au.thelab38.com Open in urlscan Pro
199.59.242.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au.thelab38.com/login.php
Submission Tags: krdtest
Submission: On August 02 via api (August 2nd 2021, 7:03:52 am UTC) from JP

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 199.59.242.153, located in United States and belongs to BODIS-NJ, US. The main domain is au.thelab38.com.
TLS certificate: Issued by R3 on July 24th 2021. Valid for: 3 months.

This is the only time au.thelab38.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	199.59.242.153 199.59.242.153	395082 (BODIS-NJ) (BODIS-NJ)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:408c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
22	8

6 199.59.242.153 (United States)

ASN395082 (BODIS-NJ, US)

au.thelab38.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:408c (United States)

ASN13335 (CLOUDFLARENET, US)

image.bodiscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	google.com www.google.com	136 KB
6	thelab38.com au.thelab38.com	24 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	googleusercontent.com afs.googleusercontent.com	594 B
2	googleapis.com fonts.googleapis.com	1 KB
1	bodiscdn.com image.bodiscdn.com	3 KB
22	6

	Domain	Requested by
9	www.google.com	au.thelab38.com www.google.com
6	au.thelab38.com	au.thelab38.com
2	fonts.gstatic.com	fonts.googleapis.com
2	afs.googleusercontent.com	www.google.com
2	fonts.googleapis.com	www.google.com au.thelab38.com
1	image.bodiscdn.com	au.thelab38.com
22	6

This site contains no links.

Subject Issuer	Validity	Valid
au.thelab38.com R3	`2021-07-24` - `2021-10-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-26` - `2022-07-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://au.thelab38.com/login.php
Frame ID: 312291876B40FF6FE13C023E9766F4E6
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: B10CAF23434445F857A2A120A2AC6B56
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: 826054C439894E8A28DAF3B44805344C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: 72F2C76EEFEE3AE29EA53C64CA2A7C05
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&channel=pid-bodis-gcontrol220%2Cpid-bodis-gcontrol47&cpp=0&hl=en&pcsa=false&client=dp-bodis01_js&r=m&psid=3407845713&type=3&max_radlink_len=60&terms=Restaurant%20Menu%2CBreakfast%20Menu%2CRestaurant%20Online%20Ordering%20Solution%2CFood%20Menu%2COpentables%2CDelivery%20Menu%2CCafe%20Menu&swp=as-drid-2148305361097618&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300760%2C17300762%2C17300788%2C17300791%2C17300792&format=r7%7Cn3&ad=n3&num=0&output=afd_ads&domain_name=au.thelab38.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=120&dt=1627887813634&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=sl1sr1--&cont=rs%7Cads&csize=w1584h0%7Cw1584h0%7Cw1584h0%7Cw1584h0&inames=master-1%7Cslave-1-1%7Cslave-1-a-1%7Cslave-1-b-1&jsv=12079&rurl=https%3A%2F%2Fau.thelab38.com%2Flogin.php
Frame ID: B3EE38059C2751CB8B13D229FE0DB744
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/js/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 969761A02A8477281497414F85F4B11D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

192 kB
Transfer

457 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request login.php Show response
au.thelab38.com/ 2 KB
2 KB 3380ms
95ms Document
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://au.thelab38.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 3996e4bea380701320de93a1509f2c48100f5ce5d6135a69a59bb57add36b6a7

Request headers

:method: GET
:authority: au.thelab38.com
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: openresty
date: Mon, 02 Aug 2021 07:03:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7; expires=Mon, 02-Aug-2021 07:08:33 GMT; Max-Age=300; path=/; HttpOnly
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_k/KjnGfHa4e2XvnWFiHIZ8qQpV8DixHuhyijliYnWKEPQjti6YCDm5LD5AKW6eijWhfrvzdqbkNsP1R9R8RbHg==
cache-control: no-store, max-age=0
content-encoding: gzip

GET
H2 200 parking.js Show response
au.thelab38.com/js/ 56 KB
19 KB 96ms
96ms Script
application/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://au.thelab38.com/js/parking.js?v=1627887813
Requested by: Host: au.thelab38.com
URL: https://au.thelab38.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: b0aa0dc23022f041616397062226d2ea7a8a6249fa0a58bc874c2152047e114f

Request headers

:path: /js/parking.js?v=1627887813
pragma: no-cache
cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.thelab38.com
referer: https://au.thelab38.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.thelab38.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 07:03:33 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 21:42:48 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: no-cache no-store, must-revalidate post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 _fd Show response
au.thelab38.com/ 6 KB
3 KB 143ms
143ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://au.thelab38.com/_fd
Requested by: Host: au.thelab38.com
URL: https://au.thelab38.com/js/parking.js?v=1627887813
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: b0bbd3b09de8bedd2b6222c3eb9423e3e5253834f49c9a1ee170dd73e7ee2cb9

