urlscan.io logo urlscan.io
SecurityTrails logo

websniffer.com Open in urlscan Pro
172.67.140.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://websniffer.com/domain/safnah.com
Submission: On July 23 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 172.67.140.241, located in United States and belongs to CLOUDFLARENET, US. The main domain is websniffer.com.
TLS certificate: Issued by WE1 on July 16th 2024. Valid for: 3 months.
This is the only time websniffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    172.67.140.241 (United States)

ASN13335 (CLOUDFLARENET, US)
websniffer.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
13 websniffer.com
websniffer.com
71 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
127 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
195 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
102 KB
24 7
Domain Requested by
13 websniffer.com websniffer.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com websniffer.com
2 pagead2.googlesyndication.com websniffer.com
pagead2.googlesyndication.com
1 fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com websniffer.com
24 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
t.me
www.youtube.com
www.linkedin.com
www.instagram.com
github.com
Subject Issuer Validity Valid
websniffer.com
WE1		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://websniffer.com/domain/safnah.com
Frame ID: 506974949C79EA7A6196C4BA50248643
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

safnah.com Domain Name Lookup Details - WebSniffer

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

674 kB
Transfer

1873 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request safnah.com
websniffer.com/domain/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a84b6f3582c1f72538806de269b9fbb081913bb778c024ebb7909715ffa13da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a7f295cfb7d3a78-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jul 2024 22:38:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2Y2hK1LrbSjjmHsjKi1XlFsOKxH09HQvJQM97zDuT%2FTWbBtBi%2FBW%2FUKCQ4cQ7u9Nry13mbvOabu8m5c%2FwlRBlKrSRYhK%2BChhA0GwtO%2BFc77SqkJ2OQWT8xqFDChFbuKgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
w3.css
websniffer.com/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://websniffer.com/w3.css
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 14 Mar 2024 05:13:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5b83-61397f261cfa8-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6TVxHzaR9JSbFS6mhE2DHoyExXOdAJ2OBRLoUVknq2oU9POu3cbXW%2BZ7lwO6oleyOx%2BlV1ojLVdezmgouAkCT45YjfZK%2BP6hCuQZKA6vgOv0c2jL%2BlGI3KEI5mbkiUvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a7f295f1d573a78-FRA
alt-svc
h3=":443"; ma=86400
content-length
5256
w3-theme-amber.css
websniffer.com/ 		1 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://websniffer.com/w3-theme-amber.css
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d36f96f29376969e7978b91292d1b0ecc6228e383d99dda72a21d04c5248416

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 14 Mar 2024 05:13:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"539-61397f22ddea8-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMx%2BI3tm1QX9TUbUF6rJ%2FmJ0d3YCF0cOaf5k%2BdckTo2mDl0dTbfl9u3t8H4EU7BMlGHS3Le2QpuB9uboWqlt%2BAUHwDCY3VthvZ6lQg2TTYF7aq7fAwwpb%2B02BJfp4EOOjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a7f295f1d593a78-FRA
alt-svc
h3=":443"; ma=86400
content-length
236
styles.css
websniffer.com/ 		1 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://websniffer.com/styles.css
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e461e9c62f3ab68d1fbee6d9c85550c78b3a6ed6c7949b362cba5e46b70f5d3

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 15 Mar 2024 11:56:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"508-613b1b10bf897-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0EOfupDPk%2FllcHbcdAJf%2FVCM4JSZFeQHOFmtXMvG4iBwajwL90k8S5hR1Qtd%2FW8UR56rEJGYrMApTZ15wd7UHAtii9YEpOsNES43s9zVbTUA4g1%2FaY3qICJKwduYIuXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a7f295f1d5a3a78-FRA
alt-svc
h3=":443"; ma=86400
content-length
550
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VG9H4CR769
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7df6ef909753592fa90b125d5347a156dcfe40eec7a33e6a4d8097a3ef9d1f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103595
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jul 2024 22:38:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0113441673686829
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
89a4d8e761bf9bd302d8da1e9f51e265fb2578460ed6e61e5bd10a0449489ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
Origin
https://websniffer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53641
x-xss-protection
0
server
cafe
etag
10835226747729174385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jul 2024 22:38:35 GMT
websniffer-logo.png
websniffer.com/images/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/websniffer-logo.png
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9722c733da6bb71c61a0c6e404b0625b9759c5a4b78e7e493042664fce96c014

