M03		 2024-05-13 -
2025-06-10		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-16 -
2024-12-31		 6 months crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1		 2023-08-10 -
2024-09-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://detective-fee-investigation-427359651.today/
Frame ID: 482CE37610C19011C7C372A5AE08E87C
Requests: 35 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adsafe=medium&psid=5733297675&pcsa=false&channel=seg14&client=dp-domainactive_60_3ph_xml&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fcaf_results%3D1%26uuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0%26sqs%3D%26tpct%3D%26atxt%3D%26at2%3D60%26at3%3Dseg14%26rfpi%3D%26ct%3D184%26at4%3D5733297675%26sescnt%3D1&type=3&uiopt=false&swp=as-drid-2837577183518028&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r1&nocache=2591722110780536&num=0&output=afd_ads&domain_name=detective-fee-investigation-427359651.today&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1722110780537&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=kwBlock1&drt=0&jsid=caf&nfp=1&jsv=652824369&rurl=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0
Frame ID: 5D23F086B0556072197FA1E0520DFB86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

90 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

15
IPs

4
Countries

360 kB
Transfer

1009 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.googleadservices.com/pagead/conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw6wMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjRodHRwczovL2RldGVjdGl2ZS1mZWUtaW52ZXN0aWdhdGlvbi00MjczNTk2NTEudG9kYXkv HTTP 302
  • https://www.google.com/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw6wMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjRodHRwczovL2RldGVjdGl2ZS1mZWUtaW52ZXN0aWdhdGlvbi00MjczNTk2NTEudG9kYXkv&is_vtc=1&cid=CAQSGwDaQooL8Cn-qApOGCcc5T5_2J5DwemB-Ga_gg&random=2777304915 HTTP 302
  • https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw6wMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjRodHRwczovL2RldGVjdGl2ZS1mZWUtaW52ZXN0aWdhdGlvbi00MjczNTk2NTEudG9kYXkv&is_vtc=1&cid=CAQSGwDaQooL8Cn-qApOGCcc5T5_2J5DwemB-Ga_gg&random=2777304915&ipr=y

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
detective-fee-investigation-427359651.today/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://detective-fee-investigation-427359651.today/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df7f36297d063e47c8493c43b7617e217e213bfdd0a9a094803caa76772f8bb7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a9f3fd83b673719-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jul 2024 20:06:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjgcwYQGYAKSODUvNtPCIuaWGlmaZdqKX6ILAeAtIMWtjBIOVqHxm8qXO9EO%2FWANYJOcgKk5uT4JRkrksIQuBQj8AlRsSNx4biLbGGZsSy0q9QsnKbBaIFfYPGjrt4ifDnKPqLY8zoo0MqbmSOwNo3Vv4Tgqp8jlI5oWaq9wHwRnSKKFxiscO2uh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAOkfkOV3lsGKqQ9j5bagzq3wjNQNxWwn/esVXnQFKykdGNnnz7w5UeA2I4OuWHWvh0oBKk747TbfSyNssqOrybkCAwEAAQ==_txXA+fOKObvvMU2gk6G8NT6v88ci+aaWFZyvotcn0yjhPrbnEz/CkZRAZrbU4DN7Z0Ebx3g3hKCQOSUGCmsXWA==
caf.js
www.google.com/adsense/domains/ 		196 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8964443adeb947f5ca8084903e634bb91bd905abf5acc0f73c58f6f065b23a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"330119473028373510"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://syndicatedsearch.goog>; rel="preconnect"
expires
Sat, 27 Jul 2024 20:06:20 GMT
jquery-3.4.1.min.js
detective-fee-investigation-427359651.today/include/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://detective-fee-investigation-427359651.today/include/jquery-3.4.1.min.js
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 08 Jul 2024 19:03:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15850-61cc110e56980-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8G%2Fau96scuvgxgrbozbDWICtQGT3sEc4sG2JKfVWQIgsNJm3tIOUg41w3VQ0AD9vQAtsS%2Fw85gT02hODx%2FZNwg6uBaS093oMH2xsaqkNlhQDzJk1P%2FfuLOrffLnfoWO31b7qiI%2FLaFzJDeWNHIVwQXhsm6QMHB7xccqeTdspbawb75Gy9WEkrYZ1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9f3fd9bd1e3719-FRA
alt-svc
h3=":443"; ma=86400
content-length
30675
6e3a82979a1e73c3323cc8d1a4e46b46.js
ob.togreencolumn.com/i/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.togreencolumn.com/i/6e3a82979a1e73c3323cc8d1a4e46b46.js
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c000:2:17ff:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
78fa6bbe20e850d444ea21967f075697dcfa4f92726f1b646b12be2fe848c9dd