Request headers

sec-fetch-mode: cors
origin: https://au.thelab38.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7
content-length: 0
:path: /_fd
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
:authority: au.thelab38.com
referer: https://au.thelab38.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json
Referer: https://au.thelab38.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-version: 2.63.3
date: Mon, 02 Aug 2021 07:03:33 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7; expires=Mon, 02-Aug-2021 07:08:33 GMT; Max-Age=300; path=/; httponly
x-backend-server: core153.bodis.com

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 153 KB
56 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: au.thelab38.com
URL: https://au.thelab38.com/js/parking.js?v=1627887813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6423ac627248bc57af4ac1a2dfbbeefc9da537c017aed76ee73582b8a278de4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://au.thelab38.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:33 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "2924451434492575337"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 02 Aug 2021 07:03:33 GMT

GET
H2 200 px.gif
au.thelab38.com/ 42 B
190 B 102ms
102ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.thelab38.com/px.gif?ch=1&rn=9.849412944179235
Requested by: Host: au.thelab38.com
URL: https://au.thelab38.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /px.gif?ch=1&rn=9.849412944179235
pragma: no-cache
cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.thelab38.com
referer: https://au.thelab38.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.thelab38.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:33 GMT
last-modified: Thu, 06 Aug 2020 15:09:01 GMT
server: openresty
etag: "5f2c1d0d-2a"
content-type: image/gif
accept-ranges: bytes
x-backend-server: core153.bodis.com
content-length: 42

GET
H2 200 px.gif
au.thelab38.com/ 42 B
190 B 102ms
102ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au.thelab38.com/px.gif?ch=2&rn=9.849412944179235
Requested by: Host: au.thelab38.com
URL: https://au.thelab38.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /px.gif?ch=2&rn=9.849412944179235
pragma: no-cache
cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.thelab38.com
referer: https://au.thelab38.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.thelab38.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:33 GMT
last-modified: Thu, 06 Aug 2020 15:09:01 GMT
server: openresty
etag: "5f2c1d0d-2a"
content-type: image/gif
accept-ranges: bytes
x-backend-server: core153.bodis.com
content-length: 42

GET
H3-29 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame B10C 1 KB
664 B 14ms
13ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bc708f186603ae47612a4a89444078a3d336b551423e2e8ac552f623071a7bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-UvLmJOVnftI8fdUFzbHwBA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.thelab38.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.thelab38.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-UvLmJOVnftI8fdUFzbHwBA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
content-length: 639
date: Mon, 02 Aug 2021 07:03:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame 8260 1 KB
663 B 14ms
14ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae8d5541263f8182ee1bab38d81c604560d2156951c5e751126639e5ee68ca5

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-LIYNaNnzbziSF0d9KO3mAA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.thelab38.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.thelab38.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-LIYNaNnzbziSF0d9KO3mAA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
content-length: 638
date: Mon, 02 Aug 2021 07:03:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame 72F2 1 KB
665 B 14ms
14ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ad143c70d1c96ece36beec0285d1d97a4b721acf1d957f6b2242b1514031b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-x48fUEHLVuBO3ns3LdqMLg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.thelab38.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.thelab38.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-x48fUEHLVuBO3ns3LdqMLg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
content-length: 640
date: Mon, 02 Aug 2021 07:03:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
www.google.com/afs/ Frame B3EE 15 KB
8 KB 88ms
87ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adtest=off&channel=pid-bodis-gcontrol220%2Cpid-bodis-gcontrol47&cpp=0&hl=en&pcsa=false&client=dp-bodis01_js&r=m&psid=3407845713&type=3&max_radlink_len=60&terms=Restaurant%20Menu%2CBreakfast%20Menu%2CRestaurant%20Online%20Ordering%20Solution%2CFood%20Menu%2COpentables%2CDelivery%20Menu%2CCafe%20Menu&swp=as-drid-2148305361097618&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300760%2C17300762%2C17300788%2C17300791%2C17300792&format=r7%7Cn3&ad=n3&num=0&output=afd_ads&domain_name=au.thelab38.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=120&dt=1627887813634&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=sl1sr1--&cont=rs%7Cads&csize=w1584h0%7Cw1584h0%7Cw1584h0%7Cw1584h0&inames=master-1%7Cslave-1-1%7Cslave-1-a-1%7Cslave-1-b-1&jsv=12079&rurl=https%3A%2F%2Fau.thelab38.com%2Flogin.php