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Mar 2024 07:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cd03-613999e09512a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fSQMUWdQWlIHK%2FIpkISQ2NxSVFd6DavLs2E60V59O50zqaubCs95PO03EqvgzL%2FE9KNt6%2FOMeVKV6sSmuKaFJTwaWegQTU2EgeggZ7XGtK8Oz6hd70OL475sBmhpqym4XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a7f295f1d5c3a78-FRA
alt-svc
h3=":443"; ma=86400
content-length
52483
x.svg
websniffer.com/images/icons/ 		252 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/x.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be03adbfce4a46c4e42eae5ee7b5e676b59627fa25e15a317e453bb18153ff5f

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:04:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"fc-619b8eace12c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ff5hNnWnP5eK3iZl1zG9%2FHHINRZQ7%2BPlv9lBM51WTmgepj22oJNE9dPnv8%2FaBT97JyRZqT%2FcDtBquLIl7sugeWz2Xrs35YCY1c6Bhhdo5oBPIbA4JZvSRm68NchDELXK0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f295f1d5d3a78-FRA
alt-svc
h3=":443"; ma=86400
facebook.svg
websniffer.com/images/icons/ 		542 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/facebook.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06d18d844ed621b89faffb1a33440cc0ec4f1ffea9f36191f50db19a47c59a6

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"21e-619b8eadb804b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVQjp3q16s%2BH%2FFo7jGRw52deL2BOc87rJfk2O8mDmF6zy5zS4j5Dq0sJqd3j9cX%2F6nppbK716QRUv2Wnx4FJATYGe6rlIEMhiA%2FD3wWs%2BaTHUXviJQ61Bl%2FTu5iSKCaweg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f29604e613a78-FRA
alt-svc
h3=":443"; ma=86400
telegram.svg
websniffer.com/images/icons/ 		742 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/telegram.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
147fd8f8923e7e5f463fe98c0eb9913bead6b2ae59935728cda141002ec8a7c9

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:04:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e6-619b8ead4c987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKZyNtOXJ9iQGDXYJ%2FJPP2g6m3ptr86Bh%2BEA6HDUHZtvTuGMLshY2Fljxm504Gne2PyKj3c0OWMCjEZsqm82ksI2jahcFDJyvZfnpZg84rvC%2Fi9UTPSob3Dk63WTKHiV3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f29606e763a78-FRA
alt-svc
h3=":443"; ma=86400
youtube.svg
websniffer.com/images/icons/ 		459 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/youtube.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5038808acbbc4e6edda16cbeb1cc6dec80e4e4ee4e227e039c41229fa222aa8c

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1cb-619b8eadb804b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCS0U3ZYcioBHMvpkVTXVkwby8CAlzPWXTXPB3guHoZZS72t%2FGn%2FN8HZiuHRb2HNdtHJWGcJ3lCuklGjEebUJC9qwGU%2BvKKhQtuHeKuBkF29AlRo%2BX73I0%2Blx%2FfGYf6slA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f29606e783a78-FRA
alt-svc
h3=":443"; ma=86400
linkedin.svg
websniffer.com/images/icons/ 		610 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/linkedin.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2687ac468d96bd03e748dc8646ef6465cb4cc7f34b96e1d0bc86fcb3dd79121a

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"262-619b8eae23710"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8KhD%2FVo0Wvl9YHVgvCSFDh8HeKTMZoSuLtPFOPcYUYeTs1Lo%2FAr%2BHSKRP6Ki7Wsd%2Few8vhMn%2F%2B8CA0QgmSepaHXbLixdm%2FpkZQc%2BaOavqmitzxtaqC2GjrQYx6zcQc92w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f29606e7a3a78-FRA
alt-svc
h3=":443"; ma=86400
instagram.svg
websniffer.com/images/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/instagram.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f53af2d1fc5292ba1433b5c1faf50005ce6a997fa302d1816989929f379a59dc

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:04:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"835-619b8ead4c987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWSiHNJ4O%2FPUmRzKEypWTFOoHNFk0cEV%2FN3oA%2BLVUFTL1uhZvTdlEpsIA7zOkTAc7EhRHAESOJx%2BvOhrkz7gDz5zDUowQoevoxOGWw4ZoyE0W%2F5MiyaoMgLjqFSOlpCisg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f29606e7b3a78-FRA
alt-svc
h3=":443"; ma=86400
github.svg
websniffer.com/images/icons/ 		822 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://websniffer.com/images/icons/github.svg
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bf8cceead820aec50d4ee825a3fd02c5a1cd6665cc9cf4cbf3d9c8861a204bb