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 18:18:27 GMT
content-encoding
gzip
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
AMS1-C1
age
6473
etag
"19f6a-kX9ZbTlggK2CEy8sYUnSk1y9G4A"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
38833
x-amz-cf-id
5HYSS2SPBnkIVaY3taYi1rAiP2guoXCug2go-gBgkYtROkDdZ2jbLA==
expires
Sun, 28 Jul 2024 06:18:27 GMT
8424.jpg
www.relevantlinks.net/img.php/image_id/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.relevantlinks.net/img.php/image_id/8424.jpg
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:28bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28349c38fe446eb7d54a2cde34f39e2e71e02df4c11211331ac029da54ba6f41

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Jul 2024 10:23:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
28722
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUzHa4dWqzMgyyGqxOLMNksfRLEEnmLInDTUGBRkXag1PmBKPly7timUNAWMNJ%2F17B%2BjAOFq%2Bm4HhqJumBmPDqcMI70KXKjyfs%2BTN6oW7oImaPF8QzilZW24Hw8jXOXw1gr0mD2QagyuDcMGGo8nYRUJY7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8a9f3fda0c8e4d2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
36645
cookie.js
partner.googleadservices.com/gampad/ 		440 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=detective-fee-investigation-427359651.today&client=partner-dp-domainactive_60_3ph_xml&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b181babbb24901b34d9f4a11d1b8acfab07a780ca06da3499dde759d093e2cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
ads
syndicatedsearch.goog/afs/ Frame 5D23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?adsafe=medium&psid=5733297675&pcsa=false&channel=seg14&client=dp-domainactive_60_3ph_xml&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fcaf_results%3D1%26uuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0%26sqs%3D%26tpct%3D%26atxt%3D%26at2%3D60%26at3%3Dseg14%26rfpi%3D%26ct%3D184%26at4%3D5733297675%26sescnt%3D1&type=3&uiopt=false&swp=as-drid-2837577183518028&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r1&nocache=2591722110780536&num=0&output=afd_ads&domain_name=detective-fee-investigation-427359651.today&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1722110780537&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1200&frm=0&uio=-&cont=kwBlock1&drt=0&jsid=caf&nfp=1&jsv=652824369&rurl=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-MKrm2we4iBsiN7lr7mOshw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://detective-fee-investigation-427359651.today/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2744
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-MKrm2we4iBsiN7lr7mOshw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 27 Jul 2024 20:06:20 GMT
expires
Sat, 27 Jul 2024 20:06:20 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
pxlt.php
detective-fee-investigation-427359651.today/include/ 		2 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://detective-fee-investigation-427359651.today/include/pxlt.php?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0&cb=79032309
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53