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

566af78bad3fc106698df359c28b18ec3c324be437f72d3ebfc7c49d77b4b1a4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads?adtest=off&channel=pid-bodis-gcontrol220%2Cpid-bodis-gcontrol47&cpp=0&hl=en&pcsa=false&client=dp-bodis01_js&r=m&psid=3407845713&type=3&max_radlink_len=60&terms=Restaurant%20Menu%2CBreakfast%20Menu%2CRestaurant%20Online%20Ordering%20Solution%2CFood%20Menu%2COpentables%2CDelivery%20Menu%2CCafe%20Menu&swp=as-drid-2148305361097618&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300760%2C17300762%2C17300788%2C17300791%2C17300792&format=r7%7Cn3&ad=n3&num=0&output=afd_ads&domain_name=au.thelab38.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=120&dt=1627887813634&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=sl1sr1--&cont=rs%7Cads&csize=w1584h0%7Cw1584h0%7Cw1584h0%7Cw1584h0&inames=master-1%7Cslave-1-1%7Cslave-1-a-1%7Cslave-1-b-1&jsv=12079&rurl=https%3A%2F%2Fau.thelab38.com%2Flogin.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.thelab38.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://au.thelab38.com/

Response headers

content-type: text/html; charset=UTF-8
content-disposition: inline
date: Mon, 02 Aug 2021 07:03:33 GMT
expires: Mon, 02 Aug 2021 07:03:33 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 8397
x-xss-protection: 0
set-cookie: CONSENT=PENDING+629; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 caf.js Show response
www.google.com/adsense/domains/ Frame B3EE 153 KB
56 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&channel=pid-bodis-gcontrol220%2Cpid-bodis-gcontrol47&cpp=0&hl=en&pcsa=false&client=dp-bodis01_js&r=m&psid=3407845713&type=3&max_radlink_len=60&terms=Restaurant%20Menu%2CBreakfast%20Menu%2CRestaurant%20Online%20Ordering%20Solution%2CFood%20Menu%2COpentables%2CDelivery%20Menu%2CCafe%20Menu&swp=as-drid-2148305361097618&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300760%2C17300762%2C17300788%2C17300791%2C17300792&format=r7%7Cn3&ad=n3&num=0&output=afd_ads&domain_name=au.thelab38.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=120&dt=1627887813634&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=sl1sr1--&cont=rs%7Cads&csize=w1584h0%7Cw1584h0%7Cw1584h0%7Cw1584h0&inames=master-1%7Cslave-1-1%7Cslave-1-a-1%7Cslave-1-b-1&jsv=12079&rurl=https%3A%2F%2Fau.thelab38.com%2Flogin.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f46dd103e466922da6e16247ab5d6c300bf089dd77d2d47e07d903f4299d0f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:33 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "691424855061769276"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 02 Aug 2021 07:03:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B3EE 2 KB
653 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans&display=swap

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 05:24:24 GMT
server: ESF
date: Mon, 02 Aug 2021 07:03:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Aug 2021 07:03:33 GMT

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame B3EE 391 B
357 B 6ms
6ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2335373e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932d35f205218210968acba91794625ad97ef96f5ef8f5d5262af0d3b20dec95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:57:59 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
server: sffe
age: 334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-type: image/svg+xml
cache-control: public, max-age=82800
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Tue, 03 Aug 2021 05:57:59 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame B3EE 200 B
237 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 00:47:23 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
server: sffe
age: 22570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-type: image/svg+xml
cache-control: public, max-age=82800
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174
x-xss-protection: 0
expires: Mon, 02 Aug 2021 23:47:23 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame B3EE 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 563843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H3-29 200 css2
fonts.googleapis.com/ 2 KB
557 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: au.thelab38.com
URL: https://au.thelab38.com/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.thelab38.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 05:40:55 GMT
server: ESF
date: Mon, 02 Aug 2021 07:03:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Aug 2021 07:03:33 GMT

GET
H2 200 arrows-bg-single.png
image.bodiscdn.com/parking/ 3 KB
3 KB 19ms
19ms Image
image/webp 2606:4700:10::6816:408c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bodiscdn.com/parking/arrows-bg-single.png
Requested by: Host: au.thelab38.com
URL: https://au.thelab38.com/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:408c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8436c93cfe365821cf9ec9d10320c9abb9862f4292a10e6c6fe75c15f5316b68