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 31 May 2024 05:26:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"336-619b93874739d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNhlO5WklIAZEJY%2BefZtG%2Byb%2BgoKjAC2dxV0%2ByLffmw9Wp%2F5B03vxz4iOwaAraj5OInQTLGR7CqveG48Y4rl123Kbcm96xqIQgXK9hwYrp4xmnTHQw5mkXstxThHz6bMmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a7f29606e7c3a78-FRA
alt-svc
h3=":443"; ma=86400
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0113441673686829&plah=websniffer.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0113441673686829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f8da3232365b91d59adf7c695b1b62b68f2e73b503439e3e10ebd1c2457dbf0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146174
x-xss-protection
0
server
cafe
etag
14562433578659857319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jul 2024 22:38:35 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VG9H4CR769&gtm=45je47h0v9181743386za200&_p=1721774315580&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=558110523.1721774316&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721774315&sct=1&seg=0&dl=https%3A%2F%2Fwebsniffer.com%2Fdomain%2Fsafnah.com&dt=safnah.com%20Domain%20Name%20Lookup%20Details%20-%20WebSniffer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=767&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VG9H4CR769
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jul 2024 22:38:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://websniffer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-0113441673686829
fundingchoicesmessages.google.com/i/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-0113441673686829?href=https%3A%2F%2Fwebsniffer.com%2Fdomain%2Fsafnah.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0113441673686829&plah=websniffer.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4848564b69bd45397c9ab36ced19a902308d5bed4cd720ad4448fe6ddeddd24c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A9j6bctI3CzKgh7rcXm3MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-A9j6bctI3CzKgh7rcXm3MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgNlS4xOoMxELcHG8eNmxlE5jQcE9YSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTA3MhIz8A0vsAAAHBiO6c"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU-yDXr2wgN1WCU_nsPB94U_By0CEsqc9CSnHV2kUTst1ojiDxNSZSHdJJbAfhGfOPpMj8cPsTQwo2wfDdr3tHpar9jzAvZAcLFzQFGVYINo7ADnv1Q9VILVC499sojWDdnPvADmA==
fundingchoicesmessages.google.com/f/ 		402 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU-yDXr2wgN1WCU_nsPB94U_By0CEsqc9CSnHV2kUTst1ojiDxNSZSHdJJbAfhGfOPpMj8cPsTQwo2wfDdr3tHpar9jzAvZAcLFzQFGVYINo7ADnv1Q9VILVC499sojWDdnPvADmA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNzc0MzE2LDEwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93ZWJzbmlmZmVyLmNvbS9kb21haW4vc2FmbmFoLmNvbSIsbnVsbCxbWzgsIlZuaVNCcF9kbHc4Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQxODhdLG51bGwsMTRdIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VniSBp_dlw8.es5.O/am=Mhg/d=1/rs=AJlcJMz8obUUkDO0qdRozmz56yUgRwJDrw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca527ca729a9e1bbacd7b9a93f3a6400183823ba24e8830947e7d0aa7cbaaf16
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rjv8c8Gzs-WB8bf2bCM0ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rjv8c8Gzs-WB8bf2bCM0ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw0pBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0B4iURF1mPJF5kPfj4IutJIDZUuMTqDMRC3BxvHjZsZRM48f1QqpJGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgbmRkZ6BaXyBAQBk6EGY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VniSBp_dlw8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx2YGYT6C5X2ZEcT394ainaILsRFw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4dafdd94f789a13c39c29335b6cee9a513669c60d779ffb1f19c50f4b1b0c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jul 2024 22:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jul 2024 22:38:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jul 2024 22:38:36 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
Origin
https://websniffer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 12:26:16 GMT
x-content-type-options
nosniff
age
36740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 12:26:16 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: websniffer.com
URL: https://websniffer.com/domain/safnah.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
Origin
https://websniffer.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:51:59 GMT
x-content-type-options
nosniff
age
53197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 07:51:59 GMT
AGSKWxUIjYMmVqapOxQ8cC6glIw236joB06djopd4-fQyHYCdJXvJWIqdB7KKwcofTob0b0XhqSTOZCFuZOh_9_-OEC2Ih-nKfY8Saga4BKT1THnvjHqNNiRWXOqVBy-sQ0XrmPCe4zdww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUIjYMmVqapOxQ8cC6glIw236joB06djopd4-fQyHYCdJXvJWIqdB7KKwcofTob0b0XhqSTOZCFuZOh_9_-OEC2Ih-nKfY8Saga4BKT1THnvjHqNNiRWXOqVBy-sQ0XrmPCe4zdww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VniSBp_dlw8.es5.O/am=Mhg/d=1/rs=AJlcJMz8obUUkDO0qdRozmz56yUgRwJDrw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AKp3SvRggTjUOhJucLDmNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jul 2024 22:38:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AKp3SvRggTjUOhJucLDmNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_HmYcNWNoEbe0-tZFRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmRkZ6BubxBQYAcdUsMA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://websniffer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUIjYMmVqapOxQ8cC6glIw236joB06djopd4-fQyHYCdJXvJWIqdB7KKwcofTob0b0XhqSTOZCFuZOh_9_-OEC2Ih-nKfY8Saga4BKT1THnvjHqNNiRWXOqVBy-sQ0XrmPCe4zdww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUIjYMmVqapOxQ8cC6glIw236joB06djopd4-fQyHYCdJXvJWIqdB7KKwcofTob0b0XhqSTOZCFuZOh_9_-OEC2Ih-nKfY8Saga4BKT1THnvjHqNNiRWXOqVBy-sQ0XrmPCe4zdww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VniSBp_dlw8.es5.O/am=Mhg/d=1/rs=AJlcJMz8obUUkDO0qdRozmz56yUgRwJDrw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZeJ9cf_wjOk0EiQXDPLNaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://websniffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jul 2024 22:38:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZeJ9cf_wjOk0EiQXDPLNaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_HmYcNWNoEHR27PZFRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmRkZ6BubxBQYAd2wsQg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://websniffer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
websniffer.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://websniffer.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d5784d47f15a94985acd5ce1cd6c6345370d86c5558795cff79ee01fb01409

Request headers

Referer
https://websniffer.com/domain/safnah.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 22:38:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Dec 2022 06:26:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4060
etag
W/"47e-5f0144814b41a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWDCjEa8pEK5sLmsjyfufMp2gR4brUNW5CGXKMPZUy%2FYvcH8EiexFVit%2FpJgbv2TWNCgtqMan5nitCfTqhF4WcjvrpRHuJ71d5HsNVZW837QEdzSYA%2Fv0g5opNDefJk5UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8a7f296ab80e3a78-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer function| toggleMenu object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzI5MTQzNzJkNWE5MDVkOGxvYWRlcl9qcw== string| YzI5MTQzNzJkNWE5MDVkOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

3 Cookies

Domain/Path Name / Value
websniffer.com/ Name: PHPSESSID
Value: 6ssc1c2k19k17a0mcgm10oeh88
.websniffer.com/ Name: _ga_VG9H4CR769
Value: GS1.1.1721774315.1.0.1721774315.0.0.0
.websniffer.com/ Name: _ga
Value: GA1.1.558110523.1721774316

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
websniffer.com
www.googletagmanager.com
142.250.184.226
142.250.186.110
172.67.140.241
2001:4860:4802:34::36
2a00:1450:4001:806::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
03d5784d47f15a94985acd5ce1cd6c6345370d86c5558795cff79ee01fb01409
147fd8f8923e7e5f463fe98c0eb9913bead6b2ae59935728cda141002ec8a7c9
2687ac468d96bd03e748dc8646ef6465cb4cc7f34b96e1d0bc86fcb3dd79121a
3a84b6f3582c1f72538806de269b9fbb081913bb778c024ebb7909715ffa13da
3bf8cceead820aec50d4ee825a3fd02c5a1cd6665cc9cf4cbf3d9c8861a204bb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4848564b69bd45397c9ab36ced19a902308d5bed4cd720ad4448fe6ddeddd24c
5038808acbbc4e6edda16cbeb1cc6dec80e4e4ee4e227e039c41229fa222aa8c
6d36f96f29376969e7978b91292d1b0ecc6228e383d99dda72a21d04c5248416
7df6ef909753592fa90b125d5347a156dcfe40eec7a33e6a4d8097a3ef9d1f2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
89a4d8e761bf9bd302d8da1e9f51e265fb2578460ed6e61e5bd10a0449489ba4
9722c733da6bb71c61a0c6e404b0625b9759c5a4b78e7e493042664fce96c014
9e461e9c62f3ab68d1fbee6d9c85550c78b3a6ed6c7949b362cba5e46b70f5d3
b06d18d844ed621b89faffb1a33440cc0ec4f1ffea9f36191f50db19a47c59a6
be03adbfce4a46c4e42eae5ee7b5e676b59627fa25e15a317e453bb18153ff5f
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
ca527ca729a9e1bbacd7b9a93f3a6400183823ba24e8830947e7d0aa7cbaaf16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4dafdd94f789a13c39c29335b6cee9a513669c60d779ffb1f19c50f4b1b0c3e
f53af2d1fc5292ba1433b5c1faf50005ce6a997fa302d1816989929f379a59dc
f8da3232365b91d59adf7c695b1b62b68f2e73b503439e3e10ebd1c2457dbf0f