Request headers

Referer
https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dhlu5bU9ZdGriTEO2LNFInMwWN75M8vu8fqQ6qVf5Rp08Zn5KKQcVMuqK1m1aqunZ1CgGr4aRJwjC%2BXP38GOF5bjFjyjGXMxByCVcE1p7dOstJQ6L%2FU56Tob4tmqtDnjEFp1TGr8Q13bqZ8ThOc9fE1em%2BnT1pFWpLGEfMoVpN8f%2F2q4mYh8%2B6Uq"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cf-ray
8a9f3fda7e2f3719-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
ct
obs.togreencolumn.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.togreencolumn.com/ct?id=59128&url=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1722110780628&hl=3&op=0&ag=589913651&rand=132508560912009110276626000299215320003912920127070251810191638901250911087981202852&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDcxOTVdLFsiYWJuY2giLDEwXSxbLTcsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0zMiwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTUxLCItIl0sWy01NSwiMCJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjIsIjgwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTE5LCJbMTE3MCwxNTcwLDExNzAsMTU3MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy02MCwyMDZdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstMTcsIjE0Il0sWy0yNiwie1widGpoc1wiOjk5MTczNTQsXCJ1amhzXCI6NzMwNDI5MCxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzQsIi0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjcsIi0iXSxbLTY5LCJMaW51eCB4ODZfNjR8R29vZ2xlIEluYy58OHwxNHx8MCJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTI0LCJbXSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDQsIjAsMCwwLDUiXSxbLTYzLCIwIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGJyb3dzaW5ndG9waWNzLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsbG9jYWxmb250cyxvdHBjcmVkZW50aWFscyxlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LHNoYXJlZHN0b3JhZ2UsY2hkb3dubGluayxjaHByZWZlcnNjb2xvcnNjaGVtZSxzeW5jeGhyLGNodWFtb2RlbCxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHNlcmlhbCxjYW1lcmEsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQsY2h1YWZ1bGx2ZXJzaW9uLGZ1bGxzY3JlZW4sY2hkcHIsdW5sb2FkLGtleWJvYXJkbWFwLGNodWFwbGF0Zm9ybSxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGd5cm9zY29wZSxpbnRlcmVzdGNvaG9ydCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLGNvbXB1dGVwcmVzc3VyZSxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2sscHJpdmF0ZWFnZ3JlZ2F0aW9uLGNsaXBib2FyZHdyaXRlLGF0dHJpYnV0aW9ucmVwb3J0aW5nLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTY4LCItIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ5LCItIl0sWy01LCItIl0sWy0xMywiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMSwiLSJdLFstMiwiNixlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BFc1JFRVRwb1ZkRlZCUVFwUmNSQkZTS0lJZ2lSSXIwS2hKUnFwU0F0Q0FrUUhwSXp5YmJYcG1aci81L2Q5NmJ6Y3VTQVBKL0d0Il0sWy0xNCwiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0zMSwiZmFsc2UiXSxbLTM1LCJbMTcyMjExMDc4MDYxMiwtMl0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNTgsIi0iXSxbLTgsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcImRlc2NyaXB0aW9uXCJdfSJdLFstMjUsIi0iXSxbLTI5LCItIl0sWy00MSwiLSJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUsbGF0bixncmVnb3J5Il0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIxNDQxMzcwMTMyXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy00LCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImwsLTEsLTEsMCwwLDEsMCwyMCwyOSwyMjQsLTEsMCwzMjIuNiwzMjIuNiw0ODEsNDgyIl0sWy00OCwiMCwwIl0sWy01MCwiaHR0cHM6Ly9kZXRlY3RpdmUtZmVlLWludmVzdGlnYXRpb24tNDI3MzU5NjUxLnRvZGF5LyJdLFstNTIsIi0iXSxbLTY1LCItIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE5MzA4MjAyNzksXCJzZWNcIjpcIlwifSJdLFstNiwiLSJdLFstMTIsIm51bGwiXSxbLTE2LCIwIl0sWy0yMCwiLSJdLFstMjMsIisiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGZYQmtSVVUxTlNVb0RGaFpXV3hkTlZsNUxYRnhYV2xaVlRGUlhGMXBXVkJaUUZnOWNDbGdCQ3dBT0FGZ0lYQTRLV2dvS0N3cGFXZ0ZkQ0ZnTlhBMFBXdzBQRjFOS0F3Z0REdzRNRGdFUUZWaE5HVXNaRVZGTlRVbEtBeFlXVmxzWFRWWmVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWVBYQXBZQVFzQURnQllDRndPQ2xvS0Nnc0tXbG9CWFFoWURWd05EMXNORHhkVFNnTUlBdzRKQVE9PSJdLFsiYm5jaCIsNDldLFstMTUsIi0iXSxbLTIxLCItIl0sWy0yNywiWzUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0zMywiLSJdLFstNDAsIjMzIl0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTU5LCJkZWZhdWx0Il0sWyJkZGIiLCIwLDYsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMSwwLDcsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsNSwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCw0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMywxLDAsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=611sVf9MN6&pto=489&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1722110780.9avX3eVnvTF6Hp3v&suid=1.1722110780.yYIJRBrjgjWUzFGI&tuid=1.1722110780.ch9o4PncpGOyAirH&fbc=-&gtm=-&it=7%2C310%2C126&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by
Host: ob.togreencolumn.com
URL: https://ob.togreencolumn.com/i/6e3a82979a1e73c3323cc8d1a4e46b46.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
873f43040ac3aa52eafff828746c55d848bf706e5d11c8a739542822b0e3cf50

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
https://detective-fee-investigation-427359651.today
content-length
1323
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
detective-fee-investigation-427359651.today/abp/ 		43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://detective-fee-investigation-427359651.today/abp/px.gif?ch=1&abp=1&2va64smr560lx5k=true&rn=6.971613440893824
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Jul 2024 19:03:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2b-61cc110e56980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SyvKC0FZbsmmHeNBusZOCZh32wTU3hBBjpMHDO2xUI34A%2FkzPpsMLpe4X76mVY2gTipamo7XffWy3pIFRMP0duKCrCS63n%2FTjGOQTSyy54O4AC9ST64k4E%2BrDJFxQkQKRR3RpU2ZmPPDZLrcDT3ADhbnD4cfA75%2FvXmKhKwEyBQiW5FNrJzQPzD"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9f3fdc08413719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
px.gif
detective-fee-investigation-427359651.today/abp/ 		43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://detective-fee-investigation-427359651.today/abp/px.gif?ch=2&abp=2&2va64smr560lx5k=true&rn=6.971613440893824
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:20 GMT
cf-cache-status
MISS
last-modified
Mon, 08 Jul 2024 19:03:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2b-61cc110e56980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxneeCRZlCs3hlXNJNxuvqGqy2KRn6vXYKn0IIZgSAFMihvrUqeNbRoHxIRKfNWk6bap8t5HM%2B3EpCMbAoQhdgtNU%2F5mxFPP2wyZusGC65OD7mDSs1%2BFM8TbXl4ZrlZEpEnytAke5N8BF0SAU8JSKO4qso7XJE%2FJkvZBo2OlPiilMaS85O5Jenjc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a9f3fdc08433719-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
main
81bx0feo6k.execute-api.us-west-2.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://81bx0feo6k.execute-api.us-west-2.amazonaws.com/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-126.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://detective-fee-investigation-427359651.today
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
29
content-type
application/json
date
Sat, 27 Jul 2024 20:06:21 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-apigw-id
blnxsGL8PHcEPGQ=
x-amz-cf-id
Dbob4jHtqQE6LUT_lx4TNpDfCa-pljCFg2_p9GLF-kDM_ztcsKcsMw==
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
17868eaa-3301-4bde-af52-818e139eaf67
x-amzn-trace-id
Root=1-66a5533d-4d06793c3e242ae5574e9404
x-cache
Miss from cloudfront
main
81bx0feo6k.execute-api.us-west-2.amazonaws.com/ 		312 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://81bx0feo6k.execute-api.us-west-2.amazonaws.com/main
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-126.fra2.r.cloudfront.net
Software
/
Resource Hash
2b408a3ff2e6fc0ecd55ace4f0b207fbb4b91fe8a3c67fc13f14ccf097511b9a

Request headers

accept
*/*
Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jul 2024 20:06:21 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-trace-id
Root=1-66a5533d-5fe2166f62a38f467d892011
x-amzn-requestid
ea95788e-ef0a-4f85-8358-175ed1846d6c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
blnxuHGVPHcEklA=
content-length
312
x-amz-cf-id
UwVHR50vtl64PXpzaCyhJ9zyZjqGr9OotuJvRUjLabrnwEe_kWO5RQ==
/
www.google.de/pagead/1p-conversion/852667600/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_...
  • https://www.google.com/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw...
  • https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw6...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw6wMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjRodHRwczovL2RldGVjdGl2ZS1mZWUtaW52ZXN0aWdhdGlvbi00MjczNTk2NTEudG9kYXkv&is_vtc=1&cid=CAQSGwDaQooL8Cn-qApOGCcc5T5_2J5DwemB-Ga_gg&random=2777304915&ipr=y
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jul 2024 20:06:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jul 2024 20:06:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=481582212&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_fCFy4LIhwMVLXFBAh2_Kw6wMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjRodHRwczovL2RldGVjdGl2ZS1mZWUtaW52ZXN0aWdhdGlvbi00MjczNTk2NTEudG9kYXkv&is_vtc=1&cid=CAQSGwDaQooL8Cn-qApOGCcc5T5_2J5DwemB-Ga_gg&random=2777304915&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc_imp.gif
obs.togreencolumn.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.togreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268ecc634ea40829c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5b188c6f2f17071a10acf9f29f671ad781db067f6e49a82c73048e3bd830cf00395070c153065d30075e92ed694e77be26bb25cb43e2913bf05365ad5f2b7a1bdb53ed46f497d7df3ebb2907fe7ccaae063f8e0e3742241293d40166f160b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7288ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dae56c923b09d8fa9b2f1911f36739aa934765e8dcfa70de03f946e6d218961ed9d36d9a6d279c9b23d96d98cefab6cdb3f11338ae6bf2fbb9234e2be88627c5e706ea03131c81080f98898fdcc6ed933bcd29c695b88437b82c2e65d3237fc3c7dd582ad6eb68e65cf084469028f528421e079732bf42879ca92bf7d169c718a88c898a67c109433eab0941552b1d7ec4fe23fa05d2cbc77cf6d025ed972fcb8fe5be25dee1bc11267fc8b11e62fcf7471a02b4b4b17ab67fcbf856eefc3cf029f664d7118156c5a22ed50635b7f6806c2d6c38566b0f1c57f9f3907e8c53f11c19126da1eb11cd920a52eca4cdeded1f9eb4b1a2c281fbe3415d21e95b94e00b1ddf1a3045931a096366e466bd6a0b80b7d369e163d42c97a82ecba404997b0e3d21027c139cdce5db3c7b5686194595d3dfa7b1ca530599acbc7d96cc7367d9d2123f68e590d95625b13b86438219eb3c870fd8cf1ae4a733e19994cf9e476382fc2937c72ff29fbab917826d33140795694357b9a34186bd52a29aceae0a8be3f135767744f82fb717e910ebd57b9c20423f403d7f7de05b8e863b55a726a9de8f57ab8d17db2e14ca5b0a5be6facd181eab28a19c1ac8062f014dbe392d83afd060cb496dc28c4ca5bf83acc035a514247b578a653940ded05a4eb0578ae2d36fcb8afe045c60b03e714c55b34803b7ddb7474ff237268ac8d953c3d5a6dd0d77f822b104695fd05c632284c20e4097c4a38bb7f001eb39a567c93781d240d6e7f83725b0c513938cb4b3d8e1898e6717cef42f5698368e18c21db2a639a2cfd1c728e4d3c7f2fa5a69c5a2f4f440c05588510a704b2bb3d04b6a8336b1048bdd24a74179be2e0b83&cri=611sVf9MN6&ts=569&cb=1722110781197
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Sat, 27 Jul 2024 20:06:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
fa15a44f-5e0a-4fbe-958a-9759c3e8fba9
https://detective-fee-investigation-427359651.today/ 		261 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://detective-fee-investigation-427359651.today/fa15a44f-5e0a-4fbe-958a-9759c3e8fba9
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38ce046d9e6c6deb9b1dca8ac9b5eb77cc3bf0f94f83b123ad5cea8cdd44fc88

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
261
Content-Type
d5a8482b-7924-47cf-82b8-02adadc59b8e
https://detective-fee-investigation-427359651.today/ 		529 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://detective-fee-investigation-427359651.today/d5a8482b-7924-47cf-82b8-02adadc59b8e
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2d0c32adebaf25fd1e35122e64b37f29d8a55133293fc8e9e31bbbcea9da22a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
529
Content-Type
abpc.php
detective-fee-investigation-427359651.today/ 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://detective-fee-investigation-427359651.today/abpc.php
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjj1fJA9qH3xsNUzVYAn1tGRIImnbaXFeEx5AZ%2FQcfiIhb3%2FnMJMBI0r8g0S8vAzFZAR7e8Ce2yv39nTseFWSfbCJEph92BJtaKASZYsWke9MOE6ihILiNZqC%2FDaovXckz%2B5oLtTv0Xs2aNHzedGZbX7mRqA7y1sKpInP9PlZ8%2F2%2FLzWjFSsR3yo"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8a9f3fdf2c683719-FRA
alt-svc
h3=":443"; ma=86400
da.php
detective-fee-investigation-427359651.today/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://detective-fee-investigation-427359651.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive_60_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0&sqs=&tpct=&atxt=&at2=60&at3=seg14&rfpi=&ct=184&at4=5733297675&sescnt=1&impact=
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f4a9b740b4f8784cd0082858e7cecf8fc27d384d552b28cdd7024a85633b87c

Request headers

Referer
https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc
h3=":443"; ma=86400
content-length
739
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m94ikqZBtzuoSs%2FmbDyBx0EbI9dVVROHIQhgk%2F8QI6sfd6iYu689q%2Bl8EYU2cvkFEJ9RJNCyPHO2995A5iCdq2IpOrm6yY4ySwF6%2FLmQVTG9SVFohEBnlGNY0%2BGaMHD28mf2BqoKU3qfvEmSjRUb25vbYAmubpiJgyZe9O%2Flwxa8FtYYBVM29cpL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8a9f3fdf2c6c3719-FRA
expires
0
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLT9PCJC77U2ODAMQMNG&lib=ttq
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive_60_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0&sqs=&tpct=&atxt=&at2=60&at3=seg14&rfpi=&ct=184&at4=5733297675&sescnt=1&impact=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.26 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4c01bbfd110b42ae141a69db5724f1300b6a4039b22f3b96abebf49104145ff9

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
7388a75.464fa597
date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407272006214CF5A54E37C8D45D6620-37577107DCA49773-00
x-cache
TCP_MISS from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time
118,95.100.146.22
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=9, inner; dur=5
content-length
2038
pragma
no-cache
server
nginx
x-tt-logid
202407272006214CF5A54E37C8D45D6620
x-cache-remote
TCP_MISS from a23-218-222-9.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.218.222.9
x-tt-trace-host
01f8142ac9864b932f9774d2bcec67772dcb3d300af66c6bf97a8e314a5e2bda5cf77e1ad95b0f128b18659275d44382120a4b64ba36c63d943a23e33ccd84531ef7852dfe9c842b83afb7c1bd3e9321aaf4ddf433cbc45621b3e294665086849f77b94a9e7693ccad96795bda4e56dece
expires
Sat, 27 Jul 2024 20:06:21 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1716400/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1716400/tfa.js
Requested by
Host: detective-fee-investigation-427359651.today
URL: https://detective-fee-investigation-427359651.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive_60_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0&sqs=&tpct=&atxt=&at2=60&at3=seg14&rfpi=&ct=184&at4=5733297675&sescnt=1&impact=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a733e890fc26eff648d1f5a8550e8f54e4252354be222bb821e39a842f430acb

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
CMVtdbhMI1fidQ4RJsqqiuCTliHa4KQC
content-encoding
gzip
via
1.1 varnish
date
Sat, 27 Jul 2024 20:06:21 GMT
x-amz-request-id
B2CRAVDXD59ABH34
age
177
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
21939
x-amz-id-2
0orHqladB2wCJESmKxypWdlTkzRa6QL56oo7/re3F1LPnP96CEKmMz3EKJWjptOm6GO8VK46G9E=
x-served-by
cache-fra-etou8220133-FRA
last-modified
Wed, 24 Jul 2024 09:23:36 GMT
server
AmazonS3
x-timer
S1722110782.587747,VS0,VE2
etag
"88492dd1dc0e0279bc4fce618c00c43d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
40
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1716400/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220059-FRA
date
Sat, 27 Jul 2024 20:06:21 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1722110782.717322,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-cache-hits
0
json
trc.taboola.com/1716400/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1716400/trc/3/json?tim=1722110781620&data=%7B%22id%22%3A902%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1722110781616%2C%22cv%22%3A%2220240723-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dace1media-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1722110781619%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1716400/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee5f9e4a26a94df3892fb99b9a5b970899db114b29f40213fd9bde9997b3e5d4

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.19524999999999998
x-fastly-to-nlb-rtt
7400
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220133-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722110782.653439,VS0,VE15
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
main.MWE2Zjk5MjBkMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		343 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLT9PCJC77U2ODAMQMNG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.26 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e071cdc99aae4563ad7b2bc75f5b6259b237f8349bb96b4951188184aaaf2827

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
464fa996
date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240725114814D6A8A13778A98C7C0EA0
x-tt-trace-id
00-240725114814D6A8A13778A98C7C0EA0-6D298983A61CEA81-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
016be09fd7059de261cfbb2b2f2d91693f0e5c60717f4052a4396581b2c156b9b0116bb335e3c1a750da664ea24e27e1d34e40f081074b95539ed655bdef7c30365ebf334f0692f4b72e821486578c532625725c5d8a68b07b89cf0c1693428e8d
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
100255
identify_59f29ac9.js
analytics.tiktok.com/i18n/pixel/static/ 		147 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_59f29ac9.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.26 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
464fad86
date
Sat, 27 Jul 2024 20:06:21 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024072317211090E5E102942201B8B9EB
x-tt-trace-id
00-24072317211090E5E102942201B8B9EB-252E6E8DACAE5C41-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018d6bdddbd0dcbd390eed967cbc434cfdc5006a10c3afe405e71b78be0dfac28bbc7bfd31741f1f9c18c9325d63d9937d94ea647a950ebc7eb5547f9a2e7c4eb5f4570bbc83c7aa6095af06cb516eaae8f94eefb36ac6f16ac825a724741dd979
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
39604
pangle_pixel
analytics.pangle-ads.com/api/v2/ 		0
964 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.85.204 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-204.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
37c03af9.c7b8529c
date
Sat, 27 Jul 2024 20:06:22 GMT
x-bytefaas-request-id
202407272006229D92D5EFD9B3199B1D83
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407272006229D92D5EFD9B3199B1D83-0F5F4F1496E548F5-00
x-cache
TCP_MISS from a23-62-227-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4.1-57528572) (-)
x-parent-response-time
25,23.62.227.12
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=10, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407272006229D92D5EFD9B3199B1D83
x-cache-remote
TCP_MISS from a23-58-124-11.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57594475) (-)
access-control-max-age
86400
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-bytefaas-execution-duration
3.69
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01f8142ac9864b932f9774d2bcec67772d1360342df255e64c08d0065b75b3846c0495dbc8f1ce2c1edf3529d0f04b8dfa5038a5116c932e560efc9f82074fa58425102ddf3c5d136e0346d35ac0c3354fffbc03f85863da7637d6ff080b0d13d88fb61ac38eee20d8a9e8ba046a9ec319
x-origin-response-time
10,23.58.124.11
access-control-allow-headers
*
expires
Sat, 27 Jul 2024 20:06:22 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.26 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
164c9e22.464fae32
date
Sat, 27 Jul 2024 20:06:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240727200622320AE07106AC739A06CE-6117E579A8FA0CC2-00
x-cache
TCP_MISS from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time
136,95.100.146.22
server-timing
cdn-cache; desc=MISS, edge; dur=116, origin; dur=29, inner; dur=24
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240727200622320AE07106AC739A06CE
x-cache-remote
TCP_MISS from a23-32-17-138.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.32.17.138
x-tt-trace-host
01f8142ac9864b932f9774d2bcec67772dcb3d300af66c6bf97a8e314a5e2bda5c3534b1a9ec7e774d7565471e17031c02e9b7e7b006b9e03ff99f610f7eb647572c6e80766440cfe07a2f6d4dd52a56db767316428d51102d2f57cfd227fccbe83d8c46a4df63bc16d278e8eec7a474ef
access-control-allow-headers
Authorization,*
expires
Sat, 27 Jul 2024 20:06:22 GMT
favicon.ico
detective-fee-investigation-427359651.today/ 		318 B
742 B 		Other
General
Check archive.org
Download Go to
Full URL
https://detective-fee-investigation-427359651.today/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63615a2b207899516aa6eb56ec330671ca1bb25ebe8eb4dd703f08e2906e344e

Request headers

Referer
https://detective-fee-investigation-427359651.today/?uuid=87b719fb-99e6-43bf-a73b-2e1457d76ba0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 20:06:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Jul 2024 19:03:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"13e-61cc110e56980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZkuWG%2Fw0FIS76qpbLupGmYwkzLbkOk1H4rp1dmseuk8KVUbs%2FyjQyBY0Avs%2BDd6I10aogi43PFc1LRv%2FruUgmF8l1Xd7LOxj0DZyzyJnNsi3j5G1B4M5RKVhLctM3B20tH6koExe%2FO%2BTvPgxyV%2Bfj%2FJ8k2pHOc4lJgTmUCUYM%2B944VOhrWwSFcZ"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8a9f3fe3ba533719-FRA
alt-svc
h3=":443"; ma=86400
act
analytics.tiktok.com/api/v2/pixel/ 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.26 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
29127717.464fb27e
date
Sat, 27 Jul 2024 20:06:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407272006228329E3386243407A47F2-2EEF7567A01564E3-00
x-cache
TCP_MISS from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time
133,95.100.146.22
server-timing
cdn-cache; desc=MISS, edge; dur=119, origin; dur=22, inner; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407272006228329E3386243407A47F2
x-cache-remote
TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.220.105.69
x-tt-trace-host
01f8142ac9864b932f9774d2bcec67772dcb3d300af66c6bf97a8e314a5e2bda5c8b07ec995c973ef45285734a61489d87100171d5d05d8ee0d408b6c4f595e8e67b8fcf77eab2f1b7078325109cbca206660e180c46243e3fbc19fda86f40a942444cf2ea95398afe9f64bfc69fa6fbf8
access-control-allow-headers
Authorization,*
expires
Sat, 27 Jul 2024 20:06:22 GMT
mon
obs.togreencolumn.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.togreencolumn.com/mon
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://detective-fee-investigation-427359651.today
date
Sat, 27 Jul 2024 20:06:22 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
mon
obs.togreencolumn.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.togreencolumn.com/mon
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://detective-fee-investigation-427359651.today
date
Sat, 27 Jul 2024 20:06:22 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
gen_204
syndicatedsearch.goog/afs/ 		0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-domainactive_60_3ph_xml&output=uds_ads_only&zx=3lwbg2ytrep7&aqid=PFOlZtqKJ4msovsP_r_byQg&psid=5733297675&pbt=bs&adbx=540&adby=30&adbh=557&adbw=520&adbah=166%2C166%2C166&adbn=master-1&eawp=partner-dp-domainactive_60_3ph_xml&errv=652824369&csala=3%7C0%7C167%7C80%7C7&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-1JYPtjHbEFFracXDUHqd0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-1JYPtjHbEFFracXDUHqd0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 27 Jul 2024 20:06:22 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
syndicatedsearch.goog/afs/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=dp-domainactive_60_3ph_xml&output=uds_ads_only&zx=qtnzg4j4h4p2&aqid=PFOlZtqKJ4msovsP_r_byQg&psid=5733297675&pbt=bv&adbx=540&adby=30&adbh=557&adbw=520&adbah=166%2C166%2C166&adbn=master-1&eawp=partner-dp-domainactive_60_3ph_xml&errv=652824369&csala=3%7C0%7C167%7C80%7C7&lle=0&ifv=1&hpt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-wbTy3oPp4_Ig8CBopHhfwQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-wbTy3oPp4_Ig8CBopHhfwQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Sat, 27 Jul 2024 20:06:22 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
unip
trc-events.taboola.com/1716400/log/3/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1716400/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1722110781618&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722110783170&vi=1722110781616&ri=48ce7dbb8e4d57a5ca03c3338af32d2e&ref=null&cv=20240723-15-RELEASE&item-url=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0&it=JS_PIXEL
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://detective-fee-investigation-427359651.today
pragma
no-cache
date
Sat, 27 Jul 2024 20:06:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1716400/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1716400/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1722110781618&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722110783170&vi=1722110781616&ri=48ce7dbb8e4d57a5ca03c3338af32d2e&ref=null&cv=20240723-15-RELEASE&item-url=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://detective-fee-investigation-427359651.today
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://detective-fee-investigation-427359651.today
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 27 Jul 2024 20:06:23 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
mon
obs.togreencolumn.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://obs.togreencolumn.com/mon
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://detective-fee-investigation-427359651.today
date
Sat, 27 Jul 2024 20:06:24 GMT
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
unip
trc-events.taboola.com/1716400/log/3/ 		0
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1716400/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=0&ssd=1&est=1722110781618&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722110786171&vi=1722110781616&ri=48ce7dbb8e4d57a5ca03c3338af32d2e&ref=null&cv=20240723-15-RELEASE&item-url=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0&it=JS_PIXEL
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://detective-fee-investigation-427359651.today/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://detective-fee-investigation-427359651.today
pragma
no-cache
date
Sat, 27 Jul 2024 20:06:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
mon
obs.togreencolumn.com/ 		0
0
unip
trc-events.taboola.com/1716400/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1716400/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=0&ssd=1&est=1722110781618&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722110786171&vi=1722110781616&ri=48ce7dbb8e4d57a5ca03c3338af32d2e&ref=null&cv=20240723-15-RELEASE&item-url=https%3A%2F%2Fdetective-fee-investigation-427359651.today%2F%3Fuuid%3D87b719fb-99e6-43bf-a73b-2e1457d76ba0&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://detective-fee-investigation-427359651.today
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://detective-fee-investigation-427359651.today
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 27 Jul 2024 20:06:26 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
obs.togreencolumn.com
URL
https://obs.togreencolumn.com/mon

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| obtscript function| onCheqResponse number| googleNDT_ number| googleAltLoader object| google boolean| gAccepted object| gData number| gActionType boolean| adsLoaded object| pageOptions object| kwBlock1 object| adBlock1 function| _obpb function| add_adblock_channel function| getUrlVars function| getx function| post function| cafCallback function| adCallback function| hideElementsByClassName function| recordAction function| loadAds object| s function| __sasCookie function| __ctcg_ct_59128_exec function| $ function| jQuery object| _cq object| dataLayer string| TiktokAnalyticsObject object| ttq object| _tfa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

8 Cookies

Domain/Path Name / Value
.detective-fee-investigation-427359651.today/ Name: _cq_duid
Value: 1.1722110780.9avX3eVnvTF6Hp3v
.detective-fee-investigation-427359651.today/ Name: _cq_suid
Value: 1.1722110780.yYIJRBrjgjWUzFGI
.detective-fee-investigation-427359651.today/ Name: __gsas
Value: ID=d2226594e44985c6:T=1722110780:RT=1722110780:S=ALNI_MYUxMVMAW-kv_2EN5eEWW9BJwih8w
obs.togreencolumn.com/ Name: cg_uuid
Value: ce2b1cabfd40907b849ecb162531dc21
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tiktok.com/ Name: _ttp
Value: 2jqNjTf5SIOjj2PyfL3eHE3VjgY
.detective-fee-investigation-427359651.today/ Name: _tt_enable_cookie
Value: 1
.detective-fee-investigation-427359651.today/ Name: _ttp
Value: s9J5g5ejLqe77YR0Rt3LTtOj7UO

1 Console Messages

Source Level URL
Text
worker verbose URL: blob:https://detective-fee-investigation-427359651.today/fa15a44f-5e0a-4fbe-958a-9759c3e8fba9(Line 1)
Message:
Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

81bx0feo6k.execute-api.us-west-2.amazonaws.com
analytics.pangle-ads.com
analytics.tiktok.com
cdn.taboola.com
detective-fee-investigation-427359651.today
googleads.g.doubleclick.net
ob.togreencolumn.com
obs.togreencolumn.com
partner.googleadservices.com
psb.taboola.com
syndicatedsearch.goog
trc-events.taboola.com
trc.taboola.com
www.google.com
www.google.de
www.googleadservices.com
www.relevantlinks.net
obs.togreencolumn.com
13.225.78.126
141.226.228.48
142.250.186.66
151.101.1.44
151.101.193.44
23.43.85.204
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2104:c000:2:17ff:2c80:93a1
2606:4700:3037::6815:4cf3
2606:4700:3108::ac42:28bf
2a00:1450:4001:803::2004
2a00:1450:4001:806::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
95.100.146.26
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53
28349c38fe446eb7d54a2cde34f39e2e71e02df4c11211331ac029da54ba6f41
2b408a3ff2e6fc0ecd55ace4f0b207fbb4b91fe8a3c67fc13f14ccf097511b9a
38ce046d9e6c6deb9b1dca8ac9b5eb77cc3bf0f94f83b123ad5cea8cdd44fc88
4c01bbfd110b42ae141a69db5724f1300b6a4039b22f3b96abebf49104145ff9
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5b181babbb24901b34d9f4a11d1b8acfab07a780ca06da3499dde759d093e2cb
63615a2b207899516aa6eb56ec330671ca1bb25ebe8eb4dd703f08e2906e344e
6f4a9b740b4f8784cd0082858e7cecf8fc27d384d552b28cdd7024a85633b87c
78fa6bbe20e850d444ea21967f075697dcfa4f92726f1b646b12be2fe848c9dd
873f43040ac3aa52eafff828746c55d848bf706e5d11c8a739542822b0e3cf50
8964443adeb947f5ca8084903e634bb91bd905abf5acc0f73c58f6f065b23a2d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2
a2d0c32adebaf25fd1e35122e64b37f29d8a55133293fc8e9e31bbbcea9da22a
a733e890fc26eff648d1f5a8550e8f54e4252354be222bb821e39a842f430acb
df7f36297d063e47c8493c43b7617e217e213bfdd0a9a094803caa76772f8bb7
e071cdc99aae4563ad7b2bc75f5b6259b237f8349bb96b4951188184aaaf2827
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ee5f9e4a26a94df3892fb99b9a5b970899db114b29f40213fd9bde9997b3e5d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629