Request headers

Referer: https://au.thelab38.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:33 GMT
cf-cache-status: HIT
age: 1254
cf-polished: origFmt=png, origSize=3365
cf-ray: 678572748bfe4ea4-FRA
content-disposition: inline; filename="arrows-bg-single.webp"
content-length: 2740
x-amz-id-2: Y1IUwP+X1an5kKurR6GIErEeifLjAqmRih3kv0bQ68qQTnQzXJ1NObcl8/Y7/pFzW1voPQLFcmA=
last-modified: Mon, 26 Jul 2021 19:05:05 GMT
server: cloudflare
etag: "be0ad31eeb486cdcc271ce6ebab43d97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 0K8492253ST32H8Q
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:100,h2pri

POST
H2 200 _tr Show response
au.thelab38.com/ 2 B
280 B 120ms
120ms Fetch
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: https://au.thelab38.com/_tr
Requested by: Host: au.thelab38.com
URL: https://au.thelab38.com/js/parking.js?v=1627887813
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode: cors
origin: https://au.thelab38.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7
content-length: 2001
:path: /_tr
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
:authority: au.thelab38.com
referer: https://au.thelab38.com/login.php
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json
Referer: https://au.thelab38.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-version: 2.63.3
date: Mon, 02 Aug 2021 07:03:33 GMT
content-encoding: gzip
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: parking_session=11f798f9-df31-1e37-d1cd-0fce8471ced7; expires=Mon, 02-Aug-2021 07:08:33 GMT; Max-Age=300; path=/; httponly
x-backend-server: core153.bodis.com

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
www.google.com/js/bg/ Frame 9697 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 577216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 14:43:17 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://au.thelab38.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 563843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H3-29 204 gen_204
www.google.com/afs/ 0
15 B 30ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-bodis01_js&output=uds_ads_only&zx=380tkmhmfw9p&aqid=xZgHYcLqKpGs3wOynbPwCQ&psid=3407845713&pbt=bs&adbx=550&adby=141&adbh=624&adbw=500&adbn=master-1&eawp=partner-dp-bodis01_js&errv=12079375995516493295&csadii=24&csadr=172&lle=0&llm=1000&ifv=1&usr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.thelab38.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:35 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 204 gen_204
www.google.com/afs/ 0
15 B 34ms
34ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-bodis01_js&output=uds_ads_only&zx=uja1trg0yblu&aqid=xZgHYcLqKpGs3wOynbPwCQ&psid=3407845713&pbt=bv&adbx=550&adby=141&adbh=624&adbw=500&adbn=master-1&eawp=partner-dp-bodis01_js&errv=12079375995516493295&csadii=24&csadr=172&lle=0&llm=1000&ifv=1&usr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://au.thelab38.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 07:03:35 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			au.thelab38.com/	1970-01-19 20:11:28	Name: parking_session Value: 11f798f9-df31-1e37-d1cd-0fce8471ced7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
au.thelab38.com
fonts.googleapis.com
fonts.gstatic.com
image.bodiscdn.com
www.google.com
199.59.242.153
2606:4700:10::6816:408c
2a00:1450:4001:800::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:831::200a
17ad143c70d1c96ece36beec0285d1d97a4b721acf1d957f6b2242b1514031b1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3996e4bea380701320de93a1509f2c48100f5ce5d6135a69a59bb57add36b6a7
55af2c37b183312d14ff01ec9b01350808819ca5e9bd1b1a3b273ec9641c01c4
566af78bad3fc106698df359c28b18ec3c324be437f72d3ebfc7c49d77b4b1a4
5ae8d5541263f8182ee1bab38d81c604560d2156951c5e751126639e5ee68ca5
5bc708f186603ae47612a4a89444078a3d336b551423e2e8ac552f623071a7bf
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
6423ac627248bc57af4ac1a2dfbbeefc9da537c017aed76ee73582b8a278de4f
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
8436c93cfe365821cf9ec9d10320c9abb9862f4292a10e6c6fe75c15f5316b68
932d35f205218210968acba91794625ad97ef96f5ef8f5d5262af0d3b20dec95
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
b0aa0dc23022f041616397062226d2ea7a8a6249fa0a58bc874c2152047e114f
b0bbd3b09de8bedd2b6222c3eb9423e3e5253834f49c9a1ee170dd73e7ee2cb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46dd103e466922da6e16247ab5d6c300bf089dd77d2d47e07d903f4299d0f69

au.thelab38.com Open in urlscan Pro 199.59.242.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

88 %IPv6

6 Domains

6 Subdomains

8 IPs

2 Countries

192 kBTransfer

457 kBSize

1 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

Indicators

au.thelab38.com Open in urlscan Pro
199.59.242.153 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

192 kB
Transfer

457 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions